Connecting Keycloak with Postgres database

Question

I am trying to connect Keycloak (20.0.3) with Postgres database using Docker. These are the steps that I've taken to configure it:

1. docker network create keycloak-network
2. docker run --name postgresP -p 5432:5432 -d --net keycloak-network -e POSTGRES_PASSWORD=admin -e POSTGRES_USER=admin -e POSTGRES_DB=pdb -d postgres:latest
3. docker run -p 9090:9090 --name keycloakP --net keycloak-network -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin -e KC_DB=postgres -e KC_DB_URL=jdbc:postgresql://localhost:5432/pdb -e KC_DB_USERNAME=admin -e KC_DB_PASSWORD=admin quay.io/keycloak/keycloak:latest start-dev

But I am getting the following error. I tried to troubleshoot but unfortunately the documentation for Keycloak is not that great. Any leads will be highly appreciated. Thanks in advance.

2023-02-10 11:08:36,986 DEBUG [io.quarkus.bootstrap.classloading.QuarkusClassLoader] (main) Adding elements io.quarkus.bootstrap.classloading.PathTreeClassPathElement[io.quarkus:quarkus-devservices-common / runtime=false resources=null] to QuarkusClassLoader Augmentation Class Loader: PROD

2023-02-10 11:08:36,987 DEBUG [io.quarkus.bootstrap.classloading.QuarkusClassLoader] (main) Adding elements io.quarkus.bootstrap.classloading.PathTreeClassPathElement[io.quarkiverse.vault:quarkus-vault-deployment / runtime=false resources=null] to QuarkusClassLoader Augmentation Class Loader: PROD

2023-02-10 11:08:36,987 DEBUG [io.quarkus.bootstrap.classloading.QuarkusClassLoader] (main) Adding elements io.quarkus.bootstrap.classloading.PathTreeClassPathElement[org.keycloak:keycloak-quarkus-server-deployment / runtime=false resources=null] to QuarkusClassLoader Augmentation Class Loader: PROD

2023-02-10 11:08:39,257 DEBUG [io.quarkus.bootstrap.classloading.QuarkusClassLoader] (main) Adding elements io.quarkus.bootstrap.classloading.PathTreeClassPathElement[/ runtime=true resources=null] to QuarkusClassLoader Deployment Class Loader: PROD

2023-02-10 11:08:39,290 DEBUG [io.quarkus.deployment.QuarkusAugmentor] (main) Beginning Quarkus augmentation

2023-02-10 11:08:40,193 TRACE [io.quarkus.bootstrap.classloading.QuarkusClassLoader] (main) Class quarkus.properties not found in parent first load from java.net.URLClassLoader@192c3f1e

2023-02-10 11:08:40,194 TRACE [io.quarkus.bootstrap.classloading.QuarkusClassLoader] (main) Class quarkus.properties not found in parent first load from java.net.URLClassLoader@192c3f1e

ERROR: Failed to run 'build' command.
ERROR: No value present

What I am trying to achieve is use custom DB for Keycloak instead of H2 and later on, create persistent users/configs via same.

Answer 1

You KC_DB_URL setting is incorrect; Postgres is not running on localhost (which would mean, "in the keycloak container"); it's running in your postgresP container, so you need to use that contianer name as the hostname:

KC_DB_URL=jdbc:postgresql://postgresP:5432/pdb

This isn't going to result in a working configuration because when you're starting the Keycloak container you're setting -p 9090:9090, but Keycloak is listening on port 8080 inside the container, so you would need -p 9090:8080.

You don't need to publish ports (-p 5432:5432) on the postgres container in order to access it from the keycloak container; the port publishing is only necessary if you want to access the database from your host or elsewhere on the network.

---

A couple of comments unrelated to the problem:

1. Using postgres:latest as your image is going to cause problems at some point when :latest unexpectedly gets you a new major version of Postgres; use an explicit version instead (e.g. postgres:15).

   The same holds true for most images -- it's almost always a good idea to pin to a specific version (or at least a specific major version).

2. Do yourself a favor and use docker compose instead of manually running a bunch of docker run commands. Your current configuration could be represented by the following docker-compose.yaml:

   services:
     postgres:
       image: postgres:15
       environment:
         POSTGRES_PASSWORD: admin
         POSTGRES_USER: admin
         POSTGRES_DB: pdb
     keycloak:
       image: quay.io/keycloak/keycloak:20.0
       environment:
         KEYCLOAK_ADMIN: admin
         KEYCLOAK_ADMIN_PASSWORD: admin
         KC_DB: postgres
         KC_DB_URL: jdbc:postgresql://postgres/pdb
         KC_DB_USERNAME: admin
         KC_DB_PASSWORD: admin
       ports:
         - 9090:8080
       command:
         - start-dev
   

   Put the above in docker-compose.yaml and then run docker compose up.

   You'll note that I am not publishing postgres ports in this example, in line with my earlier comment.

3. Regardless of whether you're using docker compose or just multiple docker run command lines, you probably want to use a Docker volume for your postgres data so that you don't lose everything when you restart the container.

   I haven't configured that in my example, but you'll find appropriate examples in the official docs and all over the place on this website.