This project demonstrates modern identity management deployment using Kubernetes, showcasing Keycloak deployment with Crossplane for infrastructure as code.
keycloak-presentation/
βββ .kubernetes/ # Kubernetes manifests with Kustomize
β βββ base/
β β βββ kustomization.yaml
β β βββ namespace.yaml
β β βββ postgres/
β β β βββ deployment.yaml
β β β βββ service.yaml
β β β βββ kustomization.yaml
β β βββ keycloak/
β β βββ crossplane-release.yaml
β β βββ ingress.yaml
β β βββ kustomization.yaml
β βββ overlays/
β β βββ development/
β β β βββ kustomization.yaml
β β β βββ keycloak-dev-config.yaml
β β βββ production/
β β βββ kustomization.yaml
β β βββ keycloak-prod-config.yaml
β βββ cluster-setup/
β βββ kind-config.yaml
β βββ crossplane-config.yaml
β βββ ingress-nginx.yaml
βββ Makefile # Automation commands
βββ README.md # This file
- Kind - Kubernetes in Docker for local development
- Kubernetes - Container orchestration platform
- Kustomize - Kubernetes configuration management
- Helm - Kubernetes package manager
- Keycloak - Open-source identity and access management
- PostgreSQL - Database for Keycloak
- Crossplane - Kubernetes-native infrastructure management
- Crossplane Provider Helm - Helm chart deployment via Crossplane
- NGINX Ingress Controller - Ingress controller for Kind
- Docker 20.10+
- 8GB+ RAM
- 20GB+ free disk space
- Linux, macOS, or Windows with WSL2
Install all tools automatically:
make install-toolsOr install manually:
- Docker
- Kind
- kubectl
- Helm
- Node.js 18+
- npm
# Setup everything for presentation
make presentation-ready# Check all components
make status
# Test Keycloak accessibility
make test-keycloak
# View logs if needed
make logsmake create-cluster # Create Kind cluster
make delete-cluster # Delete Kind cluster
make cluster-info # Show cluster information
make install-ingress # Install NGINX Ingress Controllermake install-crossplane # Install Crossplane
make configure-crossplane # Configure Crossplane providers
make uninstall-crossplane # Remove Crossplane
make test-crossplane # Test Crossplane resourcesmake create-namespace # Create keycloak namespace
make deploy-postgres # Deploy PostgreSQL database
make deploy-keycloak # Deploy Keycloak via Crossplane
make setup-hosts # Add keycloak.local to /etc/hosts
make port-forward # Port forward Keycloak service
make reset-keycloak # Reset Keycloak deploymentmake status # Show status of all components
make logs # Show Keycloak logs
make describe-keycloak # Describe Keycloak release
make troubleshoot # Run troubleshooting checks
make versions # Show tool versionsmake cleanup-keycloak # Remove Keycloak resources
make cleanup-configs # Remove generated config files
make cleanup-all # Complete cleanupmake quick-setup # Setup cluster, ingress, Crossplane
make full-demo # Complete demo environment
make presentation-ready # Everything ready for presentationLocated in .kubernetes/base/, contains:
- namespace.yaml - Keycloak namespace definition
- postgres/ - PostgreSQL deployment and service
- keycloak/ - Keycloak Crossplane release and ingress
- development/ - Development-specific configurations
- production/ - Production-ready configurations
# Apply development configuration
kubectl apply -k .kubernetes/overlays/development
# Apply production configuration
kubectl apply -k .kubernetes/overlays/production
# Apply base configuration
kubectl apply -k .kubernetes/base- URL: https://keycloak.local:8443
- Admin Console: https://keycloak.local:8443/admin/master/console
- Username: admin
- Password: admin
https://gamma.app/docs/Bring-Your-Own-Identity-System-Boardwalk-Bytes-2025-fh76lhzu0gnqj8p
# Check cluster status
make cluster-info
# Verify context
kubectl config current-context
# Should be: kind-keycloak-demo
kubectl config use-context kind-keycloak-demo# Check ingress controller
kubectl get pods -n ingress-nginx
# Check ingress resources
kubectl get ingress -n keycloak
# Use port-forward as alternative
make port-forward# Check Crossplane status
make test-crossplane
# Check provider health
kubectl get providers
# View provider details
kubectl describe provider provider-helm# Check pod status
kubectl get pods -n keycloak
# View logs
make logs
# Check database connection
kubectl exec -it -n keycloak deployment/postgres -- psql -U keycloak -d keycloak -c '\l'# Comprehensive troubleshooting
make troubleshoot
# Monitor all resources
watch kubectl get all -n keycloak
# Check events
kubectl get events -n keycloak --sort-by=.metadata.creationTimestamp- Default passwords for demo purposes
- No TLS encryption
- Local cluster only
- Use strong, unique passwords
- Enable TLS with proper certificates
- Implement network policies
- Regular security updates
- Backup and disaster recovery procedures
- Fork the repository
- Create feature branch
- Make changes
- Test with
make presentation-ready - Submit pull request
# Clean environment
make cleanup-all
# Test full setup
make presentation-ready
# Verify all components
make status
make test-keycloakThis project is for educational and demonstration purposes. Individual components are licensed under their respective licenses:
- Keycloak: Apache License 2.0
- Crossplane: Apache License 2.0
- Kubernetes: Apache License 2.0
Ready to get started? Run make presentation-ready to set up everything for your presentation!
For questions or issues, please check the troubleshooting section or open an issue in the repository.