Keycloak Service¶
The Keycloak service provides authentication. It is deployed as a Kubernetes pod and can be configured for scaling, resource allocation, and health monitoring. Configuration is defined under deployments.keycloak in the values.yaml file.
Configuration Options¶
General Settings¶
useJsonLogFormat: false # Enables structured JSON logging
clusterMode: true
Horizontal Pod Autoscaling (HPA) and Replicas¶
hpa:
enabled: false # Enables or disables HPA
cpu: 70 # Target CPU utilization percentage
maxReplicas: 5 # Maximum number of replicas
replicas: 1 # Default number of replicas
Image Configuration¶
image:
repository: lightruncom/keycloak
tag: ""
pullPolicy: IfNotPresent
Resource Allocation¶
resources:
cpu: 1000m # CPU limit
memory: 2Gi # Memory limit
Pod Labels & Annotations¶
podLabels: {}
podAnnotations: {}
annotations: {} # Deprecated in favor of podAnnotations
Extra Environment Variables¶
extraEnvs: []
Security Contexts¶
podSecurityContext: {}
containerSecurityContext: {}
Service Annotations & Labels¶
service:
annotations: {}
labels: {}
Volumes¶
extraVolumes: []
extraVolumeMounts: []
Init Containers¶
initContainers:
cluster_cert:
image:
repository: lightruncom/chart-helper
tag: latest
pullPolicy: ""
Note: The
cluster_certinit container is used only withinternal_tlsand keycloak cluster mode.
Pod Disruption Budget & Scheduling¶
podDisruptionBudget: {}
topologySpreadConstraints: []
affinity: {}
Health Probes¶
startupProbe:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 30
livenessProbe:
initialDelaySeconds: 200
periodSeconds: 50
timeoutSeconds: 30
successThreshold: 1
failureThreshold: 3
readinessProbe:
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
Last update: June 11, 2025