The point is, I want to deploy my project to Docker, and the project consists of several microservices, in Docker Compose the configuration of Keycloak is described, and if you run the application on localhost, it easily connects to Keycloak via localhost. So now there is a need to configure my application in Docker, in Docker it should access Keycloak not via localhost, but via the container name. I am trying to build the application on this configuration:
spring:
data:
mongodb:
uri: mongodb://localhost:27017/task
application:
name: task-service
security:
oauth2:
client:
registration:
keycloak:
client-id: task-client
client-secret: [redacted]
scope: openid, profile
authorization-grant-type: authorization_code
provider:
keycloak:
issuer-uri: http://localhost:8180/auth/realms/task-realm
user-name-attribute: preferred_username
resource-server:
jwt:
issuer-uri: http://localhost:8180/auth/realms/task-realm
jwk-set-uri: http://localhost:8180/auth/realms/task-realm/protocol/openid-connect/certs
Moreover, the build requires that keycloak be launched, otherwise the build will not be assembled. And then in docker-compose I redefine these connection URLs to the URLs of the docker containers.
task:
image: task-service
container_name: task-service
ports:
- '8082:8082'
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongodb:27017/task
- EUREKA_CLIENT_SERVICE_URL_DEFAULTZONE=http://eureka-server:8090/eureka
- SPRING_SECURITY_OAUTH2_PROVIDER_KEYCLOAK_ISSUER_URI=http://keycloak:8180/auth/realms/task-realm
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI=http://keycloak:8180/auth/realms/task-realm
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI=http://keycloak:8180/auth/realms/task-realm/protocol/openid-connect/certs
- SPRING_RABBITMQ_HOST=rabbitmq
- SPRING_RABBITMQ_VIRTUAL_HOST=vhost
depends_on:
- eureka
- mongodb
- keycloak
- rabbitmq
networks:
- task-management
When "docker-compose up" task-service crashes with errors because I can’t connect to keycloak because it tries to connect via localhost, although I redefine keycloak in docker-compose. I have the same problem with Open Feign Client It can’t start because it can’t find the service it refers to. Can anyone tell me what I’m redefining incorrectly. For example, when I redefine mongo url, it is redefined
I expect help with overriding property of configuration beans of keycloak
>Solution :
If configuration is correct, ports references, and all environment variables are correctly references, you should probably add a healthcheck before starting all containers, dependson might not be enough:
version: '3.8'
This is the example just to show healthcheck service for mongoDb and keycloak, but it should be done the same way for all the others required by task container:
#just an example please use yours.
mongodb:
image: mongo
container_name: mongodb
ports:
- '27017:27017'
healthcheck:
test: ["CMD", "mongo", "--eval", "db.adminCommand('ping')"]
interval: 30s
timeout: 10s
retries: 5
#just an example please use yours.
keycloak:
image: jboss/keycloak
container_name: keycloak
ports:
- '8180:8080'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/auth/realms/master"]
interval: 30s
timeout: 10s
retries: 5
task-service:
image: task-service
container_name: task-service
ports:
- '8082:8082'
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongodb:27017/task
- EUREKA_CLIENT_SERVICE_URL_DEFAULTZONE=http://eureka-server:8090/eureka
- SPRING_SECURITY_OAUTH2_PROVIDER_KEYCLOAK_ISSUER_URI=http://keycloak:8180/auth/realms/task-realm
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI=http://keycloak:8180/auth/realms/task-realm
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI=http://keycloak:8180/auth/realms/task-realm/protocol/openid-connect/certs
- SPRING_RABBITMQ_HOST=rabbitmq
- SPRING_RABBITMQ_VIRTUAL_HOST=vhost
depends_on:
eureka:
condition: service_healthy
mongodb:
condition: service_healthy
keycloak:
condition: service_healthy
rabbitmq:
condition: service_healthy
networks:
- task-management
networks:
task-management:
driver: bridge