Rollback cheat for Keycloak

General prerequisites

before starting the rollback procedure, please check first our troubleshooting page.

Before you start the rollback procedure, please make sure to:

  1. Stop your keycloak pod that is failing. To do that, disable Keycloak with the following property:

    global:
  mgmt:
    keycloak:
      enabled: false

  2. Upgrade the platform release by running something like the below:

    helm upgrade --install platform axual-stable/platform -f values.yaml -n kafka
If you are using a remote_db be sure you are performing the following procedure by a node that has connectivity to the remote database.

Rollback story: Keycloak database is in an invalid state

The backup restoration procedure depends on the tooling. For more detailed backup/restore information, check MariaDB and also MySQL references according to your setup.

Should the Keycloak database is gone corrupted you might have to recreate it from scratch. To do so, follow the steps below:

The backup restoration procedure depends on the tooling used and here you will find only the top-level steps.

  1. Access Keycloak’s database with a MySQL/MariaDB client, like phpMyAdmin

  2. Restore the Keycloak database backup you’ve done while preparing for the upgrade (this step depends on your backup/restore procedures and tooling)

  3. Once the backup restoration is finished, enable Keycloak’s deployment back with the below:

    global:
  mgmt:
    keycloak:
      enabled: true
    helm upgrade --install platform axual-stable/platform -f values.yaml --version=0.8.5 -n kafka

  4. Check the logs to confirm the successful rollback of Keycloak. You should see something like the below at the end of the log once the startup finishes:

    HH:mm:ss,SSS INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: Keycloak 11.0.0 (WildFly Core 12.0.3.Final) started in 24365ms - Started 692 of 997 services (703 services are lazy, passive or on-demand)
HH:mm:ss,SSS INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
HH:mm:ss,SSS INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990