diff --git a/redhat/ocp4/4.15/2024.08.rhdh.book.md b/redhat/ocp4/4.15/2024.08.rhdh.book.md index ebaa5881..74f14063 100644 --- a/redhat/ocp4/4.15/2024.08.rhdh.book.md +++ b/redhat/ocp4/4.15/2024.08.rhdh.book.md @@ -505,9 +505,30 @@ We will use keycloak to manage the user, and use it as the oauth2 provider for t oc new-project demo-keycloak + +oc delete -f ${BASE_DIR}/data/install/keycloak-db-pvc.yaml -n demo-keycloak + +cat << EOF > ${BASE_DIR}/data/install/keycloak-db-pvc.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgresql-db-pvc +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +EOF + +oc create -f ${BASE_DIR}/data/install/keycloak-db-pvc.yaml -n demo-keycloak + + + oc delete -f ${BASE_DIR}/data/install/keycloak-db.yaml -n demo-keycloak cat << EOF > ${BASE_DIR}/data/install/keycloak-db.yaml +--- apiVersion: apps/v1 kind: StatefulSet metadata: @@ -526,6 +547,7 @@ spec: containers: - name: postgresql-db image: postgres:15 + args: ["-c", "max_connections=1000"] volumeMounts: - mountPath: /data name: cache-volume @@ -540,18 +562,8 @@ spec: value: keycloak volumes: - name: cache-volume - ephemeral: - volumeClaimTemplate: - metadata: - labels: - app: postgresql-db - spec: - accessModes: [ "ReadWriteOnce" ] - resources: - requests: - # storage size does not matter for hostpath, becuase it will use all of the disk free space. - # but it must be set to actual required size for other storage class - storage: 1Gi + persistentVolumeClaim: + claimName: postgresql-db-pvc --- apiVersion: v1 kind: Service @@ -624,8 +636,18 @@ oc get secret example-kc-initial-admin -n demo-keycloak -o jsonpath='{.data.user # admin oc get secret example-kc-initial-admin -n demo-keycloak -o jsonpath='{.data.password}' | base64 --decode && echo -# b60d1b2c0cdc4b10a3e7b46f234286e8 +# 51a3bf077ab5465e84c51729c6a29f27 + + +# in postgresql pod terminal +psql -U testuser -d keycloak +# Type "help" for help. +# keycloak=# SHOW max_connections; +# max_connections +# ----------------- +# 1000 +# (1 row) ``` Base on the demo requirement, we need to create a realm named `RHDH`, which will be used for rhdh later. diff --git a/redhat/ocp4/4.15/2024.10.keycloak.performance.md b/redhat/ocp4/4.15/2024.10.keycloak.performance.md index 7291b62d..54a9717c 100644 --- a/redhat/ocp4/4.15/2024.10.keycloak.performance.md +++ b/redhat/ocp4/4.15/2024.10.keycloak.performance.md @@ -257,6 +257,8 @@ export PATH=/opt/keycloak/bin:$PATH ```yaml spec: + http: + httpEnabled: true cache: configMapFile: key: keycloak.cache-ispn.xml @@ -517,7 +519,7 @@ oc apply -f ${BASE_DIR}/data/install/keycloak-script-create-users.yaml -n demo-k ```bash TOTAL_USERS=50000 -NUM_JOBS=5 +NUM_JOBS=10 USERS_PER_JOB=$((TOTAL_USERS / NUM_JOBS)) for job_id in $(seq 1 $NUM_JOBS); do @@ -567,7 +569,7 @@ spec: name: keycloak-script-config-${job_id} backoffLimit: 4 EOF - + oc delete -n demo-keycloak -f ${BASE_DIR}/data/install/keycloak-script-create-users-${job_id}.yaml oc apply -f ${BASE_DIR}/data/install/keycloak-script-create-users-${job_id}.yaml -n demo-keycloak done