Docker Image creation for Keycloak extensions and performance testing with Gatling

Overview

Keycloak is an OSS authentication infrastructure system that supports OAuth2.0, OIDC, etc. Keycloak can also be linked with an account for a service that provides an OpenID Provider (OP). For example, you can log in from your Google account or Facebook account.

A detailed description of authentication and Keycloak can be found in the following articles. https://www.atmarkit.co.jp/ait/articles/1708/31/news011.html

In this article, I will write about Keycloak extension development.


Keycloak is built from a framework called SPI, which allows you to extend existing functionality.

To check the operation of the extension during development, it is necessary to build with Maven, deploy to the Keycloak server, and change the configuration file.

This time, I aim to do this series of work when creating a Decker Image.

Also, with this method, you do not need to set Maven, Java, etc. locally, and you can develop and test if only Docker is installed.

Finally, the sample image of the result of the performance test by Gatling is added for reference.

Let's start by creating a Docker Image.

Create a customized Keycloak Docker image

1. Development code

This time, we will base it on the following sample code of the Keycloak extension.

https://github.com/keycloak/keycloak/tree/master/examples/providers/domain-extension

As you can see from the sample code README.md, the following steps are required to check the operation.

  1. Module build (mvn clean install)
  2. Deploy module by jboss-cli.sh
  1. Add Provider to standalone / configuration / standalone.xml configuration file
  2. Start / restart the Keycloak server

2. Create a Dockerfile file for Image build

Create a Dockerfile file so that you can do all of the above steps when creating an Image.

# Dockerfile
FROM maven:3.6.3-jdk-8 as builder

WORKDIR /usr/src/domain-extension

COPY ./pom.xml /usr/src/domain-extension/
RUN mvn -B package

COPY ./src/ /usr/src/domain-extension/
RUN mvn -B package

FROM jboss/keycloak:8.0.1
USER jboss

WORKDIR /opt/jboss/keycloak
COPY --from=builder /usr/src/domain-extension/target/domain-extension-example.jar /opt/jboss/keycloak/target/
COPY cli/domain-extension-provider.cli /opt/jboss/keycloak/cli/

RUN bin/jboss-cli.sh --command="module add --name=org.keycloak.examples.domain-extension-example --resources=target/domain-extension-example.jar --dependencies=org.keycloak.keycloak-core,org.keycloak.keycloak-services,org.keycloak.keycloak-model-jpa,org.keycloak.keycloak-server-spi,org.keycloak.keycloak-server-spi-private,javax.ws.rs.api,javax.persistence.api,org.hibernate,org.javassist,org.liquibase" && \
    bin/jboss-cli.sh --file=cli/domain-extension-provider.cli && \
    rm -rf /opt/jboss/keycloak/standalone/configuration/standalone_xml_history

(Since this build uses Maven's dependency resolution and the build cache first, the build time will be much faster by using the cache for the second and subsequent builds.)

Before building the above Docker Image, you need to add the following contents to the configuration file as shown in README.md.


<providers>
    ...
    <provider>module:org.keycloak.examples.domain-extension-example</provider>
</providers>

This can be done from jboss-cli.sh.

First, prepare the following files.

cli/domain-extension-provider.cli

embed-server --server-config=standalone.xml --std-out=echo
/subsystem=keycloak-server/:write-attribute(name=providers, value=["classpath:${jboss.home.dir}/providers/*","module:org.keycloak.examples.domainextension"])
stop-embedded-server

You can see that the above file has been added to the Dockerfile file to run from jboss-cli.sh.

3. Build Docker image

docker build -t keycloak-domain-extension .

4. Start the Keycloak server

docker run -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin --name keycloak keycloak-domain-extension

With this, I think that it will lead to improvement of development efficiency by doing all development and deployment from Docker Image.


Performance test

As for the performance test, I was able to get very detailed information from the result of executing it from the source code, so I will attach a sample image of the result. Detailed test method etc. can be referred from the test part of the source code.

https://gatling.io/ https://github.com/keycloak/keycloak/tree/master/testsuite/performance

As you can see from the image of the test result, we are doing a performance test using gatling, but we can confirm that we can get very detailed test data.

Recommended Posts

Docker Image creation for Keycloak extensions and performance testing with Gatling
Microservices With Docker and Cloud Performance
Build an Android image for Orange Pi 4 with Docker
Maybe it works! Create an image with Docker and share it!
Build Docker Image lightweight and fast with CodeBuild with Santa Banner
Sample code for basic mocking and testing with Mockito 3 + JUnit 5
Image Spring Boot app using jib-maven-plugin and start it with Docker
Create a Docker Image for redoc-cli and register it on Docker Hub
Run lambda with custom docker image
Environment construction with Docker for beginners
Hello World with Docker and C
2. Create Docker image and register Registry
Web application creation with Nodejs with Docker
Restart apache with docker php-apache image
Wait for PostgreSQL to start with Docker and then start the WEB service