I am trying to modify a kubernetes keycloak deployment to respond on /auth in place of /. I see in the documentation that this should be possible by setting --http-relative-path to /auth. I have attempted this and it causes all the services to receive Connection refused from the keycloak service. Is this possibly an issue with keycloak or could there be another config required?
The issue was that the networking solution was not routing to the service because the health checks had not been updated with the correct routes.
readinessProbe:
httpGet:
path: /health/ready
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 20
startupProbe:
httpGet:
path: /health/ready
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 20
livenessProbe:
httpGet:
path: /health/ready
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 20
Changing these to /auth/health/ready fixed the ready checks.