Keycloak is an open-source identity and access management solution that allows users to authenticate and authorize access to web applications and services.
Datadog is a monitoring and analytics platform that provides insights into the performance and health of your applications and infrastructure. By integrating Keycloak with Datadog, you can gain visibility into the performance of your authentication and authorization processes.
In this blog post, we will describe how to configure Keycloak to send traces to Datadog when both are deployed in Kubernetes.
Prerequisites
A Kubernetes cluster with Keycloak and Datadog agents deployed
A Datadog API key
Enable tracing in Keycloak
Quarkus is a modern Java framework that is designed for building lightweight and efficient microservices. As Keycloak (starting version 17) is based on Quarkus, we should consider the Datadog Java Agent in our integration.
Start a Keycloak instance with custom command-line options
Additional server startup options (extension of JAVA_OPTS) can be configured using the JAVA_OPTS_APPEND environment variable.
ARG KC_VERSION
FROM quay.io/keycloak/keycloak:${KC_VERSION} as builder
ARG KC_HEALTH_ENABLED=true
ARG KC_METRICS_ENABLED=true
ARG KC_DB=postgres
ARG KC_FEATURES
ENV KC_HEALTH_ENABLED=${KC_HEALTH_ENABLED}
ENV KC_METRICS_ENABLED=${KC_METRICS_ENABLED}
ENV KC_DB=${KC_DB}
ENV KC_FEATURES=${KC_FEATURES}
COPY /jars/dd-java-agent.jar /jars/dd-java-agent.jar
ENV JAVA_OPTS_APPEND=-javaagent:/jars/dd-java-agent.jar -Ddd.service.name=keycloak -Ddd.env=prod
FROM quay.io/keycloak/keycloak:${KC_VERSION}
COPY --from=builder /opt/keycloak/ /opt/keycloak/
ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start", "--optimized"]
That is all. I hope you find it useful.
Top comments (0)