Docker images for KeyCloak
The documentation below describes KeyCloak, which implements RapidMiner'sIdentity and Security. This is a component consisting of the following Docker images:
You can read a description for each container below.
These containers are only functional when deployed together, they will not function as intended individually. Check ourdeployment templatesto see how these should be deployed.
KeyCloak Database
This container implements a Postgres database which serves as the configuration store for the KeyCloak backend. This is a standard PostgreSQL docker image.
配置
- Volumes
keycloak-postgresql-vol: docker volume to persist the database data, maps internally to/var/lib/postgresql/data
- Ports: none.
- Environment variables:
POSTGRES_DB,POSTGRES_USER,POSTGRES_PASSWORD: credentials and database name where the KeyCloak data will be stored. The same values should be provided for theKeyCloak Service container.
KeyCloak Service
This container contains a pre-configured, hardened KeyCloak identity and access management engine. It contains all the definitions needed so that all components of the RapidMiner Platform can implement a single sign-on experience. Please read through oursecurity overviewfor more information.
For available versions, please see thetags on Docker Hub.
配置
- Volumes: none.
- Environment variables:
DB_VENDOR: defaults toPOSTGRES. Should not be changed unless a custom KeyCloak deployment needs to be integrated.DB_ADDR: (internal) address of theKeyCloak database.DB_DATABASE,DB_SCHEMA: database and schema used for the identity store. Should not be modified.DB_USER,DB_PASSWORD: username and password used to access theKeyCloak database.KEYCLOAK_USER,KEYCLOAK_PASSWORD: initial username and password that will be provisioned as the administrator user. Username defaults toadmin, password is eitherchangeiton local deployments, or the VM instance ID in case ofcloud image deployments.PROXY_ADDRESS_FORWARDING: controls proxy address forwarding. Defaults totrue. Should not be changed.KEYCLOAK_LOGLEVEL,ROOT_LOGLEVEL: not set by default, used for debugging purposes. Set both variables toDEBUGto enable debug logging.
