0

I have a Quarkus application already deployed on Google Cloud Run. It depends on MySQL, hence there is an instance started on Cloud SQL.

Next step in my deployment process is to add keycloak. From what I've read the best option seems to be Google App Engine.

The approved answer in this question gave me some good insight of what needs to be done ... mostly. What I did was:

  • Locally I made a sub-directory in the main project.
  • In that directory I added the app.yaml and the Dockerfile (as described here for instance).
  • There I executed the said two commands: gcloud init and gcloud app deploy.

I had my doubts about this set up and they were backed up by the error I got eventually:

ERROR: (gcloud.app.deploy) INVALID_ARGUMENT: The first service (module) you upload to a new application must be the 'default' service (module). Please upload a version of the 'default' service (module) before uploading a version for the 'morph-keycloak-service' service (module).

I understand my set up breaks the overall structure of the project but I'm not sure how to mix those two application with the right services. I understand keycloak is a stateful application, hence cannot live on Cloud Run (by the way the intention is for keycloak to use the same database instance shared with the application).

So does any one know a more sensible set up, or what can I move in mine in order to fix it?

johnniepop
  • 159
  • 1
  • 6
  • 1
    The error message tells you what to fix, no? You need a GAE default service. – new name Nov 15 '21 at 16:12
  • 1
    Can you describe at a high level what it is your app does/what you're trying to achieve. For example, do you mean you have an application and you want to allow users to login (maybe single sign-on) and after they are logged in, the tasks they execute are done by making requests to Cloud Run? – NoCommandLine Nov 15 '21 at 16:35
  • 1
    If you have nothing deployed on App Engine start by deploying a dummy service on it. You need to create the default service (the root service) before creating sub-services. Or remove the `service` entry in your app.yaml to deploy it as default service. – guillaume blaquiere Nov 15 '21 at 21:00

1 Answers1

1

In short: The answer really is in reading the error message (thanks @gaefan) - about the error itself it explains enough. So I just commented out the service: my-keycloak-service line in the app.yaml (thus leaving gcloud to implicitly mark it as the default one) and the deployment continued.

Eventually keycloak didn't connect to the database but if I don't manage to adjust the configurations that would probably be a subject to a different question.

On the point of project structure and functionality:

First off, thanks @NoCommandLine and @guillaume-blaquiere for your input!

@NoCommandLine the application on Cloud Run is sort of a headless REST API enabled backend. Most of the API calls are secured by keycloack. A next step in the deployment process would be to port an existing UI (React) client on the Firebase hosting (or on another suitable service - I'm still not completely sure which approach is best) and in order for the users to work with this client properly they must make an SSO through keycloak first.

I'm quite new to GCP and the number and variants of the available options are still overwhelming to me - one must get familiar with the nuances but I guess it takes time. So I'm still taking suggestions on how to adjust my project structure to fit better the services stack. Thanks!

johnniepop
  • 159
  • 1
  • 6