[keycloak-user] Keycloak cluster configuration

Cindy Margarita Pacheco Alvarez cindy.pacheco at payulatam.com
Fri May 19 11:53:33 EDT 2017


Thank you for your quick reply.  

The thing is that I’ve been trying to do this for a long time (of course I don’t have the expertise). But when I use the configuration that ships with keycloak I get an error when I start the keycloak server (something about java.lang.IllegalStateException: Transaction DummyTransaction and concurrent.TimeoutException: ISPN000299) .

The way that I solved this problem was changing the domain.xml in the infinispan subsystem. I changed the transaction tag from mode=BATCH to mode=NONE. But when I use this solution my replication fails. I mean I can get the token and everything in this process is okay but I get an error during replication (it is not an error that makes the token generation fails, I could notice it in log files).  I do not know what else to do to solve this problem. Maybe you know a solution or some specific documentation that could help me.  

My infinispan configuration is:

<subsystem xmlns="urn:jboss:domain:infinispan:4.0">
                <cache-container name="keycloak" jndi-name="infinispan/Keycloak">
                    <transport lock-timeout="60000"/>
                    <invalidation-cache name="realms" mode="SYNC"/>
                    <invalidation-cache name="users" mode="SYNC">
                        <eviction strategy="LRU" max-entries="10000"/>
                    </invalidation-cache>
                    <replicated-cache name="work" mode="SYNC"/>
                    <distributed-cache name="sessions" mode="SYNC" owners="1"/>
                    <distributed-cache name="offlineSessions" mode="SYNC" owners="1"/>
                    <distributed-cache name="loginFailures" mode="SYNC" owners="1"/>
                    <distributed-cache name="authorization" mode="SYNC" owners="1"/>
                </cache-container>
                <cache-container name="server" aliases="singleton cluster" default-cache="default" module="org.wildfly.clustering.server">
                    <transport lock-timeout="60000"/>
                    <replicated-cache name="default" mode="SYNC">
                        <transaction locking="OPTIMISTIC" mode="NONE"/>
                        <locking isolation="READ_COMMITTED"/>
                    </replicated-cache>
                </cache-container>
                <cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan">
                    <transport lock-timeout="60000"/>
                    <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
                        <transaction locking="OPTIMISTIC" mode="NONE"/>
                        <locking isolation="READ_COMMITTED"/>
                        <file-store/>
                    </distributed-cache>
                </cache-container>
                <cache-container name="ejb" aliases="sfsb" default-cache="dist" module="org.wildfly.clustering.ejb.infinispan">
                    <transport lock-timeout="60000"/>
                    <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2">
                        <transaction locking="OPTIMISTIC" mode="NONE"/>
                        <locking isolation="READ_COMMITTED"/>
                        <file-store/>
                    </distributed-cache>
                </cache-container>
                <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan">
                    <transport lock-timeout="60000"/>
                    <local-cache name="local-query">
                        <eviction strategy="LRU" max-entries="10000"/>
                        <expiration max-idle="100000"/>
                    </local-cache>
                    <invalidation-cache name="entity" mode="SYNC">
                        <transaction mode="NON_XA"/>
                        <eviction strategy="LRU" max-entries="10000"/>
                        <expiration max-idle="100000"/>
                    </invalidation-cache>
                    <replicated-cache name="timestamps" mode="ASYNC"/>
                </cache-container>
            </subsystem>


Thank you. 


El 18/05/17, 5:20 p.m., "Stan Silvert" <ssilvert at redhat.com> escribió:

    On 5/18/2017 4:49 PM, Cindy Margarita Pacheco Alvarez wrote:
    > I would like to know what should be the right way to configure keycloak in cluster mode. How domain.xml should be?
    The domain.xml that ships with Keycloak is a good start.  But you will 
    need to familiarize yourself with both Keycloak clustering documentation 
    and EAP/WildFly clustering documentation.
    >
    > Thanks!
    > _______________________________________________
    > keycloak-user mailing list
    > keycloak-user at lists.jboss.org
    > https://lists.jboss.org/mailman/listinfo/keycloak-user
    
    _______________________________________________
    keycloak-user mailing list
    keycloak-user at lists.jboss.org
    https://lists.jboss.org/mailman/listinfo/keycloak-user
    




More information about the keycloak-user mailing list