Access Keycloak's Admin Console with Apache Guacamole

Table of Contents

• Overall Process
• What is Keycloak?
• The Inception Experiment
• Keycloak Guide with Apache Guacamole
• Feedback and Questions

Overall Process

Here’s a nice experiment with the Threefold Grid that makes use of a previous guide, Apache Guacamole.

We deploy a VM on the TF Grid, then access Apache Guacamole with XRDP and get a desktop environment. Then we install Docker and set Keycloak locally on the VM to access the admin console.

What is Keycloak?

“Keycloak is an open source software product to allow single sign-on with identity and access management aimed at modern applications and services.”

For more information, go to the official Keycloak website.

The Inception Experiment

The fun part is that, Keycloak can function well when run locally, but if you want to access from a VM, you usually need to set an HTTPS connection with Wildfly. This can be troublesome and tedious.

So what we did here was to deploy Keycloak locally, BUT on the VM. To do this you need a desktop environment to run a web browser and access Keycloak’s admin console. This way, Keycloak doesn’t need HTTPS as it is running locally with HTTP and cannot be accessed from the outside. It is thus secure.

The only thing left to do was to assign a different port instead of the usual port 8080. This is needed since Apache Guacamole is already using port 8080. For this example, we use the port 8008.

Here is what it looks like: an inception TF Deployment, a locally-run Keycloak deployed on a VM.

keycloak_guacamole_tf2117×1276 279 KB

Keycloak Guide with Apache Guacamole

It becomes now really easy to deploy and access Keycloak’s admin console using Apache Guacamole.

Here are the simple steps:

• Set Apache Guacamole as per the Apache Guacamole Threefold Guide
• Download and run Docker

  • curl -fsSL https://get.docker.com -o get-docker.sh
    

  • sudo sh ./get-docker.sh
    

• Run Keycloak “locally” (on the VM!), with the port 8008 instead of 8080

  • sudo docker run -p 8008:8008 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:21.1.1 start-dev --http-port 8008
    

• Open the VM’s browser through Apache Guacamole (Firefox for example)
• Access Keycloak

  • http://localhost:8008/admin
    

• As per the line above, the name and password to access Keycloak are both admin

Feedback and Questions

If you have any questions, please let us know.

Have a try if you want and tell us how it went.

Thanks for reading!