3:11 a.m.
Hey Meissa,
Graham is 100% correct.
The only thing I could add is that OpenShift Pods are not allowed to query
Kubernetes API by default (you need to create a RoleBinding and a
ServiceAccount to do that). Therefore, I recommend DNS_PING for OpenShift
and KUBE_PING/DNS_PING (depending whether you'd like to create an
additional HeadlessService) for vanilla Kube.
Thanks,
Sebastian
On Tue, Oct 30, 2018 at 5:14 PM Graham Burgess <graham.burgess(a)razer.com>
wrote:
Meissa,
I believe the difference is in how it gets the data about the instances in
the cluster. DNS_PING obviously will use DNS, in a Kubernetes env you will
want to setup a headless service for that so it gets all the IPs for all
the instances. As for KUBE_PING, well that uses the Kubernetes API directly
to determine the IPs of the instances.
I run vanilla Kubernetes clusters so I don't know how the difference with
OS will effect my beliefs. However, I would probably recommend just using
DNS_PING and making sure that there is a headless service as well as a
normal service for Keycloak. It would seem to be the more generic method
for sure.
Best regards,
Graham Burgess
RΛZΞR|stormmore
Sr. DevOps Engineer (USA)
Email: graham.burgess(a)razer.com
DID: (415) 374 0639 <(415)%20374-0639>
Razer Inc. Stock Code: 1337.HK
IMPORTANT NOTICE: This e-mail may be confidential, legally privileged or
otherwise protected from disclosure. If you are not an intended recipient,
do not copy, distribute or use its contents. Do inform the sender that you
have received the message in error and delete it from your system. E-mails
are not secure and may suffer errors, computer viruses, delay, interception
and amendment. Razer accepts neither risk nor liability for any damage or
loss caused by this e-mail. To the extent permitted by applicable law,
Razer reserves the right to retain, monitor and intercept e-mails to and
from its systems.
-----Original Message-----
From: keycloak-user-bounces(a)lists.jboss.org <
keycloak-user-bounces(a)lists.jboss.org> On Behalf Of Meissa M'baye Sakho
Sent: Tuesday, October 30, 2018 3:56 AM
To: keycloak-user <keycloak-user(a)lists.jboss.org>
Subject: [keycloak-user] kubernetes discovery protocol for JGroups
Hello everyone,
Can someone tell me the difference between the dns.DNS_PING and
kubernetes.KUBE_PING protocols that we could use to enable keycloak
clustering?
It seems like both of them could be used in a kubernetes environment but I
can't see a documentation clearly explaining the difference between them.
I would like to knwo which one is relevant in a openshift environnement
which one is in a non openshift environnement.
The official githup repo [1] does not say a lot about that?
[1]=https://github.com/jgroups-extras/jgroups-kubernetes/
Regards,
Meissa
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user