[BUG] unable to setup keycloak server

[jhjacobs81]

hello,

i am trying to follow this page: https://github.com/Cingulara/openrmf-docs/blob/master/step-by-step.md but after ten minutes, when i run ./setup-realm-linux.sh i get stuk, it keeps saying:

Keycloak Server IP

  Please make sure your Keycloak containers have been up for 
  at least 2 - 3 minutes as the initial setup and loading are 
  time consuming. Otherwise this script will fail.

  The Keycloak container is running in a docker container. It is
  probably called 'openrmf-keycloak' or something similiar.

  In 'docker ps' it shows as listening on port 9001.

  What is it's IP address? 0.0.0.0

OpenRMF Administrator account

  Note that Keycloak has its own administrator account called 'admin'.
  Consider using 'rmf-admin' or anything but 'admin' itself.

  Enter the Name of the first OpenRMF Administrator account: rmf-admin

Discovering local Keycloak Docker Container...
keycontainer: f9f9f82a4ed9

Authenticating to Keycloak Master Realm...
Logging into http://localhost:8080/auth as user admin of realm master
Invalid user credentials [invalid_grant]

Creating the Realm...
No server specified. Use --server, or 'kcadm.sh config credentials or connection'.

Setting Require SSL to none (off)...
No server specified. Use --server, or 'kcadm.sh config credentials or connection'.
No server specified. Use --server, or 'kcadm.sh config credentials or connection'.
No server specified. Use --server, or 'kcadm.sh config credentials or connection'.
No server specified. Use --server, or 'kcadm.sh config credentials or connection'.

and this goes on and on for the duration of the script. next to 0.0.0.0 i tried 192.168.1.3 (local ip) and 127.0.0.1

docker ps says:

CONTAINER ID   IMAGE                                                COMMAND                  CREATED         STATUS                PORTS                                                                              NAMES
f9f9f82a4ed9   jboss/keycloak:15.0.0                                "/opt/jboss/tools/do…"   5 minutes ago   Up 5 minutes          8443/tcp, 0.0.0.0:9001->8080/tcp, :::9001->8080/tcp                                openrmf-keycloak

so no IP there..

[DaleBinghamSoteriaSoft]

Sorry about that. A few questions to try this out locally

• what OS are you running on?
• What is the CPU and RAM to make sure we have enough resources
• what version of docker or docker desktop do you have to try and match that

We need to finalize the updated docker container base level fixes and add some DISA templates into an update now. So it will be good to see any other fix we need to do if there is one here. Or update documentation. Usually that script just connects inside the docker container with the default admin/admin and sets it up easily. You can see the actual commands in the SH or CMD and even try to run them interactively with docker exec -it openrmf-keycloak /bin/sh I believe. Just to see what error it gives you back.

[jhjacobs81]

• Ubuntu 22.4
• 8GB RAM
• Docker version 20.10.21, build baeda1f

This is all on a standard VPS, i will try to run it manually and reply :)

[allebone]

Same issue for me. Container appears to be constantly restarting. Container Log Output.txt

Tried completely wiping away and restarting install from beginning, problem occurred the same for me.

[DaleBinghamSoteriaSoft]

Check the amount of RAM you have given to Docker Desktop if on windows. I am not sure 8 GB of RAM total will allow all the pieces to be spun up.

I just ran a brand new install of this over the weekend from scratch and it worked 100% fine on a Linux based system. But my machine has a LOT of RAM and I give it 12 GB just for Docker Desktop or for the VMs that I run with a GUI.

I will have to setup a VM with Ubuntu 22.04 LTS with only 8 GB RAM and a GUI and see what I get from the OpenRMF OSS and all the container images spinning up though to mimic this.

If you can use a VM with more memory, try giving 12 GB or 16 GB just to see what you get just to be sure it is not lack of RAM.

If more than just Keycloak is rebooting it could point you to a lack of memory to run this as a possibility. I will do the same later this week.

[DaleBinghamSoteriaSoft]

You also could edit the keycloak docker-compose YML and comment out the volume lines in Keycloak possibly and then run ./stop.sh and ./start.sh to see if it is a volume mount / share / SELinux type of issue. Make sure you put the # in front of all 3 lines and then stop and restart.

    # volumes:
      # - ./themes/openrmf/:/opt/jboss/keycloak/themes/openrmf/:Z
      # - ./standalone-ha.xml:/opt/jboss/keycloak/standalone/configuration/standalone-ha.xml:Z

[DaleBinghamSoteriaSoft]

I did just test this on REL 8 with podman and podman-compose as well as-is and it worked correctly. But again I had 16 GB RAM and 6 processor cores so it is giving it a lot of memory. I will test on a much smaller VM shortly. I just had this vanilla one available as another test.

• assumes you have podman and podman compose (via pip3) installed
• assumes you ran sudo yum install podman-plugins
• assumes you ran sudo yum install dnsmasq or equivalent and rebooting after for DNS name resolution
• assumes you open port 9001 on your FW firewalld

[allebone]

Were waiting on the infra people to check out some VM stuff. I am betting it's something simple like the memory thing.

I did all the FW checks, but didnt think to look there.

[DaleBinghamSoteriaSoft]

@allebone if you are still running OSS let us know how you fixed this. If not, no worries. I know you are working toward OpenRMF Professional.

[allebone]

Oh my, I meant to close this….but realized I didnt open it. :)

For me: It was performance, they were attempting install on a NAS, and have since moved to a full fledged platform for docker, which massive memory available.

[jhjacobs81]

As for me, we have since moved on :) so i’ll close it then :)