[keycloak-user] Clustering Keycloak via TCP
lanabe
lanabe.lanabe at gmail.com
Mon Feb 27 11:50:20 EST 2017
I tested the following settings with 2 Keycloak nodes on the same
machine(using PostgreSQL), and it works.
---
<stack name="tcp">
<transport type="TCP" socket-binding="jgroups-tcp"/>
<protocol type="JDBC_PING">
<property
name="datasource_jndi_name">java:jboss/datasources/KeycloakDS</property>
</protocol>
<protocol type="MERGE3"/>
<protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/>
<protocol type="FD"/>
<protocol type="VERIFY_SUSPECT"/>
<protocol type="pbcast.NAKACK2"/>
<protocol type="UNICAST3"/>
<protocol type="pbcast.STABLE"/>
<protocol type="pbcast.GMS"/>
<protocol type="MFC"/>
<protocol type="FRAG2"/>
</stack>
---
You can use TCPPING instead of JDBC_PING like this.
---
<protocol type="TCPPING">
<property name="initial_hosts">
<host1-ip-addr>[<jgroups-tcp port>],<host2-ip-addr>[<jgroups-tcp port>]
</property>
</protocol>
---
On Tue, Feb 28, 2017 at 1:31 AM Bill Burke <bburke at redhat.com> wrote:
> Wildfly docs are wrong then :(
>
> Maybe this? I'm just guessing. You know I'm just googling stuff and
> looking at standalone-ha.xml, right?
>
> <subsystem xmlns="urn:jboss:domain:jgroups:4.0">
> <channels default="ee">
> <channel name="ee" stack="tcp"/>
> </channels>
>
>
> On 2/27/17 10:59 AM, John D. Ament wrote:
> > That didn't work.
> >
> > Message: WFLYCTL0197: Unexpected attribute 'stack' encountered
> >
> > at org.jboss.as.controller.parsing.ParseUtils.unexpected
> >
> >
> > <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
> >
> > <cache-container name="keycloak"
> > jndi-name="infinispan/Keycloak">
> >
> > <transport lock-timeout="60000" stack="tcp"/>
> >
> >
> > John
> >
> >
> > On Mon, Feb 27, 2017 at 10:30 AM Bill Burke <bburke at redhat.com
> > <mailto:bburke at redhat.com>> wrote:
> >
> > https://docs.jboss.org/author/display/WFLY10/Infinispan+Subsystem
> >
> > The only thing in keycloak that needs to leverage
> > clustering/JGroups is
> > our Infinispan cache for Keycloak SSO Sessions. I've never
> personally
> > tried to use a different JGRoups stack. I believe you can set the
> > "stack" attribute in the transport tag. Let me know if you get it
> > working. I"ll expand on our docs.
> >
> > <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
> > <cache-container name="keycloak"
> jndi-name="infinispan/Keycloak">
> > <transport lock-timeout="60000"stack="tcp"/>
> >
> >
> >
> > On 2/27/17 9:57 AM, John D. Ament wrote:
> > > Hi
> > >
> > > I was wondering, has Keycloak been tested using Wildfly 10.1 TCP
> > based
> > > Jgroups? I'm told that the TCP ports are lazy, and I'm never
> > seeing them
> > > come up. It looks like Keycloak doesn't have a war file, no
> > web.xml and as
> > > a result no distributable flag.
> > >
> > > John
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org <mailto:
> keycloak-user at lists.jboss.org>
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list