[keycloak-user] kubernetes discovery protocol for JGroups

Meissa M'baye Sakho msakho at redhat.com
Wed Oct 31 05:41:46 EDT 2018 

Thank you Sebastian,
That's exactl what I was looking for.
Meissa

Le mer. 31 oct. 2018 à 10:33, Sebastian Laskawiec <slaskawi at redhat.com> a
écrit :

> The dns_query parameter needs to match your DNS query. Here's an example
> for A records[1]:
> jgroups-dns-ping.myproject.svc.cluster.local
> - svc.cluster.local - tells Kubernetes that this is a service inside its
> cluster
> - myproject - this is the namespace I'm using
> - jgroups-dns-ping - this is the service name I'm using
>
> I hope this helps!
>
> Thanks,
> Sebastian
>
> [1]
> https://github.com/slaskawi/jgroups-dns-ping-example/blob/master/src/main/resources/config-test.xml#L30
>
> On Wed, Oct 31, 2018 at 10:13 AM Meissa M'baye Sakho <msakho at redhat.com>
> wrote:
>
>> Hello Sebastian,
>> I aggree with both of you and I'm also using DNS_PING.
>> But what's missing is the dns_query property value usage. It's an
>> additionnal propery that is required when using the DNS_PING protocol and I
>> would like to know which value is better suited for it.
>> Meissa
>>
>> Le mer. 31 oct. 2018 à 09:12, Sebastian Laskawiec <slaskawi at redhat.com>
>> a écrit :
>>
>>> Hey Meissa,
>>>
>>> Graham is 100% correct.
>>>
>>> The only thing I could add is that OpenShift Pods are not allowed to
>>> query Kubernetes API by default (you need to create a RoleBinding and a
>>> ServiceAccount to do that). Therefore, I recommend DNS_PING for OpenShift
>>> and KUBE_PING/DNS_PING (depending whether you'd like to create an
>>> additional HeadlessService) for vanilla Kube.
>>>
>>> Thanks,
>>> Sebastian
>>>
>>> On Tue, Oct 30, 2018 at 5:14 PM Graham Burgess <graham.burgess at razer.com>
>>> wrote:
>>>
>>>> Meissa,
>>>>
>>>> I believe the difference is in how it gets the data about the instances
>>>> in the cluster. DNS_PING obviously will use DNS, in a Kubernetes env you
>>>> will want to setup a headless service for that so it gets all the IPs for
>>>> all the instances. As for KUBE_PING, well that uses the Kubernetes API
>>>> directly to determine the IPs of the instances.
>>>>
>>>> I run vanilla Kubernetes clusters so I don't know how the difference
>>>> with OS will effect my beliefs. However, I would probably recommend just
>>>> using DNS_PING and making sure that there is a headless service as well as
>>>> a normal service for Keycloak. It would seem to be the more generic method
>>>> for sure.
>>>>
>>>> Best regards,
>>>> Graham Burgess
>>>> RΛZΞR|stormmore
>>>> Sr. DevOps Engineer (USA)
>>>> Email: graham.burgess at razer.com
>>>> DID: (415) 374 0639 <(415)%20374-0639>
>>>> Razer Inc. Stock Code: 1337.HK
>>>> IMPORTANT NOTICE: This e-mail may be confidential, legally privileged
>>>> or otherwise protected from disclosure. If you are not an intended
>>>> recipient, do not copy, distribute or use its contents. Do inform the
>>>> sender that you have received the message in error and delete it from your
>>>> system. E-mails are not secure and may suffer errors, computer viruses,
>>>> delay, interception and amendment. Razer accepts neither risk nor liability
>>>> for any damage or loss caused by this e-mail. To the extent permitted by
>>>> applicable law, Razer reserves the right to retain, monitor and intercept
>>>> e-mails to and from its systems.
>>>>
>>>> -----Original Message-----
>>>> From: keycloak-user-bounces at lists.jboss.org <
>>>> keycloak-user-bounces at lists.jboss.org> On Behalf Of Meissa M'baye Sakho
>>>> Sent: Tuesday, October 30, 2018 3:56 AM
>>>> To: keycloak-user <keycloak-user at lists.jboss.org>
>>>> Subject: [keycloak-user] kubernetes discovery protocol for JGroups
>>>>
>>>> Hello everyone,
>>>> Can someone tell me the difference between the dns.DNS_PING and
>>>> kubernetes.KUBE_PING protocols that we could use to enable keycloak
>>>> clustering?
>>>> It seems like both of them could be used in a kubernetes environment
>>>> but I can't see a documentation clearly explaining the difference between
>>>> them.
>>>> I would like to knwo which one is relevant in a openshift environnement
>>>> which one is in a non openshift environnement.
>>>> The official githup repo [1] does not say a lot about that?
>>>> [1]=https://github.com/jgroups-extras/jgroups-kubernetes/
>>>> Regards,
>>>> Meissa
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>

More information about the keycloak-user mailing list