Re: [keycloak-user] Losing some sessions during clustering
It sounds like sessions distributed-cache is not being replicated.
From the Install/Config documentation on cache replication
<https://keycloak.gitbooks.io/server-installation-and-configuration/conten...;:
"By default, Keycloak only specifies one owner for data. So if that one
node goes down that data is lost. This usually means that users will be
logged out and will have to login again."
jboss-cli snippet:
/subsystem=infinispan/cache-container=keycloak/distributed-cache=sessions:write-attribute(name=owners,
value=2)
Hope that helps,
-John Bartko
On Thu, Nov 3, 2016 at 12:08 PM, Chris Hairfield <chairfield(a)gmail.com>
wrote:
Hello Keycloak users,
We're seeing strange behavior with the session handling when starting up a
new node. Keycloak doesn't retain all sessions. Here's our experiment:
1. start with 1 node containing a few dozen sessions
2. start node 2 (nodes clustered via JGroups Ping table + infinispan)
3. wait for 10 minutes
4. stop node 1
End result: *some* of the clients connected are forced to log back in. Most
sessions remain.
We're still investigating, so I cannot infer beyond this point at the
moment. I'm simply curious whether anyone knows the following:
- are *all* sessions meant to be migrated to new nodes?
- how long does it take to migrate sessions?
- does a new node wait until sessions are migrated before it enables the
admin interface?
- is there any logic to prune sessions on clustering?
Any thoughts would be greatly appreciated.
Thanks,
Chris
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user