Edit Page

Back up Keycloak

This guide shows you how to back up Keycloak on your Rhize Kubernetes deployment.

Prerequisites

Before you start, ensure you have the following:

  • A designated backup location, for example ~/rhize-backups/keycloak.
  • Access to the Rhize Kubernetes Environment
  • Optional: kubectx utilities
    • kubectx to manage multiple clusters
    • kubens to switch between and configure namespaces easily
  • Optional: the k8 Lens IDE, if you prefer to use Kubernetes graphically

Also, before you start, confirm you are in the right context and namespace.

## context
kubectl config current-context
## namespace
kubectl get namespace

To change the namespace for all subsequent kubectl commands to libre, run this command:

kubectl config set-context --current --namespace=libre

For a reference of useful kubectl commands, refer to the official kubectl Cheat Sheet.

Steps

To back up Keycloak, follow these steps:

  1. Check the logs for the Keycloak pods, either in Lens or with kubectl logs. Ensure there are no errors.

  2. Retrieve the Keycloak user password using the following command, replacing with your namespace:

    kubectl get secret keycloak-<namespace>-postgresql -o jsonpath="{.data.postgres-password}" | base64 --decode
    
  3. Execute a command on the Keycloak Postgres pod to perform a full backup, replacing with your namespace:

    kubectl exec -i keycloak-<NAMESPACE>-postgresql-0 -- pg_dumpall -U postgres | gzip > keycloak-postgres-backup-$(date +"%Y%m%dT%I%M%p").sql.gz
    
  4. When prompted, use the password from the previous step. Expect the prompt multiple times for each database.

  5. Check the logs for the Keycloak Postgres pods, either in Lens or with kubectl logs. Ensure there are no errors relating to the backup.

Confirm success

On success, the backup creates a gzip file, keycloak-postgres-backup-YYYYMMDDTHHMMSS.sql.gz.

To check that the backup succeeded, unzip the files and inspect the data.

Next Steps