Skip to main content

Migrate a Keycloak Embedded Database to a Database Service (Linux)

We recommend migrating the embedded database Keycloak comes with to a database service for Linux. For more information on the supported databases, refer to Supported databases for the new Keycloak store.

To migrate a PoolParty realm-specific Keycloak embedded database to a database service for Linux, do the following:

  1. Stop the PoolParty service if it's running at /path/to/poolparty/bin/poolparty.

  2. Do a complete backup of data at /path/to/poolparty.

  3. Go to the /path/to/poolparty/bin folder.

  4. Put the script into this folder. The script is called migrate-keycloak-to-db in this example and you can find it below.

  5. Make the migrate-keycloak-to-db file executable with chmod +x /path/to/poolparty/bin/migrate-keycloak-to-db.

  6. Edit the migrate-keycloak-to-db file and define the following:

    1. DB_VENDOR

    2. DB_USERNAME

    3. DB_PASSWORD

    4. DB_HOST

    5. DB_PORT

    6. DB_NAME

    Here is an example screenshot:

    image2022-11-11_10-14-25.png

  7. Execute ./migrate-keycloak-to-db to migrate to the defined database service.

    Tip

    If something goes wrong (for example you have provided a wrong database password), you can either recover the installation from the backup created in step 2 or execute ./migrate-keycloak-to-db rollback.

    Caution

    It is important to run the rollback before redoing the migration with changed settings.

Here is the script to migrate an embedded Keycloak database to a Linux database service.

#!/bin/bash

DB_VENDOR=<ENTER DB VENDOR HERE> # postgres, mariadb, mssql, mysql, oracle, postgres
DB_USERNAME=<ENTER 
DB USER HERE>
DB_PASSWORD=<ENTER 
DB PASSWORD HERE>
DB_HOST=<ENTER 
DB HOST HERE>
DB_PORT=<ENTER 
DB PORT HERE>
DB_NAME=<ENTER 
DB NAME HERE>

SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
KC_CONF_DIR="$SCRIPT_DIR/../auth_service/keycloak/conf"
KC_BIN_DIR="$SCRIPT_DIR/../auth_service/keycloak/bin"
BACKUP_DATE=`date "+%Y%M%d%H%M%S"`
BACKUP_DIR="$SCRIPT_DIR/backup-before-migrating-to-postgres"
LOG_FILE="$SCRIPT_DIR/migrate-keycloak-to-db.log"
case $1 in    
    migrate)    
    # stop services
    echo "Stopping PoolParty Services..."
    $SCRIPT_DIR/poolparty stop >> $LOG_FILE 2>&1
    # backup existing config files
    mkdir -p $BACKUP_DIR
    touch $BACKUP_DIR/$BACKUP_DATE
    cp $KC_CONF_DIR/keycloak.conf $BACKUP_DIR
    cp $SCRIPT_DIR/poolparty $BACKUP_DIR
    # backup realm
    echo "Exporting keycloak data..."
    $KC_BIN_DIR/kc.sh export --file $BACKUP_DIR/keycloak.json >> $LOG_FILE 2>&1
    cp $BACKUP_DIR/keycloak.conf $BACKUP_DIR/keycloak.conf.new
    # comment any db setting    echo "Configuring keycloak..."
    sed -e '/db/ s/^#*/#/' -i $BACKUP_DIR/keycloak.conf.new
    echo "" >> $BACKUP_DIR/keycloak.conf.new
    echo "# DB settings shipped by $0" >> $BACKUP_DIR/keycloak.conf.new
    echo "db=$DB_VENDOR" >> $BACKUP_DIR/keycloak.conf.new
    echo "db-username=$DB_USERNAME" >> $BACKUP_DIR/keycloak.conf.new
    echo "db-password=$DB_PASSWORD" >> $BACKUP_DIR/keycloak.conf.new
    echo "db-url-host=$DB_HOST" >> $BACKUP_DIR/keycloak.conf.new
    echo "db-url-port=$DB_PORT" >> $BACKUP_DIR/keycloak.conf.new
    echo "db-url-database=$DB_NAME" >> $BACKUP_DIR/keycloak.conf.new
    # all configuration done    # now copy new config to kc/conf folder
    cp $BACKUP_DIR/keycloak.conf.new $KC_CONF_DIR/keycloak.conf
    # build keycloak    echo "Building keycloak..."
    $KC_BIN_DIR/kc.sh build >> $LOG_FILE 2>&1
    echo "Importing keycloak data..."
    $KC_BIN_DIR/kc.sh import --file $BACKUP_DIR/keycloak.json >> $LOG_FILE 2>&1
    echo "Migrated to database: $DB_VENDOR - please start poolparty"    ;;    rollback)
    # stop services    echo "Stopping PoolParty Services..."
    $SCRIPT_DIR/poolparty stop >> $LOG_FILE 2>&1
    echo "Rolling back keycloak config..."
    cp $BACKUP_DIR/keycloak.conf $KC_CONF_DIR/keycloak.conf
    echo "Building keycloak..."
    $KC_BIN_DIR/kc.sh build >> $LOG_FILE 2>&1
    echo "Rollback completed"    ;;    *)
    echo "Usage"    echo "$0 migrate|rollback"
    ;;esac
In this section: