diff --git a/pom.xml b/pom.xml
index 37f964b..61dc395 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>io.kokuwa.maven</groupId>
 		<artifactId>maven-parent</artifactId>
-		<version>0.6.15</version>
+		<version>0.6.16</version>
 		<relativePath/>
 	</parent>
 
@@ -64,9 +64,9 @@
 		<!-- dependencies -->
 
 		<version.io.kokuwa.keycloak.metrics>1.0.0</version.io.kokuwa.keycloak.metrics>
-		<version.io.kokuwa.maven.k3s>1.2.4</version.io.kokuwa.maven.k3s>
+		<version.io.kokuwa.maven.k3s>1.3.0</version.io.kokuwa.maven.k3s>
 		<version.io.kubernetes.client>19.0.0</version.io.kubernetes.client>
-		<version.org.keycloak>24.0.4</version.org.keycloak>
+		<version.org.keycloak>25.0.1</version.org.keycloak>
 
 		<!-- images -->
 
@@ -346,6 +346,7 @@
 					<subdir>test</subdir>
 					<portBindings>
 						<portBinding>8080:8080</portBinding>
+						<portBinding>9000:9000</portBinding>
 					</portBindings>
 					<ctrImages>
 						<ctrImage>${image.mailhog}</ctrImage>
@@ -374,7 +375,6 @@
 				</executions>
 			</plugin>
 
-
 			<!-- disable jar/surefire/install -->
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile
index 26746ec..45efcfd 100644
--- a/src/main/docker/Dockerfile
+++ b/src/main/docker/Dockerfile
@@ -5,25 +5,14 @@ RUN mv "/tmp/keycloak-$VERSION" /app && rm -rf /app/bin/client /app/bin/*.bat
 
 FROM docker.io/eclipse-temurin:${maven.compiler.target}-jre AS keycloak-runtime
 # https://www.keycloak.org/server/all-config
-ENV \
-  KC_DB=postgres \
-  KC_CACHE=ispn \
-  KC_CACHE_STACK=kubernetes \
-  KC_CACHE_DNS=keycloak-headless \
-  KC_CACHE_OWNERS=2 \
-  KC_HEALTH_ENABLED=true \
-  KC_METRICS_ENABLED=true \
-  KC_METRICS_EVENT_REPLACE_IDS=true \
-  KC_METRICS_STATS_ENABLED=true \
-  URI_METRICS_ENABLED=false \
-  URI_METRICS_DETAILED=false
+ENV KC_DB=postgres KC_HEALTH_ENABLED=true KC_METRICS_ENABLED=true
 COPY --from=keycloak /app /app
 COPY cache-ispn.xml /app/conf/cache-ispn.xml
 COPY keycloak-event-metrics-${version.io.kokuwa.keycloak.metrics}.jar /app/providers/metrics-spi.jar
 RUN java -Dkc.home.dir=/app -jar /app/lib/quarkus-run.jar build
 
 FROM docker.io/eclipse-temurin:${maven.compiler.target}-jre AS keycloak-import
-ENV KC_DB=postgres KC_CACHE=local KC_LOG_CONSOLE_OUTPUT=json
+ENV KC_DB=postgres
 COPY --from=keycloak /app /app
 RUN java -Dkc.home.dir=/app -jar /app/lib/quarkus-run.jar build
 
@@ -50,6 +39,8 @@ LABEL org.opencontainers.image.base.name   docker.io/eclipse-temurin:${maven.com
 # https://www.keycloak.org/server/all-config
 ENV \
   KC_DB=postgres \
+  KC_HTTP_ENABLED=true \
+  KC_HTTP_METRICS_HISTOGRAMS_ENABLED=true \
   KC_CACHE=ispn \
   KC_CACHE_STACK=kubernetes \
   KC_CACHE_DNS=keycloak-headless \
@@ -58,9 +49,6 @@ ENV \
   KC_METRICS_ENABLED=true \
   KC_METRICS_EVENT_REPLACE_IDS=true \
   KC_METRICS_STATS_ENABLED=true \
-  URI_METRICS_ENABLED=false \
-  URI_METRICS_DETAILED=false \
-  KC_PROXY=edge \
   KC_LOG_CONSOLE_OUTPUT=json
 
 COPY --from=keycloak-runtime /app /app
@@ -117,6 +105,8 @@ LABEL org.opencontainers.image.base.name   gcr.io/distroless/java${maven.compile
 # https://www.keycloak.org/server/all-config
 ENV \
   KC_DB=postgres \
+  KC_HTTP_ENABLED=true \
+  KC_HTTP_METRICS_HISTOGRAMS_ENABLED=true \
   KC_CACHE=ispn \
   KC_CACHE_STACK=kubernetes \
   KC_CACHE_DNS=keycloak-headless \
@@ -125,9 +115,6 @@ ENV \
   KC_METRICS_ENABLED=true \
   KC_METRICS_EVENT_REPLACE_IDS=true \
   KC_METRICS_STATS_ENABLED=true \
-  URI_METRICS_ENABLED=false \
-  URI_METRICS_DETAILED=false \
-  KC_PROXY=edge \
   KC_LOG_CONSOLE_OUTPUT=json
 
 COPY --from=keycloak-runtime /app /app
diff --git a/src/test/java/io/kokuwa/keycloak/k8s/Kubernetes.java b/src/test/java/io/kokuwa/keycloak/k8s/Kubernetes.java
index 803f1fa..71642d9 100644
--- a/src/test/java/io/kokuwa/keycloak/k8s/Kubernetes.java
+++ b/src/test/java/io/kokuwa/keycloak/k8s/Kubernetes.java
@@ -9,7 +9,6 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import io.kokuwa.keycloak.FailoverIT;
 import io.kubernetes.client.custom.V1Patch;
 import io.kubernetes.client.openapi.ApiClient;
 import io.kubernetes.client.openapi.ApiException;
@@ -22,7 +21,7 @@ public class Kubernetes {
 	public static final String KEYCLOAK_NAME = "keycloak";
 	public static final int KEYCLOAK_REPLICAS = 3;
 
-	private final Logger log = LoggerFactory.getLogger(FailoverIT.class);
+	private final Logger log = LoggerFactory.getLogger(Kubernetes.class);
 	private final AppsV1Api appApi;
 
 	Kubernetes(ApiClient client) {
diff --git a/src/test/k3s/test/keycloak/ingress.yaml b/src/test/k3s/test/keycloak/ingress.yaml
index 8f04df8..4da35c1 100644
--- a/src/test/k3s/test/keycloak/ingress.yaml
+++ b/src/test/k3s/test/keycloak/ingress.yaml
@@ -13,14 +13,14 @@ spec:
               service:
                 name: keycloak
                 port:
-                  name: http
+                  name: management
           - path: /health
             pathType: Prefix
             backend:
               service:
                 name: keycloak
                 port:
-                  name: http
+                  name: management
           - path: /admin
             pathType: Prefix
             backend:
diff --git a/src/test/k3s/test/keycloak/job.yaml b/src/test/k3s/test/keycloak/job.yaml
index 9114117..b5a888c 100644
--- a/src/test/k3s/test/keycloak/job.yaml
+++ b/src/test/k3s/test/keycloak/job.yaml
@@ -56,6 +56,8 @@ spec:
             capabilities:
               drop: [ALL]
           volumeMounts:
+            - name: data
+              mountPath: /app/data
             - name: tmp
               mountPath: /tmp
             - name: realms
@@ -64,6 +66,8 @@ spec:
       automountServiceAccountToken: false
       terminationGracePeriodSeconds: 2
       volumes:
+        - name: data
+          emptyDir: {}
         - name: tmp
           emptyDir: {}
         - name: realms
diff --git a/src/test/k3s/test/keycloak/kustomization.yaml b/src/test/k3s/test/keycloak/kustomization.yaml
index 26186f9..9dce173 100644
--- a/src/test/k3s/test/keycloak/kustomization.yaml
+++ b/src/test/k3s/test/keycloak/kustomization.yaml
@@ -7,8 +7,11 @@ resources:
 configMapGenerator:
   - name: keycloak-config
     literals:
-      - KC_HOSTNAME_STRICT=false
-      - KC_HOSTNAME_STRICT_HTTPS=false
+      - KC_HOSTNAME=http://keycloak.127.0.0.1.nip.io
+      - KC_HOSTNAME_DEBUG=true
+      - KC_HOSTNAME_BACKCHANNEL_DYNAMIC=true
+      - KC_PROXY_HEADERS=xforwarded
+      - KC_LOG_CONSOLE_OUTPUT=default
   - name: keycloak-realms
     files:
       - files/kokuwa-realm.json
diff --git a/src/test/k3s/test/keycloak/service.yaml b/src/test/k3s/test/keycloak/service.yaml
index 2f1e26b..62b681a 100644
--- a/src/test/k3s/test/keycloak/service.yaml
+++ b/src/test/k3s/test/keycloak/service.yaml
@@ -4,6 +4,9 @@ metadata:
   name: keycloak
 spec:
   ports:
+    - name: management
+      port: 9000
+      targetPort: management
     - name: http
       port: 80
       targetPort: http
diff --git a/src/test/k3s/test/keycloak/statefulset.yaml b/src/test/k3s/test/keycloak/statefulset.yaml
index c1c5976..8eaeffe 100644
--- a/src/test/k3s/test/keycloak/statefulset.yaml
+++ b/src/test/k3s/test/keycloak/statefulset.yaml
@@ -49,10 +49,12 @@ spec:
           ports:
             - name: http
               containerPort: 8080
+            - name: management
+              containerPort: 9000
           startupProbe:
             httpGet:
               path: /health
-              port: http
+              port: management
             initialDelaySeconds: 1
             periodSeconds: 1
             successThreshold: 1
@@ -60,11 +62,11 @@ spec:
           readinessProbe:
             httpGet:
               path: /health/ready
-              port: http
+              port: management
           livenessProbe:
             httpGet:
               path: /health/live
-              port: http
+              port: management
           securityContext:
             runAsUser: 1000
             runAsGroup: 1000