Skip to main content

Deploying Eggplant IAM with Docker

This page describes how to deploy Keycloak in a Docker container. Before proceeding with the steps on this page, be sure to complete the pre-deployment steps for Windows or Linux.

Prepare environment

note

You can copy the command examples in this document by hovering over the right-side of the example to display a Copy button and then clicking it.

  1. Ensure that your TLS certificate and key are saved in pem format in separate files.

  2. Create a file called .env in the same folder as the Docker Compose file with the content below, updating the values to suit your installation:

    KC_ADMIN_USER=admin
    KC_ADMIN_PASSWORD=securepassword
    KEYCLOAK_URL=https://iam.example.com
    REALM_INSTALLER_CLIENT_SECRET=realm_installer_client_secret

    INITIAL_USER_USERNAME=username
    INITIAL_USER_PASSWORD=securepassword
    INITIAL_USER_GIVEN_NAME=given_name
    INITIAL_USER_FAMILY_NAME=family_name
    INITIAL_USER_EMAIL=email_address

    TLS_CERT=/path/to/tls.crt
    TLS_KEY=/path/to/tls.key

  3. If you would like to use an external PostgreSQL database then add the following to the file, updating the values for your installation:

    POSTGRES_HOSTNAME=hostname
    POSTGRES_PORT=5432
    POSTGRES_DB=postgres
    POSTGRES_USER=postgres
    POSTGRES_PASSWORD=password

Deploy Eggplant IAM with Docker

  1. Download an Eggplant IAM Docker Compose file here.

  2. Start Eggplant IAM by running the following command:

    docker compose --file docker-compose-6.3.103.yaml --profile default up -d

    Example output:

    [+] Running 1/1
    [+] Running 6/6loak_backend_network   Created                            0.1s
     ✔ Network keycloak_backend_network   Created                            0.1s
     ✔ Network keycloak_frontend_network  Created                            0.1s
     ✔ Volume "keycloak_kc-db-data"       Created                            0.0s
     ✔ Container postgres                 Healthy                            0.0s
     ✔ Container keycloak-server          Healthy                            0.0s
     ✔ Container nginx                    Started

  3. Run the realm provisoner to add the Eggplant specfic configuration to the installation:

    docker compose --file docker-compose-6.3.103.yaml --profile realm-config up

    Example output:

    [+] Running 1/0
     ✔ Container kc-realm-config-installer  Created                          0.0s
    Attaching to kc-realm-config-installer
    kc-realm-config-installer  | inclusions: /config/00_shared/*.yaml
    kc-realm-config-installer  | import_locs: /config/00_shared/*.yaml,
    kc-realm-config-installer  | 2025-04-15T16:33:44.905Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigApplication   : Starting KeycloakConfigApplication v6.4.0 using Java 21.0.6 with PID 8 (/app/keycloak-config-cli.jar started by nobody in /)
    kc-realm-config-installer  | 2025-04-15T16:33:44.908Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigApplication   : No active profile set, falling back to 1 default profile: "default"
    kc-realm-config-installer  | 2025-04-15T16:33:45.362Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigApplication   : Started KeycloakConfigApplication in 0.789 seconds (process running for 1.173)
    kc-realm-config-installer  | 2025-04-15T16:33:45.838Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigRunner        : Importing file 'file:/config/00_shared/01_master_realm.yaml'
    kc-realm-config-installer  | 2025-04-15T16:33:47.005Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigRunner        : Importing file 'file:/config/00_shared/02_shared_realm.yaml'
    kc-realm-config-installer  | 2025-04-15T16:33:48.544Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigRunner        : Importing file 'file:/config/00_shared/03_shared_client_scopes.yaml'
    kc-realm-config-installer  | 2025-04-15T16:33:48.856Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigRunner        : Importing file 'file:/config/00_shared/04_shared_client.yaml'
    kc-realm-config-installer  | 2025-04-15T16:33:49.196Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigRunner        : Importing file 'file:/config/00_shared/05_shared_client_roles.yaml'
    kc-realm-config-installer  | 2025-04-15T16:33:50.352Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigRunner        : Importing file 'file:/config/00_shared/06_shared_roles.yaml'
    kc-realm-config-installer  | 2025-04-15T16:33:50.914Z  INFO 8 --- [           main] d.a.k.config.KeycloakConfigRunner        : keycloak-config-cli ran in 00:05.243.
    kc-realm-config-installer exited with code 0
    info

    Other useful Docker commands:

    • docker-compose --profile name logs shows logs from all containers

    • docker logs container_name shows logs from selected container

    • docker-compose --profile name stop to stop running containers.

    • docker-compose --profile name down to tear down all deployed resources

Uninstalling

You can uninstall by running the command below.

docker compose --file docker-compose-<version>.yaml --profile default --profile realm-config down --volumes
Last updated on