[bitnami/keycloak] switches keycloak-metrics service to point to new port (#30095)

* adds metrics port to values and uses in statefulset, metrics service and network policy Starting with Keycloak 25 the metrics port was switched from 8080/8443 to 9000. This commit introduces a metrics port in the containerPorts configuration. This metrics port is used to allow ingress via the network policy, expose the container port and also as target for the metrics service. The port of the metrics service itself is not changed. Therefore, metrics are still exposed on port 8080 to the outside. If Keycloak is started with KC_LEGACY_OBSERVABILITY_INTERFACE set, the containerPorts.metrics value can be set to 8080 restoring the old behaviour completely. Signed-off-by: Martin Schmidt <maschmi@maschmi.net> * exposes metrics port only if needed Only exposes the metrics port if metrics are enabled and the containerPorts.metrics differs from containerPorts.http. In the conditional the ports are quoted as otherwise helm threw an error when setting the containerPorts.metrics value via '-set' about not being able to compare different types. Signed-off-by: Martin Schmidt <maschmi@maschmi.net> * adds documentation for containerPorts.metrics and increments version Signed-off-by: Martin Schmidt <maschmi@maschmi.net> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * removes coalesce Signed-off-by: Martin Schmidt <maschmi@maschmi.net> * updates to next minor version Signed-off-by: Martin Schmidt <maschmi@maschmi.net> * switches metrics service to port 9000 Signed-off-by: Martin Schmidt <maschmi@maschmi.net> * casts the port values not to a string but an int When helm is called with '--set' it the number is interpreted as float whereas the value file interprets it as int. Signed-off-by: Martin Schmidt <maschmi@maschmi.net> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * removes trailing spaces Signed-off-by: maschmi <maschmi@maschmi.net> --------- Signed-off-by: Martin Schmidt <maschmi@maschmi.net> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Fran Mulero <francisco-jose.mulero@broadcom.com> Signed-off-by: maschmi <maschmi@maschmi.net> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Fran Mulero <francisco-jose.mulero@broadcom.com>
2026-03-27 15:27:10 +08:00 · 2024-11-06 09:18:18 +01:00
parent 75974989d0
commit 8ca86ae9ec
7 changed files with 27 additions and 7 deletions
--- a/bitnami/keycloak/CHANGELOG.md
+++ b/bitnami/keycloak/CHANGELOG.md
@@ -1,8 +1,12 @@
 # Changelog

-## 24.0.5 (2024-11-04)
+## 24.1.0 (2024-11-05)

-* [bitnami/keycloak] Added providers to the list of writable dirs ([#29998](https://github.com/bitnami/charts/pull/29998))
+* [bitnami/keycloak] switches keycloak-metrics service to point to new port ([#30095](https://github.com/bitnami/charts/pull/30095))
+
+## <small>24.0.5 (2024-11-04)</small>
+
+* [bitnami/keycloak] Added providers to the list of writable dirs (#29998) ([9de041c](https://github.com/bitnami/charts/commit/9de041c92e2788a108631052aa5401a9469e3592)), closes [#29998](https://github.com/bitnami/charts/issues/29998)

 ## <small>24.0.4 (2024-11-01)</small>

--- a/bitnami/keycloak/Chart.yaml
+++ b/bitnami/keycloak/Chart.yaml
@@ -33,4 +33,4 @@ maintainers:
 name: keycloak
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/keycloak
-version: 24.0.5
+version: 24.1.0
--- a/bitnami/keycloak/README.md
+++ b/bitnami/keycloak/README.md
@@ -376,6 +376,7 @@ As an alternative, you can use of the preset configurations for pod affinity, po
 | `revisionHistoryLimitCount`                         | Number of controller revisions to keep                                                                                                                                                                            | `10`             |
 | `containerPorts.http`                               | Keycloak HTTP container port                                                                                                                                                                                      | `8080`           |
 | `containerPorts.https`                              | Keycloak HTTPS container port                                                                                                                                                                                     | `8443`           |
+| `containerPorts.metrics`                            | Keycloak metrics container port                                                                                                                                                                                   | `9000`           |
 | `extraContainerPorts`                               | Optionally specify extra list of additional port-mappings for Keycloak container                                                                                                                                  | `[]`             |
 | `statefulsetAnnotations`                            | Optionally add extra annotations on the statefulset resource                                                                                                                                                      | `{}`             |
 | `podSecurityContext.enabled`                        | Enabled Keycloak pods' Security Context                                                                                                                                                                           | `true`           |
@@ -542,7 +543,7 @@ As an alternative, you can use of the preset configurations for pod affinity, po
 | Name                                       | Description                                                                                                               | Value   |
 | ------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------- | ------- |
 | `metrics.enabled`                          | Enable exposing Keycloak statistics                                                                                       | `false` |
-| `metrics.service.ports.http`               | Metrics service HTTP port                                                                                                 | `8080`  |
+| `metrics.service.ports.http`               | Metrics service HTTP port                                                                                                 | `9000`  |
 | `metrics.service.annotations`              | Annotations for enabling prometheus to access the metrics endpoints                                                       | `{}`    |
 | `metrics.service.extraPorts`               | Add additional ports to the keycloak metrics service (i.e. admin port 9000)                                               | `[]`    |
 | `metrics.serviceMonitor.enabled`           | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator                                              | `false` |
@@ -681,6 +682,11 @@ Find more information about how to deal with common errors related to Bitnami's

 ## Upgrading

+### To 24.1.0
+
+With this update the metrics service listening port is switched to 9000, the same as the keycloak management endpoint is using.
+This can be changed by setting `metrics.service.ports.http` to a different value, e.g. 8080 like before this change.
+
 ### To 23.0.0

 This major updates the PostgreSQL subchart to its newest major, 16.0.0, which uses PostgreSQL 17.x.  Follow the [official instructions](https://www.postgresql.org/docs/17/upgrading.html) to upgrade to 17.x.
--- a/bitnami/keycloak/templates/metrics-service.yaml
+++ b/bitnami/keycloak/templates/metrics-service.yaml
@@ -19,9 +19,9 @@ spec:
  type: ClusterIP
  ports:
    - name: http
-      port: {{ coalesce .Values.metrics.service.ports.http .Values.metrics.service.port }}
+      port: {{ .Values.metrics.service.ports.http }}
      protocol: TCP
-      targetPort: http
+      targetPort: {{ .Values.containerPorts.metrics }}
    {{- if .Values.metrics.service.extraPorts }}
    {{- include "common.tplvalues.render" (dict "value" .Values.metrics.service.extraPorts "context" $) | nindent 4 }}
    {{- end }}      
--- a/bitnami/keycloak/templates/networkpolicy.yaml
+++ b/bitnami/keycloak/templates/networkpolicy.yaml
@@ -66,6 +66,9 @@ spec:
    - ports:
        {{- /* Constant in code: https://github.com/keycloak/keycloak/blob/ce8e925c1ad9bf7a3180d1496e181aeea0ab5f8a/operator/src/main/java/org/keycloak/operator/Constants.java#L60 */}}
        - port: 7800
+        {{- if and (.Values.metrics.enabled) (not (eq (.Values.containerPorts.http | int) (.Values.containerPorts.metrics | int) )) }}
+        - port: {{ .Values.containerPorts.metrics }} # metrics and health
+        {{- end }}
        - port: {{ .Values.containerPorts.http }}
        {{- if .Values.tls.enabled }}
        - port: {{ .Values.containerPorts.https }}
--- a/bitnami/keycloak/templates/statefulset.yaml
+++ b/bitnami/keycloak/templates/statefulset.yaml
@@ -250,6 +250,11 @@ spec:
              containerPort: {{ .Values.containerPorts.https }}
              protocol: TCP
            {{- end }}
+            {{- if and (.Values.metrics.enabled) (not (eq (.Values.containerPorts.http | int) (.Values.containerPorts.metrics | int) )) }}
+            - name: metrics
+              containerPort: {{ .Values.containerPorts.metrics }}
+              protocol: TCP
+            {{- end}}
            {{- /* Constant in code: https://github.com/keycloak/keycloak/blob/ce8e925c1ad9bf7a3180d1496e181aeea0ab5f8a/operator/src/main/java/org/keycloak/operator/Constants.java#L60 */}}
            - name: discovery
              containerPort: 7800
--- a/bitnami/keycloak/values.yaml
+++ b/bitnami/keycloak/values.yaml
@@ -293,10 +293,12 @@ replicaCount: 1
 revisionHistoryLimitCount: 10
 ## @param containerPorts.http Keycloak HTTP container port
 ## @param containerPorts.https Keycloak HTTPS container port
+## @param containerPorts.metrics Keycloak metrics container port
 ##
 containerPorts:
  http: 8080
  https: 8443
+  metrics: 9000
 ## @param extraContainerPorts Optionally specify extra list of additional port-mappings for Keycloak container
 ##
 extraContainerPorts: []
@@ -1009,7 +1011,7 @@ metrics:
    ## @param metrics.service.ports.http Metrics service HTTP port
    ##
    ports:
-      http: 8080
+      http: 9000
    ## @param metrics.service.annotations [object] Annotations for enabling prometheus to access the metrics endpoints
    ##
    annotations: