skip to Main Content

I am running docker desktop (windows) and building docker image for keycloak 17.0.0 following the instructions at here. Build completes successfully but when I run this image in desktop I get error

ERROR [org.key.qua.run.cli.ExecutionExceptionHandler] (main) ERROR:
Failed to obtain JDBC connection

ERROR [org.key.qua.run.cli.ExecutionExceptionHandler] (main) ERROR: No
suitable driver found for jdbc:postgresql://postgres/keycloak

postgres is already running in docker desktop with the name "postgres" on default port 5432 and has keyclock database created.

Here is my Dockerfile:

FROM quay.io/keycloak/keycloak-x:latest as builder

ENV KC_METRICS_ENABLED=true
ENV KC_FEATURES=token-exchange
ENV KC_DB=postgres
RUN /opt/keycloak/bin/kc.sh build

FROM quay.io/keycloak/keycloak-x:latest
COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/
WORKDIR /opt/keycloak

RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore

ENV KEYCLOAK_ADMIN=admin
ENV KEYCLOAK_ADMIN_PASSWORD=admin

ENV KC_DB_URL='jdbc:postgresql://postgres/keycloak'
ENV KC_DB_USERNAME=postgres
ENV KC_DB_PASSWORD=postgres

ENV KC_HOSTNAME=localhost:8443
ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start"]

My understanding from the docs is, after setting "KC_DB=postgres", the build should have included postgres driver that appears to be missing.

Can somebody tell me what is wrong here? Thanks.

3

Answers


  1. I guess KC_DB is a runtime configuration. See build help:

    # ./kc.sh build -h
    ...
      Change database settings:
    
          $ kc.sh build --db=postgres [--db-url][--db-username][--db-password]
    ...
    

    So it should be build parameter --db=postgres.

    BTW: I would use quay.io/keycloak/keycloak:17.0.0 image (17.0.0 is first stable Quarkus based Keycloak release).

    Login or Signup to reply.
  2. I battled with this issue for a while. As Jan Garaj has mentioned --db=postgres is a runtime config. So changing the ENTRYPOINT to this fixed the issue for me:

    ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start-dev", "--db=postgres"]
    

    And the following if you need to run for production with "start":

    ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start", "--auto-build", "--db=postgres"]
    

    It is also worth mentioning that the same Dockerfile works with quay.io/keycloak/keycloak:latest. I switched the image and found keycloak to be more stable compared to the keycloak-x.

    Login or Signup to reply.
  3. As Jan Garaj and omufeed already stated, it is a runtime configuration. So the example Dockerfile is wrong. Move the ENV KC_DB=postgres to the second FROM section so i looks like

    [...]
    ENV KC_DB_URL='jdbc:postgresql://postgres/keycloak'
    ENV KC_DB_USERNAME=postgres
    ENV KC_DB_PASSWORD=postgres
    ENV KC_DB=postgres // HERE IT GOES
    [...]
    

    So you don’t have to modify the ENTRYPOINT and also can provide those environment variables in a docker compose file.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search