I've been trying to get a Keycloak Docker image to run on a Beanstalk environment for the last week without success.
My Dockerfile looks like this:
FROM quay.io/keycloak/keycloak:17.0.0 as builder
ENV KC_DB=postgres
RUN /opt/keycloak/bin/kc.sh build
FROM quay.io/keycloak/keycloak:17.0.0
COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/
WORKDIR /opt/keycloak
ENV KC_HTTP_ENABLED=true
ENV KC_HOSTNAME_STRICT=false
ENV KC_DB_POOL_INITIAL_SIZE=1
ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start-dev"]
The Dockerimage runs fine on localhost (docker run --rm -p 8080:8080 --env-file env.txt my/keycloak
).
http://localhost:8080/ shows a start page.
The chosen Plattform is a "Docker running on 64bit Amazon Linux 2/3.4.12".
I upload the image to Amazon ECR and load it in a Beanstalk instance with the following Dockerrun.aws.json:
{
"AWSEBDockerrunVersion": "1",
"Image": {
"Name": "0815.eu-central-1.amazonaws.com/my/keycloak:latest"
},
"Ports": [
{"ContainerPort": "8080"}
]
}
I have saved the necessary environment variables:
KC_DB, KC_DB_PASSWORD, KC_DB_POOL_INITIAL_SIZE, KC_DB_SCHEMA, KC_DB_URL, KC_DB_USERNAME,
KC_HOSTNAME_STRICT, KC_HTTP_ENABLED, KEYCLOAK_ADMIN, KEYCLOAK_ADMIN_PASSWORD
As a load balancer, I set up the Classic Load Balancer with a listener from 8080/HTTP to 8080/HTTP.
Now when I try to call the Beanstalk URL (http://Keycloak0815.eu-central-1.elasticbeanstalk.com:8080) I get a 503 error status.
A look at the logs shows no abnormalities. Keycloak has started successfully within the docker.
What am I doing wrong? What else do I need to configure to get access to the Docker image?
I'm grateful for any further information.