Stian,
I have no affiliation with Ansible, but you do ... since recently :-)
What I do is:
1. I configured KC with passwords, URLs for the apps, certificates,
Facebook tokens, etc.
2 I exported it into json dump files.
3. I repeated 1-2 until I had enough data for DEV, QA and PROD - all
different environments . Note that some parts of the exports remain the
same - roles, groups.
4. I templetized the exported json files so that Ansible can substitute the
environment sensitive bits and deploy to DEV, QA and PROD.
Same applies to the wildfly's standalone.xml - parametrize different
versions for DEV, QA, PROD.
It is royal pain to create the J2 templates, initially, but not as much as
trying to do it with jboss-cli (which I tried too, the Infinispan KC jboss
cli script killed me!).
None of this is ideal , but expecting devops to click around HTML UIs or
manually hack xml/json these days is not OK.
Docker by itself is too weak for this sort of deep configurations. 1.9
adds parameters, one can use env variables, but otherwise you are left with
shell scripting/perl, regex in your Dockerfile ...
This still might sounds like an overkill, but when you add jgroups,
cluster, network interfaces ,databases , firewall.... You start to realize
why Red Hat acquired Ansible :-)
/Hristo Stoyanov
On Dec 17, 2015 11:32 PM, "Stian Thorgersen" <sthorger(a)redhat.com> wrote:
On 17 December 2015 at 20:42, Hristo Stoyanov <hr.stoyanov(a)peruncs.com>
wrote:
> Dong,
> I struggled with the same issues... The only way to crush the complexity
> of Wildfly and Keycloak is Ansible. I use Ansible templates and Keycloak
> imports to consistently rebuild my setup. Works with Docker pretty darn
> well too. But the key is Ansible.
>
Only way? Sounds like you work for Ansible ;)
What exact things were you struggling with? We really do want to give
users a good experience with Keycloak and would like to make it easier to
install and configure if we can.
> /Hristo Stoyanov
> On Dec 17, 2015 11:26 AM, "Dong Xie" <xied75(a)gmail.com> wrote:
>
>> Dear all,
>>
>>
>>
>> I wonder how do I work around needing to browse the web page and login
>> with admin + admin to change the password? We are deploying keycloak in an
>> automated flow thus no human interaction is expected.
>>
>>
>>
>> Thanks very much for your help!
>>
>>
>>
>> Best,
>>
>>
>>
>> Dong
>>
>>
>>
>> Sent from Mail <
http://go.microsoft.com/fwlink/?LinkId=550986> for
>> Windows 10
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>