Again inside text are my answers.On Wed, Nov 4, 2015 at 2:49 PM, Marko Strukelj <mstrukel@redhat.com> wrote:Your log.txt doesn't look right. Only a host controller is started - no server running your idbt-ha profile is started at all.There should be entries in the log looking like:[Server:configuration-server-demosetup] 15:58:05,712 INFO [org.jboss.modules] (main) JBoss Modules version 1.4.3.Final
[Server:configuration-server-demosetup] 15:58:06,017 INFO [org.jboss.msc] (main) JBoss MSC version 1.2.6.Final
[Server:configuration-server-demosetup] 15:58:06,118 INFO [org.jboss.as] (MSC service thread 1-6) WFLYSRV0049: WildFly Full 9.0.1.Final (WildFly Core 1.0.1.Final) starting...In log /opt/wildfly-9.0.1.Final/domain/log/host-controller.log are presnt your requested lines (log.txt was copied from command line)2015-11-04 13:38:43,479 INFO [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0023: Starting server configuration-server-demosetup2015-11-04 13:38:46,125 INFO [org.jboss.as.host.controller] (Remoting "demosetup:MANAGEMENT" task-4) WFLYHC0021: Server [Server:configuration-server-demosetup] connected using connection [Channel ID 656dd302 (inbound) of Remoting connection 1d425566 to /127.0.0.1:50449]2015-11-04 13:38:46,193 INFO [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0023: Starting server authentication-server-demosetup2015-11-04 13:38:46,246 INFO [org.jboss.as.host.controller] (server-registration-threads - 1) WFLYHC0020: Registering server configuration-server-demosetup2015-11-04 13:38:53,794 INFO [org.jboss.as.host.controller] (Remoting "demosetup:MANAGEMENT" task-8) WFLYHC0021: Server [Server:authentication-server-demosetup] connected using connection [Channel ID 3e8ad11c (inbound) of Remoting connection 67282c6a to /127.0.0.1:52804]2015-11-04 13:38:53,867 INFO [org.jboss.as.host.controller] (server-registration-threads - 1) WFLYHC0020: Registering server authentication-server-demosetupThere must be a problem with your host.xml file. You should have a server definition there referring to one of your server groups, for example:
<servers>
<server name="configuration-server-demosetup" group="group-authentication"/>...</servers>I attached host-idbt.xml now and from my point of view it looks fine.Also, in domain-idbt.xml your Infinispan cache is configured to be local. For distributed setup you should be using distributed Infinispan cache:<cache-container name="keycloak" jndi-name="infinispan/Keycloak">
<transport lock-timeout="60000"/>
<invalidation-cache name="realms" mode="SYNC"/>
<invalidation-cache name="users" mode="SYNC"/>
<distributed-cache name="sessions" mode="SYNC" owners="1"/>
<distributed-cache name="loginFailures" mode="SYNC" owners="1"/>
</cache-container>In previous attached domain-idbt.xml I configured Infinispan cache like local not distributed, is it conflict, have to be in HA mode?On Wed, Nov 4, 2015 at 2:20 PM, Andrej P <ado.boj.83@gmail.com> wrote:Hi Marko,thanks for your hints, I went through but still w/o positive result.I will write my comments inside your hints.I attached 2 files: domain-idbt.xml - with added sections for keycloaklog.txt - log after start wildfly in command lineBr,Andrej.On Tue, Nov 3, 2015 at 4:24 PM, Marko Strukelj <mstrukel@redhat.com> wrote:From your descriptions of the problem it sounds like your server-one which binds to port 8080 doesn't have keycloak-server configured at all - it's using a server group, that uses a different profile than the one you configured.Our group/server/profile setup looks like:
GROUP SERVER PROFILE configuration configuration-server-demosetup idbt-ha authentication authentication-server-demosetup idbt-ha There are four profiles in the default domain.xml - default, ha, full, and full-haIn our domain-idbt.xml are only 2 profiles:idbt-ha and idbt-security and I modified inifinispan for idbt-ha (but ha is only in name not used inside configuration)If you want your multiple Keycloak instances to run in high availability mode, using a shared Infinispan cache, and a shared database, then that's the most complex of all configurations - you have to setup a standalone database, use "full-ha" profile to configure the datasource with proper database connection url, and configure the distributed Infinispan cache. Also add <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1"> declaration.I created Keycloak_DS, which was before missing.I add : extension; inifinispan and subsystem section for Keycloak inside my domain-idbt.xml (I attached finally modified domain-idbt.xml) Pls you can check it inside.In server-groups section define a new group or reuse existing one, and set its profile to "full-ha", and use "full-ha-sockets" binding group.In host.xml make sure that server definitions have the proper group set.Then you also have to copy some configurations.Assuming you have two servers defined in host.xml - called server-one, and server-two, create a directory:$WILDFLY_HOME/domain/servers/server-one/configuration$WILDFLY_HOME/domain/servers/server-two/configurationThen copy the following configurations from standalone/configuration:cp $WILDFLY_HOME/standalone/configuration/keycloak-server.json $WILDFLY_HOME/domain/servers/server-one/configuration/cp -r $WILDFLY_HOME/standalone/configuration/themes $WILDFLY_HOME/domain/servers/server-one/configuration/cp -r $WILDFLY_HOME/standalone/configuration/providers $WILDFLY_HOME/domain/servers/server-one/configuration/cp $WILDFLY_HOME/standalone/configuration/keycloak-server.json $WILDFLY_HOME/domain/servers/server-two/configuration/cp -r $WILDFLY_HOME/standalone/configuration/themes $WILDFLY_HOME/domain/servers/server-two/configuration/cp -r $WILDFLY_HOME/standalone/configuration/providers $WILDFLY_HOME/domain/servers/server-two/configuration/Done all creation and copying steps.