Update README

[nonrtric.git] / service-exposure / keycloak.yaml

diff --git a/service-exposure/keycloak.yaml b/service-exposure/keycloak.yaml
index d611c6d..2beace2 100644 (file)
--- a/service-exposure/keycloak.yaml
+++ b/service-exposure/keycloak.yaml
@@ -20,23 +20,24 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: keycloak 
+  name: keycloak
   namespace: default
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: keycloak
+  namespace: default
   labels:
     app: keycloak
 spec:
   type: ExternalName
-  externalName: keycloak.local 
+  externalName: keycloak.local
   ports:
   - name: http
     port: 8080
     targetPort: 8080
-    nodePort: 31560 
+    nodePort: 31560
   - name: https
     port: 8443
     targetPort: 8443
@@ -65,20 +66,20 @@ spec:
       initContainers:
       - name: init-postgres
         image: busybox
-        imagePullPolicy: IfNotPresent 
+        imagePullPolicy: IfNotPresent
         command: ['sh', '-c', 'until nc -vz postgres 5432; do echo waiting for postgres db; sleep 2; done;']
-      serviceAccountName: keycloak 
+      serviceAccountName: keycloak
       containers:
       - name: keycloak
-        image: quay.io/keycloak/keycloak:latest
-        imagePullPolicy: IfNotPresent 
+        image: quay.io/keycloak/keycloak:16.1.1
+        imagePullPolicy: IfNotPresent
         env:
         - name: KEYCLOAK_USER
           value: "admin"
         - name: KEYCLOAK_PASSWORD
           value: "admin"
         - name: KEYCLOAK_HTTPS_PORT
-          value: "8443" 
+          value: "8443"
         - name: PROXY_ADDRESS_FORWARDING
           value: "true"
         - name: MANAGEMENT_USER
@@ -89,18 +90,18 @@ spec:
           value: "false"
         - name: DB_VENDOR
           value: "postgres"
-        - name: DB_ADDR 
+        - name: DB_ADDR
           value: "postgres"
-        - name: DB_PORT 
+        - name: DB_PORT
           value: "5432"
         - name: DB_DATABASE
           value: "keycloak"
         - name: DB_USER
-          value: "keycloak" 
+          value: "keycloak"
         - name : DB_PASSWORD
-          value: "keycloak" 
-        - name : X509_CA_BUNDLE 
-          value: /etc/x509/https/rootCA.crt 
+          value: "keycloak"
+        - name : X509_CA_BUNDLE
+          value: /etc/x509/https/rootCA.crt
         ports:
         - name: http
           containerPort: 8080
@@ -111,18 +112,19 @@ spec:
             path: /auth/realms/master
             port: 8080
         volumeMounts:
-        - name: keycloak-certs 
-          mountPath: /etc/x509/https 
+        - name: keycloak-certs
+          mountPath: /etc/x509/https
       volumes:
-      - name: keycloak-certs 
+      - name: keycloak-certs
         hostPath:
-           path: /var/keycloak/certs 
+           path: /var/keycloak/certs
            type: Directory
 ---
 apiVersion: networking.istio.io/v1alpha3
 kind: Gateway
 metadata:
   name: kcgateway
+  namespace: default
 spec:
   selector:
     istio: ingressgateway # use istio default ingress gateway
@@ -134,7 +136,7 @@ spec:
     tls:
       mode: PASSTHROUGH
     hosts:
-    - keycloak.est.tech
+    - keycloak.oran.org
   - port:
       number: 80
       name: http
@@ -146,16 +148,17 @@ apiVersion: networking.istio.io/v1alpha3
 kind: VirtualService
 metadata:
   name: keycloak-tls-vs
+  namespace: default
 spec:
   hosts:
-  - keycloak.est.tech
+  - keycloak.oran.org
   gateways:
   - kcgateway
   tls:
   - match:
     - port: 443
       sniHosts:
-      - keycloak.est.tech
+      - keycloak.oran.org
     route:
     - destination:
         host: keycloak.default.svc.cluster.local
@@ -166,11 +169,12 @@ apiVersion: networking.istio.io/v1beta1
 kind: VirtualService
 metadata:
   name: keycloak-vs
+  namespace: default
 spec:
   hosts:
   - "*"
   gateways:
-  - kcgateway 
+  - kcgateway
   http:
   - name: "keycloak-routes"
     match: