<div dir="ltr">Some people have been successful with S3_PING on EC2:<div><br></div><div><a href="http://lists.jboss.org/pipermail/keycloak-user/2015-December/004083.html">http://lists.jboss.org/pipermail/keycloak-user/2015-December/004083.html</a><div><br></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Dec 18, 2015 at 3:01 PM, charles-edouard gagnaire <span dir="ltr">&lt;<a href="mailto:c.gagnaire@kreactive.com" target="_blank">c.gagnaire@kreactive.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>hi, </div><div><br></div><div>I&#39;m having trouble configuring a Keycloak cluster running on AWS&#39; EC2. </div><div>The database configuration is OK no problem, but i can&#39;t manage to get the invalidation cache working correctly. </div><div>I configured Infinispan to work with S3_ping plugin (the relevant part of my configuration is below). </div><div><br></div><div>When i run both server, the connection with the database is Ok, but the infinispan logs look like this : </div><div>On Server 1 : </div><div>...</div><div>11:00:17,592 INFO  [stdout] (MSC service thread 1-1) GMS: address=ip-10-1-7-103, cluster=ee, physical address=<a href="http://10.1.7.103:7600" target="_blank">10.1.7.103:7600</a></div><div>...</div><div>11:00:18,057 INFO  [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (ServerService Thread Pool -- 62) ISPN000094: Received new cluster view for channel keycloak: [ip-10-1-7-103|0] (1) [ip-10-1-7-103]</div><div>...</div><div><br></div><div>On Server 2 : </div><div>...</div><div>11:03:41,159 INFO  [stdout] (MSC service thread 1-1) GMS: address=ip-10-1-1-245, cluster=ee, physical address=<a href="http://10.1.1.245:7600" target="_blank">10.1.1.245:7600</a></div><div>...</div><div>11:03:41,783 INFO  [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (ServerService Thread Pool -- 62) ISPN000094: Received new cluster view for channel keycloak: [ip-10-1-1-245|0] (1) [ip-10-1-1-245]</div><div>...</div><div><br></div><div>In my S3 bucket, i have 2 files created :</div><div>402ea329-c135-f1e9-2782-02768779e02f.ip-10-1-1-245.list</div><div>a584321f-408b-b2ae-e2dd-d19333db96c4.ip-10-1-7-103.list</div><div><br></div><div>And the content of the files is like this :</div><div>File 1 : </div><div>ip-10-1-1-245 <span style="white-space:pre-wrap">        </span>402ea329-c135-f1e9-2782-02768779e02f <span style="white-space:pre-wrap">        </span><a href="http://10.1.1.245:7600" target="_blank">10.1.1.245:7600</a> <span style="white-space:pre-wrap">        </span>T</div><div><br></div><div>File 2 : </div><div>ip-10-1-7-103 <span style="white-space:pre-wrap">        </span>a584321f-408b-b2ae-e2dd-d19333db96c4 <span style="white-space:pre-wrap">        </span><a href="http://10.1.7.103:7600" target="_blank">10.1.7.103:7600</a> <span style="white-space:pre-wrap">        </span>T</div><div><br></div><div>When i read the logs, it looks like the infinispan&#39;s cache can&#39;t contact each other.</div><div>I double check my network config, and i tried connecting from one server to the other using nc (like this: nc -vvv 10.1.7.103 7600) and this works fine. </div><div><br></div><div>Is there a way to check the infinispan status of the servers?</div><div>Do you guys got any clue on how to make this works? </div><div><br></div><div>Thank you, </div><div>Charles-Edouard</div><div><br></div><div>My config looks like this : </div><div><br></div><div>- Standalone-ha.xml</div><div>...</div><div>&lt;datasources&gt;</div><div>                &lt;driver name=&quot;postgresql&quot; module=&quot;org.postgresql&quot;&gt;</div><div>                   &lt;datasource-class&gt;org.postgresql.Driver&lt;/datasource-class&gt;</div><div>                   &lt;xa-datasource-class&gt;org.postgresql.xa.PGXADataSource&lt;/xa-datasource-class&gt;</div><div>                &lt;/driver&gt;</div><div>                &lt;datasource jndi-name=&quot;java:jboss/datasources/PgDskeycloak&quot; pool-name=&quot;PgDskeycloak&quot; enabled=&quot;true&quot; use-java-context=&quot;true&quot;&gt;</div><div>                    &lt;connection-url&gt;jdbc:postgresql://****:5432/keycloak?ApplicationName=keycloak&lt;/connection-url&gt;</div><div>                    &lt;driver&gt;postgresql&lt;/driver&gt;</div><div>                    &lt;pool&gt;</div><div>                        &lt;min-pool-size&gt;5&lt;/min-pool-size&gt;</div><div>                        &lt;initial-pool-size&gt;5&lt;/initial-pool-size&gt;</div><div>                        &lt;max-pool-size&gt;100&lt;/max-pool-size&gt;</div><div>                        &lt;prefill&gt;true&lt;/prefill&gt;</div><div>                    &lt;/pool&gt;</div><div>                    &lt;validation&gt;</div><div>                        &lt;valid-connection-checker</div><div>                                 class-name=&quot;org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker&quot;&gt;&lt;/valid-connection-checker&gt;</div><div>                        &lt;exception-sorter</div><div>                                 class-name=&quot;org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter&quot;&gt;&lt;/exception-sorter&gt;</div><div>                    &lt;/validation&gt;</div><div>                    &lt;security&gt;</div><div>                        &lt;user-name&gt;****&lt;/user-name&gt;</div><div>                        &lt;password&gt;****&lt;/password&gt;</div><div>                    &lt;/security&gt;</div><div>                &lt;/datasource&gt;</div><div>...</div><div>            &lt;stacks default=&quot;tcp&quot;&gt;</div><div>                &lt;stack name=&quot;udp&quot;&gt;</div><div>                    &lt;transport type=&quot;UDP&quot; socket-binding=&quot;jgroups-udp&quot;/&gt;</div><div>                    &lt;protocol type=&quot;PING&quot;/&gt;</div><div>                    &lt;protocol type=&quot;MERGE3&quot;/&gt;</div><div>                    &lt;protocol type=&quot;FD_SOCK&quot; socket-binding=&quot;jgroups-udp-fd&quot;/&gt;</div><div>                    &lt;protocol type=&quot;FD_ALL&quot;/&gt;</div><div>                    &lt;protocol type=&quot;VERIFY_SUSPECT&quot;/&gt;</div><div>                    &lt;protocol type=&quot;pbcast.NAKACK2&quot;/&gt;</div><div>                    &lt;protocol type=&quot;UNICAST3&quot;/&gt;</div><div>                    &lt;protocol type=&quot;pbcast.STABLE&quot;/&gt;</div><div>                    &lt;protocol type=&quot;pbcast.GMS&quot;/&gt;</div><div>                    &lt;protocol type=&quot;UFC&quot;/&gt;</div><div>                    &lt;protocol type=&quot;MFC&quot;/&gt;</div><div>                    &lt;protocol type=&quot;FRAG2&quot;/&gt;</div><div>                    &lt;protocol type=&quot;RSVP&quot;/&gt;</div><div>                &lt;/stack&gt;</div><div>                &lt;stack name=&quot;tcp&quot;&gt;</div><div>                    &lt;transport type=&quot;TCP&quot; socket-binding=&quot;jgroups-tcp&quot;/&gt;</div><div>                    &lt;protocol type=&quot;S3_PING&quot; &gt;</div><div>                        &lt;property name=&quot;location&quot;&gt;****&lt;/property&gt;</div><div>                        &lt;property name=&quot;access_key&quot;&gt;****&lt;/property&gt;</div><div>                        &lt;property name=&quot;secret_access_key&quot;&gt;****&lt;/property&gt;</div><div>                    &lt;/protocol&gt;</div><div>                    &lt;!-- &lt;protocol type=&quot;MPING&quot; socket-binding=&quot;jgroups-mping&quot;/&gt; --&gt;</div><div>                    &lt;protocol type=&quot;MERGE3&quot;/&gt;</div><div>                    &lt;protocol type=&quot;FD_SOCK&quot; socket-binding=&quot;jgroups-tcp-fd&quot;/&gt;</div><div>                    &lt;protocol type=&quot;FD&quot;/&gt;</div><div>                    &lt;protocol type=&quot;VERIFY_SUSPECT&quot;/&gt;</div><div>                    &lt;protocol type=&quot;pbcast.NAKACK2&quot;/&gt;</div><div>                    &lt;protocol type=&quot;UNICAST3&quot;/&gt;</div><div>                    &lt;protocol type=&quot;pbcast.STABLE&quot;/&gt;</div><div>                    &lt;protocol type=&quot;pbcast.GMS&quot;/&gt;</div><div>                    &lt;protocol type=&quot;MFC&quot;/&gt;</div><div>                    &lt;protocol type=&quot;FRAG2&quot;/&gt;</div><div>                    &lt;protocol type=&quot;RSVP&quot;/&gt;</div><div>                &lt;/stack&gt;</div><div>...</div><div>    &lt;interfaces&gt;</div><div>        &lt;interface name=&quot;management&quot;&gt;</div><div>                &lt;nic name=&quot;eth0&quot;/&gt;</div><div>        &lt;/interface&gt;</div><div>        &lt;interface name=&quot;public&quot;&gt;</div><div>            &lt;nic name=&quot;eth0&quot;/&gt;</div><div>        &lt;/interface&gt;</div><div>        &lt;!-- TODO - only show this if the jacorb subsystem is added  --&gt;</div><div>        &lt;interface name=&quot;unsecure&quot;&gt;</div><div>            &lt;!--</div><div>              ~  Used for IIOP sockets in the standard configuration.</div><div>              ~                  To secure JacORB you need to setup SSL</div><div>              --&gt;</div><div>            &lt;nic name=&quot;eth0&quot;/&gt;</div><div>        &lt;/interface&gt;</div><div>    &lt;/interfaces&gt;</div><div><br></div><div><span style="white-space:pre-wrap">        </span></div><div>- keycloak-server.json</div><div>{</div><div>    &quot;providers&quot;: [</div><div>        &quot;classpath:${jboss.server.config.dir}/providers/*&quot;</div><div>    ],</div><div><br></div><div>    &quot;admin&quot;: {</div><div>        &quot;realm&quot;: &quot;master&quot;</div><div>    },</div><div><br></div><div>    &quot;eventsStore&quot;: {</div><div>        &quot;provider&quot;: &quot;jpa&quot;,</div><div>        &quot;jpa&quot;: {</div><div>            &quot;exclude-events&quot;: [ &quot;REFRESH_TOKEN&quot; ]</div><div>        }</div><div>    },</div><div><br></div><div>    &quot;realm&quot;: {</div><div>        &quot;provider&quot;: &quot;jpa&quot;</div><div>    },</div><div><br></div><div>    &quot;user&quot;: {</div><div>        &quot;provider&quot;: &quot;jpa&quot;</div><div>    },</div><div><br></div><div>    &quot;userSessionPersister&quot;: {</div><div>        &quot;provider&quot;: &quot;jpa&quot;</div><div>    },</div><div><br></div><div>    &quot;timer&quot;: {</div><div>        &quot;provider&quot;: &quot;basic&quot;</div><div>    },</div><div><br></div><div>    &quot;theme&quot;: {</div><div>        &quot;default&quot;: &quot;keycloak&quot;,</div><div>        &quot;staticMaxAge&quot;: 2592000,</div><div>        &quot;cacheTemplates&quot;: true,</div><div>        &quot;cacheThemes&quot;: true,</div><div>        &quot;folder&quot;: {</div><div>          &quot;dir&quot;: &quot;${jboss.server.config.dir}/themes&quot;</div><div>        }</div><div>    },</div><div><br></div><div>    &quot;scheduled&quot;: {</div><div>        &quot;interval&quot;: 900</div><div>    },</div><div><br></div><div>    &quot;connectionsHttpClient&quot;: {</div><div>        &quot;default&quot;: {</div><div>            &quot;disable-trust-manager&quot;: true</div><div>        }</div><div>    },</div><div><br></div><div>    &quot;connectionsJpa&quot;: {</div><div>        &quot;default&quot;: {</div><div>            &quot;dataSource&quot;: &quot;java:jboss/datasources/PgDskeycloak&quot;,</div><div>            &quot;databaseSchema&quot;: &quot;update&quot;</div><div>        }</div><div>    },</div><div><br></div><div>    &quot;connectionsInfinispan&quot;: {</div><div>        &quot;default&quot; : {</div><div>            &quot;cacheContainer&quot; : &quot;java:jboss/infinispan/Keycloak&quot;</div><div>        }</div><div>    }</div><div>}</div><div><br></div><div><div><div dir="ltr"><div><div dir="ltr"><table width="100%" cellpadding="0" cellspacing="0" style="font-family:&#39;Times New Roman&#39;"><tbody><tr><td colspan="4" height="20"></td></tr><tr><td valign="top" align="left"><table cellpadding="0" cellspacing="0"><tbody><tr><td width="20"></td><td style="font-family:&#39;Exo 2&#39;,helvetica,arial,sans-serif"><font color="#333333"><span style="line-height:1em;font-size:20px">CHARLES-EDOUARD GAGNAIRE</span></font><br><font color="#6c6c6c"><span style="line-height:1.4em;font-style:italic;font-size:14px">SysAdmin</span></font> <br><font size="2"><a href="mailto:c.gagnaire@kreactive.com" style="text-decoration:none;line-height:2em" target="_blank"><font color="#B60018" style="font-size:13px">c.gagnaire@kreactive.com</font></a><br><font color="#333333" style="line-height:1em;font-size:14px">p. 06.27.80.28.53</font></font><table cellpadding="0" cellspacing="0"><tbody><tr><td height="20"></td></tr><tr><td valign="top"><font face="&#39;Exo 2&#39;, helvetica,arial,sans-serif" size="1"><font color="#333333" style="font-style:italic;font-size:11px">LYON &quot;Le Capitole&quot;</font><br><font color="#333333" style="font-style:italic;font-size:10px">97, cours Gambetta<br>69481 Lyon Cedex 03</font> </font><br><br><font face="&#39;Exo 2&#39;, helvetica,arial,sans-serif" size="1"><font color="#333333" style="font-style:italic;font-size:11px">PARIS</font><br><font color="#333333" style="font-style:italic;font-size:10px">16, rue de Turbigo<br>75002 Paris</font></font></td></tr></tbody></table></td></tr></tbody></table></td><td align="center" valign="middle"><img src="http://s3.amazonaws.com/signature_kreactive/kt-signatures/place1.gif"></td><td valign="middle" align="right" style="line-height:0.8em;font-family:helvetica,arial,sans-serif"><div style="width:132px;text-align:center"><a href="http://www.kreactive.com/" target="_blank"><img src="http://s3.amazonaws.com/signature_kreactive/kt-signatures/kreactive-corporate.png" alt="Kreactive" width="132" height="90" border="0"></a><br><br><br><a href="https://www.facebook.com/kreactive" target="_blank"><img src="http://s3.amazonaws.com/signature_kreactive/kt-signatures/icon-facebook-kreactive.gif" border="0" alt="Facebook" width="17" height="17"></a> <a href="https://twitter.com/kreactive" target="_blank"><img src="http://s3.amazonaws.com/signature_kreactive/kt-signatures/icon-twitter-kreactive.gif" border="0" alt="Twitter" width="17" height="17"></a></div></td><td width="15"></td></tr><tr><td colspan="4" height="10"></td></tr><tr><td colspan="4" height="4" bgcolor="#B60018"></td></tr></tbody></table></div></div></div></div></div>
</div>
<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>