Docker Production - docker compose cannot connect to Postgres, docker run will

Configuring the server
1

EDIT
Resolved now! I forgot to do the most important step and BUILD the optimized image first! (hence when running via docker run it worked) anyway, below was what I needed to do:
Build the Dockerfile image first:

docker build . -t keycloak:23.0.1

Then swap build: . with image: keycloak:23.0.1 in docker-compose.yml
Then it would use the optimized image created from docker build...
Yes, stupid mistake!
END EDIT

Using docker run my Keycloak server can connect to the postgres server.
Using docker compose up the server throws error: Datasource '<default>': Driver does not support the provided URL: jdbc:postgresql://pgkeydb/keycloak

Using same options, connecting to same database on the same network, same user etc…
Dockerfile:

FROM quay.io/keycloak/keycloak:25.0.1 as builder

VOLUME keycloak-data:/opt/keycloak/

ENV KC_HEALTH_ENABLED=true
ENV KC_METRICS_ENABLED=true

ENV KC_DB=postgres

WORKDIR /opt/keycloak
COPY --chown=1000:0 certs/fullchain.pem /opt/keycloak/fullchain.pem
COPY --chown=1000:0 certs/privkey.pem /opt/keycloak/privkey.pem

RUN /opt/keycloak/bin/kc.sh build

FROM quay.io/keycloak/keycloak:25.0.1
COPY --from=builder /opt/keycloak/ /opt/keycloak/

ENV KC_FEATURES=hostname:v2
ENV KC_DB_URL=jdbc:postgresql://pgkeydb/keycloak
ENV KC_DB_USERNAME=postgres
ENV KC_DB_PASSWORD=some_strong_password
ENV KC_HOSTNAME=keycloak.tld.com
ENV KC_HOSTNAME_PORT=58443
ENV KC_HTTPS_CERTIFICATE_FILE=/opt/keycloak/fullchain.pem
ENV KC_HTTPS_CERTIFICATE_KEY_FILE=/opt/keycloak/privkey.pem
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]

docker-compose.yml

services:
  keycloak:
    build: .
    container_name: service-keycloak
    command: start --optimized
    restart: always
    env_file: "keycloak.env"
    depends_on:
      - pgkeydb
    ports:
      - 58080:8080
      - 58443:8443
      - 59000:9000
    volumes:
      - keycloak-data:/opt/keycloak
    networks:
      - keycloak-network
  pgkeydb:
    image: postgres:16
    container_name: keycloak-postgres
    restart: always
    env_file: "pgres.env"
    volumes:
      - pgkeydb-data:/var/lib/postgresql/data
    networks:
      - keycloak-network
volumes:
  keycloak-data:
  pgkeydb-data:
networks:
  keycloak-network:
    name: keycloak-network

keycloak.env

KEYCLOAK_ADMIN_USER: admin_user
KEYCLOAK_ADMIN_PASSWORD: some_strong_password
KEYCLOAK_FRONTEND_URL="https://keycloak.tld.com"

pgres.env

POSTGRES_DB=keycloak
POSTGRES_USER=postgres
POSTGRES_PASSWORD=some_strong_password

Executing docker compose up -d results in error: Datasource '<default>': Driver does not support the provided URL: jdbc:postgresql://pgkeydb/keycloak

However, if i just run docker run -d --name service-keycloak --net keycloak-network -p 58080:8080 -p 58443:8443 -p 59000:9000 -e KEYCLOAK_ADMIN=keyadmin -e KEYCLOAK_ADMIN_PASSWORD=some_strong_password -v keycloak-data service-keycloak start --optimized --verbose then the service starts and connects to the database fine (Postgres container is now running after the compose run… so same image that compose would use…)

I have compared docker inspect files, only differences were that one was running/other not, and the compose file had the docker.compose values…

2

Try to run with root user:

image
image1170×98 13.5 KB