Run (custom) Keycloak 17 Docker Image on AWS Beanstalk

0

I've been trying to get a Keycloak Docker image to run on a Beanstalk environment for the last week without success.

My Dockerfile looks like this:

FROM quay.io/keycloak/keycloak:17.0.0 as builder
ENV KC_DB=postgres
RUN /opt/keycloak/bin/kc.sh build

FROM quay.io/keycloak/keycloak:17.0.0
COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/
WORKDIR /opt/keycloak
ENV KC_HTTP_ENABLED=true
ENV KC_HOSTNAME_STRICT=false
ENV KC_DB_POOL_INITIAL_SIZE=1
ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start-dev"]

The Dockerimage runs fine on localhost (docker run --rm -p 8080:8080 --env-file env.txt my/keycloak). http://localhost:8080/ shows a start page.

The chosen Plattform is a "Docker running on 64bit Amazon Linux 2/3.4.12".

I upload the image to Amazon ECR and load it in a Beanstalk instance with the following Dockerrun.aws.json:

{
"AWSEBDockerrunVersion": "1",
"Image": {
	"Name": "0815.eu-central-1.amazonaws.com/my/keycloak:latest"
},
"Ports": [
	{"ContainerPort": "8080"}
]
}

I have saved the necessary environment variables:

KC_DB, KC_DB_PASSWORD, KC_DB_POOL_INITIAL_SIZE, KC_DB_SCHEMA, KC_DB_URL, KC_DB_USERNAME, 
KC_HOSTNAME_STRICT, KC_HTTP_ENABLED, KEYCLOAK_ADMIN, KEYCLOAK_ADMIN_PASSWORD

As a load balancer, I set up the Classic Load Balancer with a listener from 8080/HTTP to 8080/HTTP.

Now when I try to call the Beanstalk URL (http://Keycloak0815.eu-central-1.elasticbeanstalk.com:8080) I get a 503 error status.

A look at the logs shows no abnormalities. Keycloak has started successfully within the docker.

What am I doing wrong? What else do I need to configure to get access to the Docker image? I'm grateful for any further information.

akor
asked 2 years ago61 views
No Answers

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions