测试配置为部署为 docker swarm 服务的集群的 Keycloak 运行状况的最佳方法是什么?
我尝试了以下健康检查来测试 Keycloak 服务描述符中的可用性:
healthcheck:
test: ["CMD-SHELL", "curl http://localhost:8080/auth/realms/[realm_name]"]
interval: 30s
timeout: 10s
retries: 10
start_period: 1m
还有更多需要检查的事情吗? 找不到这方面的文档。
Keycloak 21 使用了新的微基础镜像,因此“curl”不再包含在镜像中,因此健康检查将不再起作用。
如果 Keycloak 配置没有 HTTPS,我的解决方法是:
#!/bin/bash
exec 3<>/dev/tcp/localhost/8080
echo -e "GET /auth/health/ready HTTP/1.1\nhost: localhost:8080\n" >&3
timeout --preserve-status 1 cat <&3 | grep -m 1 status | grep -m 1 UP
ERROR=$?
exec 3<&-
exec 3>&-
exit $ERROR
healthcheck:
test: ["CMD", "curl", "-f", "http://0.0.0.0:8080/realms/master"]
start_period: 10s
interval: 30s
retries: 3
timeout: 5s
"healthCheck": {
"retries": 3,
"command": [
"CMD-SHELL",
"curl -f http://localhost:8080/health || exit 1"
],
"timeout": 5,
"interval": 60,
"startPeriod": 300
}
healthcheck:
test: ["CMD", "bash", "-c", "[ $(/opt/keycloak/bin/kcadm.sh get serverinfo --realm YOURREALM --fields '*' --server http://localhost:8080/auth/admin/serverinfo 2>&1 | grep Unauthorized | wc -l ) -eq 1 ]"]
interval: 10s
timeout: 20s
retries: 20
start_period: 10s