Which out of jboss & quay.io Keycloak should be used. Most discussionn online says quay.io but jboss works for me

Question

Running from a docker compose file

  keycloak:
    image: jboss/keycloak
    container_name: keycloak
    restart: always
    environment:
      KEYCLOAK_USER: admin
      KEYCLOAK_PASSWORD: admin
    ports:
      - "8080:8080"

Works for me where "works" means if I create a realm called wibble (redirect urls *) and a user called user1, when I go to http://localhost:8080/auth/realms/wibble/account I get a login prompt.

On doing the same thing for quay.io, the same url gives a "We are sorry, page not found" response

 keycloak:
    image: quay.io/keycloak/keycloak:latest
    command: start-dev
    restart: always
    environment:
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin
    ports:
      - 8080:8080

Also with the quay.io keycloak http://localhost:8080/ redirects to http://localhost:8080/auth/ which also give the same "We are sorry, page not found" response but going to http://localhost:8080/admin gives a login prompt.

Am I right in thinking that the quay.io keycloak is the later more supported one? And if so, does anyone have any ideas what on earth is going on with that simple docker compose file?

Answer 1

The jboss/keycloak no more update. It's last version published 2 years ago by jboss.org.

The lasted version is 16.1.1 It is no more update and support. Please refrain from using it.

The quay.io/keycloak/keycloak or keycloak/keycloak is correct image for Keycloak.

The quay.io/keycloak/keycloak directly a docker hub serve by RedHat

The keycloak/keycloak service form official docker hub by Keycloak community

Am I right in thinking that the quay.io keycloak is the later more supported one? Yes you are on track.

API URL

Old version URL It has /auth after host IP:port Up to version V18.

(19.0.3-legacy,19.0.2-legacy, 19.0.1-legacy, 19.0.0-legacy, 18.0.2-legacy too)

http://localhost:8080/auth/realms/{realm}/.well-known/openid-configuration

New version URL It has no more /auth after host IP:port Since Version V19

http://localhost:8080/realms/{realm}/.well-known/openid-configuration

http://localhost:8080/auth/ We are sorry... Issue

I have no idea how to fix it. But I have a workaround method.

This URL can access the admin login screen.

http://localhost:8080/admin/master/console

Simple docker compose

anyone have any ideas what on earth is going on with that simple docker compose file?

version: '3'
services:
  keycloak:
    image: quay.io/keycloak/keycloak:latest
    container_name: my_keycloak
    environment:
      KC_HOSTNAME: localhost
      KC_HOSTNAME_PORT: 8080
      KC_HOSTNAME_STRICT_BACKCHANNEL: "true"
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin
    command: start-dev
    ports:
      - 8080:8080

Keycloak community no update for docker-compose since 2 years ago. It support external database but old version V18

If you want to support external database and latest Keycloak. You can use bitnami's docker-compose

This is Version 23.0.6's docker compose with Postgres database

version: '3.7'

services:
  postgres:
    image: postgres
    volumes:
      - postgres_data:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: keycloak
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: password

  keycloak:
    image: quay.io/keycloak/keycloak:latest
    command: start-dev
    environment:
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://postgres/keycloak
      KC_DB_USERNAME: keycloak
      KC_DB_PASSWORD: password
      KC_HTTP_ENABLED: true
      KC_HEALTH_ENABLED: true
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin
    ports:
      - 8080:8080
    restart: always
    depends_on:
      - postgres
volumes:
  postgres_data:
    driver: local