Keycloak in Docker #6 – How to import realms from a directory

featured image

If we want to import multiple Keycloak realms, or realm resources are split into multiple files, we need to execute a directory import at boot time. Fortunately, running a Keycloak service with Docker makes this task easy.

Prerequsites

Configure importing Keycloak relams from a directory

The example Docker Compose configuration used below is available in the https://gist.github.com/little-pinecone/6b52ccd1fc0296b267e810d43fd01f3b GitHub gist.

The importance of the naming convention

As we can read in the docs:

When importing from a directory, the filenames must follow this naming convention:

<REALM_NAME>-realm.json. For example, “acme-roadrunner-affairs-realm.json” for the realm named “acme-roadrunner-affairs”.

<REALM_NAME>-users-<INDEX>.json. For example, “acme-roadrunner-affairs-users-0.json” for the first user’s file of the realm named “acme-roadrunner-affairs”.

https://www.keycloak.org/docs/16.1/server_admin/#assembly-exporting-importing_server_administration_guide

Make sure the resources for your realms follow this naming convention. Otherwise, some or all of the files may be skipped completely from import.

Add a Docker volume for the imported resources

First, I’m going to create a Docker volume to make the import assets available in the /tmp/import directory in the container. Below you’ll find the relevant configuration from my docker-compose.yml file:

Provide the required options when running the container

Next, I’m going to add the minimum configuration required to perform the directory import to my docker-compose.yml file:

This configuration will overwrite existing realms by default. For other keycloak.migration.X options, see the official Keycloak documentation on importing and exporting the database.

Import a Keycloak realm that has been exported in multiple files

Below you can see the starting point for importing my keep-growing realm:

realm resources for directory import locally

To summarize, I have one file with the realm configuration and one with the associated users. With the Docker Compose configuration described in the previous section, I’m going to start the container using the docker-compose up -d command.

As a result, we can see in the screenshot below that the volume with realm resources was mapped properly:

realm resources for directory import in the container

Furthermore, the container logs contain entries documenting a successful import:

At last, we can examine the imported realm in the Keycloak Admin Console:

users imported to the keep-growing realm

Import multiple Keycloak realms

Below you can see the starting point for importing my keep-growing and Example-Realm realms:

realms for directory import locally

To summarize, I have two files, one for each realm. With the Docker Compose configuration described in the previous section, I’m going to start the container using the docker-compose up -d command.

Consequently, we can see in the screenshot below that the volume with realms is available in the container:

realms for directory import in the container

Furthermore, the container logs contain entries documenting successful imports:

Finally, we can examine the imported realm in the Keycloak Admin Console:

multiple realms imported to Keycloak

Read more on Keycloak directory import

Photo by Vlada Karpovich from Pexels

Leave a Reply

Your email address will not be published.