[keycloak-user] Clustering Keycloak via TCP
John D. Ament
john.d.ament at gmail.com
Mon Feb 27 12:59:53 EST 2017
Ha yeah, so that ended up being a problem with copy and paste between the
two. The way it seems to work, infinispan uses the jgroups config for the
cluster, which wildfly configures as "ee". So only that requires the
"stack="tcp"" part. But then when I pulled the keycloak config out, I
pulled the standalone.xml config, not the standalone-ha.xml config.
So all good now. Thanks!
John
On Mon, Feb 27, 2017 at 11:50 AM lanabe <lanabe.lanabe at gmail.com> wrote:
> I tested the following settings with 2 Keycloak nodes on the same
> machine(using PostgreSQL), and it works.
>
>
>
> ---
>
> <stack name="tcp">
>
> <transport type="TCP" socket-binding="jgroups-tcp"/>
>
> <protocol type="JDBC_PING">
>
>
>
> <property
> name="datasource_jndi_name">java:jboss/datasources/KeycloakDS</property>
>
> </protocol>
>
> <protocol type="MERGE3"/>
>
> <protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/>
>
> <protocol type="FD"/>
>
> <protocol type="VERIFY_SUSPECT"/>
>
> <protocol type="pbcast.NAKACK2"/>
>
> <protocol type="UNICAST3"/>
>
> <protocol type="pbcast.STABLE"/>
>
> <protocol type="pbcast.GMS"/>
>
> <protocol type="MFC"/>
>
> <protocol type="FRAG2"/>
>
> </stack>
>
> ---
>
> You can use TCPPING instead of JDBC_PING like this.
>
> ---
>
> <protocol type="TCPPING">
>
> <property name="initial_hosts">
>
> <host1-ip-addr>[<jgroups-tcp port>],<host2-ip-addr>[<jgroups-tcp port>]
>
> </property>
>
> </protocol>
>
> ---
>
>
> On Tue, Feb 28, 2017 at 1:31 AM Bill Burke <bburke at redhat.com> wrote:
>
> Wildfly docs are wrong then :(
>
> Maybe this? I'm just guessing. You know I'm just googling stuff and
> looking at standalone-ha.xml, right?
>
> <subsystem xmlns="urn:jboss:domain:jgroups:4.0">
> <channels default="ee">
> <channel name="ee" stack="tcp"/>
> </channels>
>
>
> On 2/27/17 10:59 AM, John D. Ament wrote:
> > That didn't work.
> >
> > Message: WFLYCTL0197: Unexpected attribute 'stack' encountered
> >
> > at org.jboss.as.controller.parsing.ParseUtils.unexpected
> >
> >
> > <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
> >
> > <cache-container name="keycloak"
> > jndi-name="infinispan/Keycloak">
> >
> > <transport lock-timeout="60000" stack="tcp"/>
> >
> >
> > John
> >
> >
> > On Mon, Feb 27, 2017 at 10:30 AM Bill Burke <bburke at redhat.com
> > <mailto:bburke at redhat.com>> wrote:
> >
> > https://docs.jboss.org/author/display/WFLY10/Infinispan+Subsystem
> >
> > The only thing in keycloak that needs to leverage
> > clustering/JGroups is
> > our Infinispan cache for Keycloak SSO Sessions. I've never
> personally
> > tried to use a different JGRoups stack. I believe you can set the
> > "stack" attribute in the transport tag. Let me know if you get it
> > working. I"ll expand on our docs.
> >
> > <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
> > <cache-container name="keycloak"
> jndi-name="infinispan/Keycloak">
> > <transport lock-timeout="60000"stack="tcp"/>
> >
> >
> >
> > On 2/27/17 9:57 AM, John D. Ament wrote:
> > > Hi
> > >
> > > I was wondering, has Keycloak been tested using Wildfly 10.1 TCP
> > based
> > > Jgroups? I'm told that the TCP ports are lazy, and I'm never
> > seeing them
> > > come up. It looks like Keycloak doesn't have a war file, no
> > web.xml and as
> > > a result no distributable flag.
> > >
> > > John
> > > _______________________________________________
> > > keycloak-user mailing list
>
> > > keycloak-user at lists.jboss.org <mailto:
> keycloak-user at lists.jboss.org>
>
>
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> > _______________________________________________
> > keycloak-user mailing list
>
> > keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>
>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
More information about the keycloak-user
mailing list