0

I have two keycloak instances running on two separate swarm stacks.

this is how my stack file looks like:

INSTANCE 1

version: "3.4"

services:
  # keycloak Server
  keycloak:
    image: jboss/keycloak:11.0.0
    deploy:
      replicas: 1
      update_config:
        parallelism: 1
        delay: 10s
        order: start-first
      restart_policy:
        condition: on-failure
    environment:
      # DB_STUFF
      PROXY_ADDRESS_FORWARDING: "true"
    ports:
      - "18080:18080"
    command:
      - "-b"
      - "0.0.0.0"
      - "-Djboss.socket.binding.port-offset=10000"

INSTANCE 2

version: "3.4"

services:
  # keycloak Server
  keycloak:
    image: jboss/keycloak:11.0.0
    deploy:
      replicas: 1
      update_config:
        parallelism: 1
        delay: 10s
        order: start-first
      restart_policy:
        condition: on-failure
    environment:
      # DB_STUFF
      PROXY_ADDRESS_FORWARDING: "true"
    ports:
      - "18081:18081"
    command:
      - "-b"
      - "0.0.0.0"
      - "-Djboss.socket.binding.port-offset=10001"

And the nginx configuration:

    location /auth/ {
            proxy_pass http://localhost:18080/auth/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Forwarded-Port 80;
    }

    location /auth2/ {
            proxy_pass http://localhost:18081/auth/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Forwarded-Port 80;
    }

I wanted to be able to access each of them through a separate path, but when I try to access the admin console of the second instance at /auth2 it redirects me to the first one at /auth. I have little knowledge about nginx so any help is appreciated.

Improve this question

1 Answer 1

Reset to default
1

You may want to change the web context on your second Keycloak instance to auth2.

Set an environment variable WEB_CONTEXT to auth2 on your second Keycloak instance. Then add a CLI script file web-context.cli like this:

set WEB_CONTEXT=${env.WEB_CONTEXT:auth}
set KEYCLOAK_CONFIG_FILE=${env.KEYCLOAK_CONFIG_FILE:standalone-ha.xml}
set JBOSS_HOME=${env.JBOSS_HOME}

echo Setting web-context to $WEB_CONTEXT in $JBOSS_HOME/standalone/configuration/$KEYCLOAK_CONFIG_FILE

embed-server --server-config=$KEYCLOAK_CONFIG_FILE --std-out=echo
/subsystem=keycloak-server/:write-attribute(name=web-context,value=$WEB_CONTEXT)
stop-embedded-server

Add the file to /opt/jboss/startup-scripts.

See "Runnin custom scripts on startup" section in the README for details.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.