[keycloak-user] Keycloak cross-dc standalone vs standalone-ha
Hynek Mlnarik
hmlnarik at redhat.com
Fri Sep 15 08:27:48 EDT 2017
Putting aside cross DC, if you use default settings of caches in
standalone.xml, the objects within the caches would not be shared in
the cluster. That for example means that changes in realm settings
would not propagate to other nodes and node states would thus become
inconsistent, any node failure would lead to loss of state data stored
at that node, etc.
In cross DC, not all caches are shared between sites, e.g.
authentication session cache is usually local to the cluster, so using
cross-DC setup for "single-node clusters" you describe would not cure
all potential issues coming out of not using standalone-ha profile.
On Fri, Sep 15, 2017 at 12:32 PM, Vikrant Singh
<vikrant02.work at gmail.com> wrote:
> Hi,
>
> Recently there was a blog on cross dc support for keycloak
> http://blog.keycloak.org/2017/09/cross-datacenter-support-in-keycloak.html
>
> We have done something similar to that with one difference. In our
> deployment we have keycloak in standalone mode rather than standalone-ha.
> All keycloak instances are using same db. With this setup we are
> successfully able to achieve HA across same dc and cross dc both.
>
> Is there any benefit of using standalone-ha over standalone? since all
> clustering requirement will be handled by external infinispan server.
>
> Thanks!
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
--Hynek
More information about the keycloak-user
mailing list