Use external database

The following steps show how to setup Keycloak with an external database.

Requirements

  • commodore

  • pwgen

  • vault

  1. Configure component parameters.

    keycloak:
  database:
    provider: external

    external:
      # Required parameters
      host: my-database-server.tld

      # Optional (default) parameters
      vendor: postgres
      port: 5432

    # only if deviating from default values:
    database: my-database
    username: my-username

  2. Set secrets

    key="clusters/kv/${TENANT_ID}/${CLUSTER_ID}/keycloak"

vault kv put -cas=0 "${key}" admin-password=$(pwgen -s 32 1) db-password=<your-external-db-password>

  3. Compile and push the cluster catalog