M1 mac cannot run jboss/keycloak docker image

Question

Switched to m1 mac a week ago and I cannot get my application up and running with docker because of the jboss/keycloak image not working as expected. Getting the following message from the container when trying to access localhost:8080

12:08:12,456 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-5) MSC000001: Failed to start service org.wildfly.network.interface.private: org.jboss.msc.service.StartException in service org.wildfly.network.interface.private: WFLYSRV0082: failed to resolve interface private

12:08:12,526 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("interface" => "private")]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.network.interface.private" => "WFLYSRV0082: failed to resolve interface private"}}

12:08:13,463 ERROR [org.jboss.as] (Controller Boot Thread) WFLYSRV0026: Keycloak 12.0.4 (WildFly Core 13.0.3.Final) started (with errors) in 20826ms - Started 483 of 925 services (54 services failed or missing dependencies, 684 services are lazy, passive or on-demand)

Tried with all image versions and all behave the same. Has anyone managed to run this image without issues? Thanks

Answer 1

Using this image, I am now able to startup keycloak. https://hub.docker.com/r/wizzn/keycloak

Answer 2

Also you can build the keycloak docker image locally, I was able to start keycloak after doing that. Here are the steps I follow;

1. Clone Keycloak containers repository: git clone [email protected]:keycloak/keycloak-containers.git
2. Open server directory (cd keycloak-containers/server)
3. Checkout at desired version, eg. git checkout 12.0.4
4. Build docker image docker build -t jboss/keycloak:12.0.4 .
5. Run Keycloak docker run --rm -p 9080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak:12.0.4

Answer 3

I'm on an m1 and I ran this and it worked.

docker run --platform=linux/amd64 -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:17.0.0 start-dev

I merely add --platform=linux/amd64 to their docker command I found in https://www.keycloak.org/getting-started/getting-started-docker

Answer 4

For Keycloak 16, docker 20.10 and docker-compose 1.29, this image works flawlessly: https://hub.docker.com/r/sleighzy/keycloak - as suggested by @zakjan.

A service like:

  keycloak:
    image: sleighzy/keycloak
    environment:
      ... your Keycloak config

Should be enough to get up and running.

Answer 5

I don't have a mac but I just started working with jboss/keycloak lately and have been able to get it to start.

Essentially what I did (assuming docker is installed):

docker pull jboss/keycloak:16.1.0 
docker run --env-file targetDB.txt -p 8080:8080 jboss/keycloak:16.1.0

Might have to do those commands with sudo

This pulls the jboss/keycloak image from docker hub and then it runs it exposing the port 8080 within the container to the host machine. It also uses the environment variables in the .txt file (which contains info on the database endpoint you wish to connect keycloak to to persist data).

If you don't specify --env-file <text file> I believe keycloak uses its default h2 Database which isn't the best.

I have my local jboss/keycloak pointing to an postgres db I have in an AWS RDS environment, so the contents of the targetDB.txt for me is:

DB_VENDOR=postgres
DB_ADDR=<my postgres aws rds endpoint>:5432
DB_DATABASE=<name of the database>
DB_USER=<db username to connect to postgres instance>
DB_PASSWORD=<password associated with db username to connect>

If I'm not mistaken the name of the Database in DB_DATABASE field must already exist. So you'll need to create that before running the docker run command.

After you do the docker run command above and the logs show it starting up you should be able to access the keycloak admin console on your local browser:

http://localhost:8080/auth

If this is the first time you're running keycloak you have to create a master/admin user before you can log in.

To add a master user, run these commands (while your keycloak is already running):

docker exec <container id or container name> /opt/jboss/keycloak/bin/add-user-keycloak.sh -u <USERNAME> -p <PASSWORD>

then you need to restart your keycloak container:

docker restart <container id or container name>

Again you might have to do those commands with sudo.

After thats done, go back to your local web browser http://localhost:8080/auth and you can now access the login page and actually login with the username and password you created above.

Answer 6

The location for building a quarkus version of keycloak has changed, so this method will not work anymore for any major releases greater than 16. But the following script will. Just save it as an sh. file and execute it in your terminal. By enabling the last line, this will also directly start an instance of Keycloak. The version number can be changed, but this is only tested for M1 chips and version 17.0.0.

VERSION=17.0.0 # set version here

cd /tmp
git clone [email protected]:keycloak/keycloak.git
cd keycloak/quarkus/container
git checkout $VERSION
docker build -t "quarkus-keycloak:$VERSION" .
#docker run -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin "quarkus-keycloak:$VERSION" start-dev --http-relative-path /auth

Answer 7

jboss/keycloak not supported arm64 for now. But you can use that image on docker hub: mihaibob/keycloak

https://hub.docker.com/r/mihaibob/keycloak

I'm using this and haven't difference.

Answer 8

There is an update to this issue - images for AMD64 and ARM64 architectures are now available and can be found here: https://quay.io/repository/keycloak/keycloak?tab=tags.

Ref the discussions in Github (https://github.com/keycloak/keycloak-containers/issues/341 and https://github.com/keycloak/keycloak/issues/8825).