Alauda Build of Keycloak

Install

TOC

PrerequisitesInstalling the Alauda Build of Keycloak PluginProcedureVerifying the Installation

Prerequisites

Before installing Alauda Build of Keycloak, ensure the following:

  1. A running Kubernetes cluster (version 1.25 or higher).
  2. Sufficient cluster resources: at least 2 CPU cores and 2 GiB memory available for the Keycloak Pod.
  3. A PostgreSQL instance (version 13 or higher) accessible from within the cluster.
  4. The platform's application listing capability is available to list plugins in the target cluster.

Installing the Alauda Build of Keycloak Plugin

Procedure

Web Console
  1. Log in to the platform and go to the Platform Management page.
  2. In the left navigation bar, select Marketplace > Cluster Plugins.
  3. Select the target cluster.
  4. Find Alauda Build of Keycloak, click Install, and enter the deployment page.

Configuration Parameters:

ParameterRecommended Configuration
Upgrade StrategyManual: When a new version is available in the Marketplace, manual confirmation is required before upgrading the Operator.
Installation ModeCluster: All namespaces under the cluster share a single Operator, reducing resource consumption.
ChannelThe default channel is stable.
Installation LocationChoose Recommended Namespace: Automatically created if it does not exist.
  1. On the Install Operator page, select Default Configuration, then click Install to complete the deployment.
Use Manual Upgrade Strategy

Set the upgrade strategy to Manual for production environments. When set to Automatic, OLM upgrades the Operator immediately upon a new release, which can trigger unintended Keycloak version upgrades and database schema migrations. Database schema changes cannot be rolled back, making recovery from a failed automatic upgrade difficult.

Verifying the Installation

After installation, verify that the Operator Pod is running:

kubectl get pods -n <operator-namespace> -l app.kubernetes.io/name=keycloak-operator

Expected output:

NAME                                READY   STATUS    RESTARTS   AGE
keycloak-operator-xxxxxxxxx-xxxxx   1/1     Running   0          2m

Verify the CRDs were installed:

kubectl get crd | grep keycloak

Expected output:

keycloakrealmimports.k8s.keycloak.org   ...
keycloaks.k8s.keycloak.org              ...