Description
Before reporting an issue
- I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
operator
Describe the bug
I have installed keycloak operator 26.1.4 and also used the keycloak manifest to get the keycloak statefulset up and running. But I can see that there is no service name associated with statefulset even if there exists two headless services for keycloak (one created implicitly by keycloak manifest and one created via helm chart by myself).
These are all the service associated with keycloak in my deployments:
Version
quay.io/keycloak/keycloak:26.1.4
Regression
- The issue is a regression
Expected behavior
The Service Name field for keycloak statefulset should be mapped to one of the headless services created (implicitly or explicitly) for keycloak.
Actual behavior
The Service Name field for keycloak statefulset in not bound/mapped to any one of the headless services created (implicitly or explicitly) for keycloak.
How to Reproduce?
- Install keycloak operator 26.1.4 on any kubernetes cluster using the following:
kubectl apply -f https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/26.1.4/kubernetes/keycloaks.k8s.keycloak.org-v1.yml kubectl apply -f https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/26.1.4/kubernetes/keycloakrealmimports.k8s.keycloak.org-v1.yml kubectl apply -f https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/26.1.4/kubernetes/kubernetes.yml - Install keycloak manifest using the below yaml file:
apiVersion: k8s.keycloak.org/v2alpha1 kind: Keycloak metadata: name: keycloak namespace: your-namespace spec: instances: 1 db: vendor: postgres host: your_db_host usernameSecret: name: keycloak-db-secret key: username passwordSecret: name: keycloak-db-secret key: password database: your_db_name port: 5432 http: httpEnabled: true hostname: strict: false - Check the service name in keycloak stateful set, it must not be unbound to any headless service (created implicitly by the name keycloak-discovery).
Anything else?
This issue pertains to keycloak statefulset not being associated with any service name which is a must for the statefulset to be scalable and for kubernetes internal DNS to work. There is no way to set this mapping in the existing keycloak CRD (v26.1.4).