Home/Insights/Azure

Troubleshooting Keycloak Startup Issues on Azure Container App Due to Probe Failures

Keycloak may fail to start on Azure Container App due to health probe misconfigurations or resource limitations.

Quick Read

  • Symptom: Keycloak may fail to start on Azure Container App due to health probe misconfigurations or resource limitations.
  • Check first: Verify the health probe configuration in Azure.
  • Risk: Changes system state

Symptoms

Keycloak fails to start on Azure Container App, being killed by health probes.

Environment

Azure Container Apps running Keycloak with default health probes configured.

Most Likely Causes

Misconfiguration of health probes or insufficient startup time for Keycloak.

What to Check First

  1. Verify the health probe configuration in Azure.
  2. Check Keycloak logs for startup errors.
  3. Ensure the container has sufficient resources allocated.

Fix Steps

  1. Check the health probe configuration in Azure Portal.

    Ensure that the health probe settings are appropriate for Keycloak's startup time.

  2. Review Keycloak startup logs for errors.

    Access the logs to identify any startup issues that Keycloak may be encountering.

    Safe to run: read-only

    az containerapp logs show --name <app-name> --resource-group <resource-group>
  3. Increase the startup timeout for the health probe.

    Modify the health probe settings to increase the startup timeout.

    Changes system state: review before running

    az containerapp revision update --name <app-name> --resource-group <resource-group> --set-probe-startup-timeout <new-timeout>
  4. Allocate more resources to the Keycloak container.

    Increase CPU and memory limits for the Keycloak container to ensure it has enough resources to start.

    Changes system state: review before running

    az containerapp update --name <app-name> --resource-group <resource-group> --cpu <new-cpu> --memory <new-memory>

Validation

  • Confirm that Keycloak starts successfully after the changes.
  • Check that health probes are passing in the Azure Portal.

Logs to Check

  • Keycloak startup logs for any errors.
  • Azure Container App logs for probe failure messages.

Rollback and Escalation

  • Revert any changes made to health probe settings or resource allocations if the issue is unresolved.

Escalate When

  • If Keycloak does not start after probe adjustments and resource allocation, escalate to the infrastructure team.

Edge Cases

  • If Keycloak is configured with a database, ensure the database is accessible and healthy.

Notes from the Field

  • Monitor the Azure Container App metrics for CPU and memory usage during startup.
  • Consider using a custom health probe if the default settings are insufficient.