Yeah something like this I had in mind.
Currently all our services a stateless REST services that don't need
something like a session or replication or such.
Having to setup some Wildfly specific cluster in AWS would put an extra
burden to our DevOps. Not sure how big the pain is though :).
So the question is not about Wildfly and how to setup a cluster in AWS,
but more like, what KC needs to function properly.
Does it heavily rely on Wildfly/JEE (EJBs, distributed TX etc.) to
function properly or is it just a "goodie" that comes with Wildfly
out-of-the-box (loadbalancing, failover etc.)?
E.g. does it really need session replication? What does the cache need
to function properly? Maybe it supports redis? Things like that.
I wonder If someone has a running setup working on AWS without spinning
up a Wildfly cluster and just relying on AWS ELB and maybe sticky
sessions with isolated KC instances.
Am 04.08.2017 um 16:32 schrieb Phillip Fleischer:
I wonder if you completely disabled caching in configuration if that
would work with no additional changes. Obviously not ideal for
performance.
We definitely are using jgroups for this though.
------------------------------------------------------------------------
*From:* John Bartko <john.bartko(a)drillinginfo.com>
*Sent:* Friday, August 4, 2017 10:18:45 AM
*To:* Veit Guna; keycloak-user(a)lists.jboss.org; Phillip Fleischer
*Subject:* Re: [keycloak-user] AWS ELB
I believe it is the case that either nodes must replicate the session
cache, or the LB must use some sort of session affinity.
------------------------------------------------------------------------
*From:* keycloak-user-bounces(a)lists.jboss.org
<keycloak-user-bounces(a)lists.jboss.org> on behalf of Phillip Fleischer
<pcfleischer(a)outlook.com>
*Sent:* Friday, August 4, 2017 8:12:12 AM
*To:* Veit Guna; keycloak-user(a)lists.jboss.org
*Subject:* Re: [keycloak-user] AWS ELB
I believe this is pretty well documented somewhere.
Unless I recall incorrectly, Even with multiple node in standalone you
still need clustering setup for many operations. Since clustering uses
multicast by default you'll need to use jgroups backed by a database
provider of some sort.
If you search around I believe this is all out on documentation you
might need to search jboss docs instead of keycloak though.
________________________________
From: keycloak-user-bounces(a)lists.jboss.org
<keycloak-user-bounces(a)lists.jboss.org> on behalf of Veit Guna
<veit.guna(a)gmx.de>
Sent: Friday, August 4, 2017 8:05:38 AM
To: keycloak-user(a)lists.jboss.org
Subject: [keycloak-user] AWS ELB
Hi.
My company plans to use KC for central authentication and authorization
for multiple microservice backends and frontends.
Since all our services are running on AWS, we're wondering whether it is
a problem to use the AWS ELBs and not the wildfly clustering.
So my question is, is it a requirement to use the wildfly clustering
capabilities to be able to get a working, scalable KC?
What might not work or even break if we just load balance against
isolated KC instances which maybe share the same storage/db?
Thanks!
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user