Hi,
Correction, I *thought* everything was running in Wildfly domain mode. It turns out I
just got lucky by hitting the same server node in my initial test. After a reboot and
further testing today, I’m not able to login to the Keycloak admin console when both nodes
in my cluster are running. After attempting login, I am either taken back to a blank
login page, or I see error “Unknown code, please login again through your application.”
Once in awhile, I can login without error. I should note that I’m using an Apache reverse
proxy via mod_cluster.
I see no errors in the server logs. I do see message “JBAS010281: Started <x> cache
from keycloak container” for each of “realms”, “sessions”, “loginFailures”, “users”. So,
it looks like my domain config is working. However, I can’t tell for sure that Keycloak
is attempting to use the infinispan caches. Some additional log output showing the values
from keycloak-server.json would be helpful. I used the CLI to upload
“/profile=full-ha/subsystem=keycloak/auth-server=keycloak-1/:update-server-config(bytes-to-upload=/usr/local/wildfly/domain/configuration/keycloak-server.json~,overwrite=true)”
The response was “success” and then I restarted Wildfly on both nodes in the cluster.
Has anyone been able to get Keycloak 1.1 Beta 2 working in a wildfly domain, and using
mod_cluster? If so, could you please provide guidance?
Thanks,
John
From: Schneider, John DODGE CONSULTING SERVICES, LLC
Sent: Monday, December 08, 2014 6:43 PM
To: keycloak-user(a)lists.jboss.org
Subject: 1.1 documentation update for running in domain HA mode
Hi guys,
Thanks so much for getting clustering support working in 1.1. I have it up and running
well in a Wildfly 8 domain setup under the “full-ha” profile. One thing that I was
pulling my hair out about for a while today were some errors related to Infinispan config.
I figured out that if running in HA cluster, you must include the “transport” element
under the cache-container config (i.e. <transport lock-timeout=”60000” />). It
would be great if you could update Chapter 23 of the documentation to reflect this
requirement.
Thanks,
John