7:55 a.m.
Yes/no - RH-SSO is Keycloak 1.9.8.Final, but it's based on top of EAP
rather than WildFly. EAP is by default tuned more for production use, while
WildFly is tuned more for development needs. In either case if you're using
RH-SSO and have a subscription for it you'll get more help from the proper
support staff than we are able to provide on the community forums.
On 14 December 2016 at 14:52, Chris Savory <chris.savory(a)edlogics.com>
wrote:
Okay, we can do that. I thought RH-SSO was based on keycloak 1.9.8
and
the recommended memory settings would be the same.
--
Christopher Savory
Software Engineer | EdLogics
From: Stian Thorgersen <sthorger(a)redhat.com>
Reply-To: "stian(a)redhat.com" <stian(a)redhat.com>
Date: Tuesday, December 13, 2016 at 11:30 PM
To: Chris Savory <chris.savory(a)edlogics.com>
Cc: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>,
Aaron Daniels <aaron.daniels(a)edlogics.com>
Subject: Re: [keycloak-user] Keycloak Memory Settings
For RH-SSO it would be better to raise a support ticket rather than asking
here.
On 13 December 2016 at 21:43, Chris Savory <chris.savory(a)edlogics.com>
wrote:
We are using RH SSO 7.0 and I am performing a loadtest for our site.
Currently I’m stuck at going above 200 virtual users because keycloak gets
to slow at that point and the long running login threads on our site begin
to bog down the rest of the site functions.
Currently we are using SSO Standalone, and are planning to run in cluster
mode as soon as we upgrade to 7.0.2 because of the cluster bug.
https://access.redhat.com/solutions/2427361
While our operations guys are working on getting the cluster functionality
working, I wanted to verify the memory settings on our standalone instance
are optimized and that there wasn’t something we could do there as well.
Here are the current startup settings.
JAVA_OPTS: -server -verbose:gc -Xloggc:"/opt/eap/standalone/log/gc.log"
-XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+UseGCLogFileRotation
-XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=3M -XX:-TraceClassUnloading
-Xms1303m -Xmx1303m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m
-Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=
org.jboss.logmanager,jdk.nashorn.api -Djava.awt.headless=true
-Xbootclasspath/p:/opt/eap/jboss-modules.jar:/opt/eap/
modules/system/layers/base/org/jboss/logmanager/main/
jboss-logmanager-2.0.3.Final-redhat-1.jar:/opt/eap/modules/
system/layers/base/org/jboss/logmanager/ext/main/javax.
json-1.0.4.jar:/opt/eap/modules/system/layers/base/
org/jboss/logmanager/ext/main/jboss-logmanager-ext-1.0.0.Alpha2-redhat-1.jar
-Djava.util.logging.manager=org.jboss.logmanager.LogManager
-javaagent:/opt/eap/jolokia.jar=port=8778,protocol=https,
caCert=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt,
clientPrincipal=cn=system:master-proxy,useSslClientAuthentication=
true,extraClientCheck=true,host=0.0.0.0,discoveryEnabled=false
-Djava.security.egd=file:/dev/./urandom
I’m not sure where all these settings came from as the guy that set it up
is no longer here.
We are running SSO inside a docker container inside of OpenShift
OpenShift Master: v1.2.1
Kubernetes Master: v1.2.0-36-g4a3f9c5
--
Christopher Savory
Software Engineer | EdLogics
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user