Hi Dan Thanks for trying to help, I will check tomorrow. specifically. oc rsh pod_name_from_above ls -l /opt/sso-demo
I've already had some initial experience with deploying into Minishift. It just happens that Keycloak is involved in this case, but I asked on this list because I thought the issue was generic. Yes. my basic understanding is that the 'minishift hostfolder' is for syncing with the actual host. I'm not even sure a similar option exists for the multi-cluster case. But I'd just like to start with something simple enough :-). I'll update when I get the check done Cheers, Sergey On Thu, May 24, 2018 at 5:57 PM, Dan Pungă <[email protected]> wrote: > Hi! > > Does the new deployment run successfully? In the running pod can you check > to see if the json file is actually there (mounted). I haven't used the > minishift hostfolder option before, but I thought it has to do with the > docker-iso VM <-> host interaction and not with the actual pods/containers > inside VM. > oc get pods > will give the the running pod inside the project > oc rsh pod_name_from_above ls -l /opt/sso-demo > to have a look inside the pod in the /opt/sso-demo dir, if the > sso-demo.json file is there > > In order for oc to work you have to have the binary exported on your path, > or alternatively run this from the minishift folder where it is > located....should be in the cache/oc directory. > > I'm not sure what you're trying to do. When you say "refer to the the > non-encoded Keycloak realm on the disk instead", do you mean you'd like to > edit/update that json so that Keycloak uses your version? If this is the > case, with the current configuration, this could be done by editing the > secret (which should be base64 encoded) and rerolling the deployment to > restart the pod. https://docs.openshift.org/latest/dev_guide/secrets.html# > secrets-and-the-pod-lifecycle > > If the Keycloack server that is running inside the pod (of which I have 0 > knowledge..:) ) is able to reread this file without the need to restart and > you want to modify this file on the fly, then I guess you can't do that if > it's mounted as a secret volume and need to add some configuration to that > list of resources from github(add a build configuration that customizes the > image used so that the json config is placed and looked for in "pod space", > add an imagestream for it and reference this custom imagestream in the > deployconfiguration). > > Hope you'll also get a response from someone that is more familiar with > the environment. > > B0est of luck, > Dan > > On 24.05.2018 13:31, Sergey Beryozkin wrote: > > Hi, > > I'm new to Open Shift so apologize for what looks like a fairly basic > query, I did do some archive checks, but could not find a simple answer. > > I'm experimenting with this configuration: > https://github.com/wildfly-swarm-openshiftio-boosters/ > wfswarm-rest-http-secured/blob/master/service.sso.yaml > > It is part of the demo which shows how a Keycloak server can be easily > deployed and it has been optimized to make the deployment very easy to do. > I'm currently trying it with Minishift 1.17.0. > > This configuration inlines several resources. For example, [1], which is a > Base64 encoded Keycloak realm > > which is then copied to the volume as a secret [2] and is made visible to > Keycloak [3]. > > I'd like to try refer to the the non-encoded Keycloak realm on the disk > instead. > > I've tried a Minishift hostfolder command to mount a demo folder where the > non-encoded realm exists: > > SSO_DEMO sshfs .../boosters/wfswarm-rest-http-secured/minishift > /opt/sso-demo > > where in the local wfswarm-rest-http-secured/minishift folder I have an > unencoded sso-demo.json file. > > Next I removed the [1] block and [2] as well. I managed to import the > updated config, but the realm file is not visible to KeyCloak. > > If appreciate any advice/guidance. I've seen the docs about persistent > volumes, but I'm not sure it is the right way to go. > > Thanks, Sergey > > > [1] https://github.com/wildfly-swarm-openshiftio-boosters/ > wfswarm-rest-http-secured/blob/master/service.sso.yaml#L11 > [2] > https://github.com/wildfly-swarm-openshiftio-boosters/ > wfswarm-rest-http-secured/blob/master/service.sso.yaml#L147 > [3] https://github.com/wildfly-swarm-openshiftio- > boosters/wfswarm-rest-http-secured/blob/master/service.sso.yaml#L120 > > > > > > _______________________________________________ > users mailing > [email protected]http://lists.openshift.redhat.com/openshiftmm/listinfo/users > > >
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
