CODEWITHSUNDEEP
mysqldockerjbosskeycloak
Saturnian
Saturnian

Reputation: 1948

Keycloak setup with a MySQL database

So, I'm following this tutorial here to set up keycloak with a MySQL database and honestly I simply cannot make any progress! It's been two days and I'm totally stuck.

I'm following this guide and I've followed the steps exactly as in the guide:

Create docker network:

docker network create keycloak-network

Start up mysql within this network:

docker run --name mysql -d --net keycloak-network -e MYSQL_DATABASE=keycloak -e MYSQL_USER=keycloak -e MYSQL_PASSWORD=password -e MYSQL_ROOT_PASSWORD=root-password mysql

Start up keycloak:

docker run -p 8080:8080 --name keycloak --net keycloak-network -e KEYCLOAK_LOGLEVEL=DEBUG -e KEYCLOAK_USER=kc-admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak

Additionally, on the mysql I have run the following commands:

CREATE SCHEMA keycloak;

CREATE USER 'keycloak'@'localhost' IDENTIFIED BY 'keyCloak@Idp123';

GRANT ALL PRIVILEGES ON *.* TO 'keycloak'@'localhost';

FLUSH PRIVILEGES;

and a SHOW GRANTS FOR 'keycloak'@'localhost' gives this output:

| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `keycloak`@`localhost`                                                                                                                                                                                                                    |
| GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FLUSH_OPTIMIZER_COSTS,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,XA_RECOVER_ADMIN ON *.* TO `keycloak`@`localhost` |

YET, I see this in the logs when the keycloak container is starting up:

Caused by: java.sql.SQLException: Access denied for user 'keycloak'@'172.18.0.3' (using password: YES)
    at [email protected]//com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:129)
    at [email protected]//com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:97)
    at [email protected]//com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:122)
    at [email protected]//com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:836)
    at [email protected]//com.mysql.cj.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:456)
    at [email protected]//com.mysql.cj.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:246)
    at [email protected]//com.mysql.cj.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:198)

So I thought okay maybe that IP address is a factor so I ran the SQL commands again for 'keycloak'@'172.18.0.3' but this issue still persists! How else can I get my keycloak to connect with the MySQL database?

Upvotes: 0

Views: 3877

Answers (1)

Mustafa G&#252;ler
Mustafa G&#252;ler

Reputation: 1014

You should not need to define user manually. You need to specify more environments for connections between db and keycloak for example DB_VENDOR. An Example : https://github.com/keycloak/keycloak-containers/blob/master/docker-compose-examples/keycloak-mysql.yml

For MYSQL;

MYSQL_USER, MYSQL_PASSWORD, MYSQL_DATABASE, MYSQL_ROOT_PASSWORD

For Keycloak;

DB_VENDOR, DB_ADDR, DB_PORT, DB_USER, DB_PASSWORD, DB_DATABASE, DB_SCHEMA, KEYCLOAK_USER, KEYCLOAK_PASSWORD

Upvotes: 1

Related Questions