You are viewing the RapidMiner Deployment documentation for version 9.7 - Check here for latest version
Docker images for KeyCloak
The documentation below describes KeyCloak, which implements RapidMiner's Identity and Security. This is a component consisting of the following Docker images:
You can read a description for each container below.
These containers are only functional when deployed together, they will not function as intended individually. Check our deployment templates to see how these should be deployed.
KeyCloak Database
This container implements a Postgres database which serves as the configuration store for the KeyCloak backend. This is a standard PostgreSQL docker image.
Configuration
- Volumes
keycloak-postgresql-vol
: docker volume to persist the database data, maps internally to/var/lib/postgresql/data
- Ports: none.
- Environment variables:
POSTGRES_DB
,POSTGRES_USER
,POSTGRES_PASSWORD
: credentials and database name where the KeyCloak data will be stored. The same values should be provided for the KeyCloak Service container.
KeyCloak Service
This container contains a pre-configured, hardened KeyCloak identity and access management engine. It contains all the definitions needed so that all components of the RapidMiner Platform can implement a single sign-on experience. Please read through our security overview for more information.
For available versions, please see the tags on Docker Hub.
Configuration
- Volumes: none.
- Environment variables:
DB_VENDOR
: defaults toPOSTGRES
. Should not be changed unless a custom KeyCloak deployment needs to be integrated.DB_ADDR
: (internal) address of the KeyCloak database.DB_DATABASE
,DB_SCHEMA
: database and schema used for the identity store. Should not be modified.DB_USER
,DB_PASSWORD
: username and password used to access the KeyCloak database.KEYCLOAK_USER
,KEYCLOAK_PASSWORD
: initial username and password that will be provisioned as the administrator user. Username defaults toadmin
, password is eitherchangeit
on local deployments, or the VM instance ID in case of cloud image deployments.PROXY_ADDRESS_FORWARDING
: controls proxy address forwarding. Defaults totrue
. Should not be changed.KEYCLOAK_LOGLEVEL
,ROOT_LOGLEVEL
: not set by default, used for debugging purposes. Set both variables toDEBUG
to enable debug logging.