[keycloak-dev] server start up errors

Marko Strukelj mstrukel at redhat.com
Tue Jun 21 10:46:26 EDT 2016 

I think you can ping http://localhost:8080/auth/ - until you get 200 OK.

Don't forget the final / in the url, otherwise you'll get 303 See Other
rather than 200 OK.



On Tue, Jun 21, 2016 at 4:02 PM, John Dennis <jdennis at redhat.com> wrote:

> On 06/21/2016 09:34 AM, Bill Burke wrote:
> >
> >
> > On 6/21/16 8:21 AM, John Dennis wrote:
> >>
> >> The "wait for full initialization" problem is not new to us with
> >> daemons. It's come up a number of times with IPA and other daemons we
> >> work with. The way we've dealt with it is to have our service scripts
> >> that start and stop services write to one of the primary sockets and
> >> only when it gets a valid response back conclude the service is in fact
> >> up (handling timeouts of course). Systemd came along later and might
> >> have some support for socket detection, I'll investigate that option.
> >>
> >
> > This is good feedback.  I'm not sure what you mean by writing to a
> > primary socket.  You mean HTTP(S) 80/443?  I'm pretty sure HTTP(S)
> > sockets are set up before Keycloak is even deployed.  This is because
> > internally Keycloak has a dependency on HTTP subsystem and won't be
> > initialized until that subsystem is started.
>
> Sorry, I guess I wasn't clear. What I meant was to send a request and
> wait for a valid response. It makes sense the servlet container would
> have it's listening sockets set up much earlier but Keycloak won't
> respond to a request on a valid endpoint until it's fully initialized.
>
> What I was trying to describe was something like this, a loop iterates
> trying to send a request, it ignores common socket errors, if a valid
> response is received it terminates the loop with a success status. If
> after a specified time interval or iteration count a valid response has
> not been received it terminates the loop with a failure status.
>
> Of course this means there is some endpoint which does not require
> authentication nor has any side-effect. I'm guessing the REST API
> exposes something which could be used for this purpose but I haven't
> looked into it.
>
> > Can you parse System output for a specific string?  Is that viable?
> > I'll ping Wildfly team to see how they've handled stuff like this.
>
> Trying to parse the log is problematic. Normally the log is appended to
> (until log rotation occurs). It could be tricky to identify the matching
> log message associated with the server lifetime. Also in some scenarios
> log messages may not be flushed immediately, especially if logging is
> configured to go to a network location. It also would make the service
> script dependent on knowing the logging configuration and exact messages
> to look for which may change between versions, a maintenance issue.
>
>
> --
> John
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160621/4ae3bca5/attachment-0001.html

More information about the keycloak-dev mailing list