I suggest that you try the WildFly mailing list and documentation. You may also need to learn a bit about jgroups. On 6/21/2017 9:35 AM, Marc Tempelmeier wrote:

Hi, thanks, we went with docker swarm, where we have other services already. So I want to try to get the unicast working. I´ll take a look at JDBC_PING though. -----Ursprüngliche Nachricht----- Von: Schuster Sebastian (INST/ESY1) [mailto:Sebastian.Schuster@bosch-si.com] Gesendet: Wednesday, June 21, 2017 4:31 PM An: Marc Tempelmeier <marc.tempelmeier(a)flane.de>; keycloak-user(a)lists.jboss.org Betreff: RE: Unicast Hi Marc, I don't have production experience with it yet, but you can setup JGroups discovery to use the DB (JDBC_PING) instead of multicast. You can see how this works on Kubernetes and MySQL for example at https://github.com/Reposoft/keycloak-ha-kubernetes/tree/keycloak3-ha-mysq.... Using Minikube (https://github.com/kubernetes/minikube) you will have a Keycloak cluster running in no time (if you don’t try to mount persistent volumes for the DB from the host as I did :) Best regards, Sebastian Mit freundlichen Grüßen / Best regards Sebastian Schuster Engineering and Support (INST/ESY1) Bosch Software Innovations GmbH | Schöneberger Ufer 89-91 | 10785 Berlin | GERMANY | www.bosch-si.com Tel. +49 30 726112-485 | Fax +49 30 726112-100 | Sebastian.Schuster(a)bosch-si.com Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B Geschäftsführung: Dr.-Ing. Rainer Kallenbach, Michael Hahn

Thanks! I got it working 15 mins ago actually: <subsystem xmlns="urn:jboss:domain:jgroups:4.0"> <channels default="ee"> <channel name="ee" stack="tcp"/> </channels> <stacks> <stack name="udp"> <transport type="UDP" socket-binding="jgroups-udp"/> <protocol type="PING"/> <protocol type="MERGE3"/> <protocol type="FD_SOCK" socket-binding="jgroups-udp-fd"/> <protocol type="FD_ALL"/> <protocol type="VERIFY_SUSPECT"/> <protocol type="pbcast.NAKACK2"/> <protocol type="UNICAST3"/> <protocol type="pbcast.STABLE"/> <protocol type="pbcast.GMS"/> <protocol type="UFC"/> <protocol type="MFC"/> <protocol type="FRAG2"/> </stack> <stack name="tcp"> <transport type="TCP" socket-binding="jgroups-tcp"/> <protocol type="TCPPING"> <property name="initial_hosts">slave1[7600],slave2[7600],slave37600]</property> <property name="port_range">10</property> <property name="join_timeout">3000</property> </protocol> <protocol type="MERGE3"/> <protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/> <protocol type="FD"/> <protocol type="VERIFY_SUSPECT"/> <protocol type="pbcast.NAKACK2"/> <protocol type="UNICAST3"/> <protocol type="pbcast.STABLE"/> <protocol type="pbcast.GMS"/> <protocol type="MFC"/> <protocol type="FRAG2"/> </stack> </stacks> </subsystem> I hope it will last the night though ☺ Von: Thomas Darimont [mailto:thomas.darimont@googlemail.com] Gesendet: Wednesday, June 21, 2017 6:29 PM An: Marc Tempelmeier <marc.tempelmeier(a)flane.de&gt; Cc: Schuster Sebastian (INST/ESY1) <Sebastian.Schuster(a)bosch-si.com>; keycloak-user(a)lists.jboss.org Betreff: Re: [keycloak-user] Unicast Hello Marc, the following infinispan unicast configuration is working well for us at the moment with Keycloak 2.5.5.Final in Docker: echo SETUP: Configure JGroups clustering with TCP-Unicast # Add the participating host entries for initial discovery in the form "host[port]" - quotes are required, e.g. "host1[7800],host2[4711]". Default port is 7800. echo SETUP: Configure JGroups and Infinispan to use TCP-Unicast instead of UDP-Multicast /subsystem=jgroups/stack=unicast-tcp:add(transport={type=>TCP,socket-binding=>jgroups-tcp}, protocols=[]) /subsystem=jgroups/stack=unicast-tcp/transport=TCP/property=bind_port/:add(value=${env.JGROUPS_PORT:7800}) /subsystem=jgroups/stack=unicast-tcp/transport=TCP/property=external_addr/:add(value=${env.JGROUPS_EXTERNAL_IP:127.0.0.1}) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=TCPPING) /subsystem=jgroups/stack=unicast-tcp/protocol=TCPPING/property=initial_hosts/:add(value="${env.JGROUPS_REMOTE_HOSTS:localhost[7800]}") /subsystem=jgroups/stack=unicast-tcp/protocol=TCPPING/property=port_range/:add(value=0) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=MERGE3) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=FD_SOCK) /subsystem=jgroups/stack=unicast-tcp/protocol=FD_SOCK:write-attribute(name=socket-binding,value=jgroups-tcp-fd) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=FD_ALL) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=VERIFY_SUSPECT) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=pbcast.NAKACK2) /subsystem=jgroups/stack=unicast-tcp/protocol=pbcast.NAKACK2/property=use_mcast_xmit/:add(value=false) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=UNICAST3) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=pbcast.STABLE) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=pbcast.GMS) /subsystem=jgroups/stack=unicast-tcp/protocol=pbcast.GMS/property=print_physical_addrs/:add(value=true) /subsystem=jgroups/stack=unicast-tcp/protocol=pbcast.GMS/property=print_local_addr/:add(value=true) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=UFC) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=MFC) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=FRAG2) /subsystem=jgroups/stack=unicast-tcp/:add-protocol(type=RSVP) echo SETUP: Activate JGroups stack unicast-tcp /subsystem=jgroups/:write-attribute(name=default-stack,value=unicast-tcp) /subsystem=jgroups/channel=ee/:write-attribute(name=stack,value=unicast-tcp) echo SETUP: Configure jgroups-tcp socket binding to use public interface /socket-binding-group=standard-sockets/socket-binding=jgroups-tcp/:write-attribute(name=interface,value=public) echo SETUP: Configure replication for Keycloak caches /subsystem=infinispan/cache-container=keycloak/distributed-cache=sessions:write-attribute(name=owners, value=2) /subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineSessions:write-attribute(name=owners, value=2) /subsystem=infinispan/cache-container=keycloak/distributed-cache=loginFailures:write-attribute(name=owners, value=2) /subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization:write-attribute(name=owners, value=2) Cheers, Thomas 2017-06-21 17:28 GMT+02:00 Marc Tempelmeier <marc.tempelmeier@flane.de<mailto:marc.tempelmeier@flane.de>>: Hi, thanks, we went with docker swarm, where we have other services already. So I want to try to get the unicast working. I´ll take a look at JDBC_PING though. -----Ursprüngliche Nachricht----- Von: Schuster Sebastian (INST/ESY1) [mailto:Sebastian.Schuster@bosch-si.com<mailto:Sebastian.Schuster@bosch-si.com>] Gesendet: Wednesday, June 21, 2017 4:31 PM An: Marc Tempelmeier <marc.tempelmeier@flane.de<mailto:marc.tempelmeier@flane.de>>; keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org> Betreff: RE: Unicast Hi Marc, I don't have production experience with it yet, but you can setup JGroups discovery to use the DB (JDBC_PING) instead of multicast. You can see how this works on Kubernetes and MySQL for example at https://github.com/Reposoft/keycloak-ha-kubernetes/tree/keycloak3-ha-mysq.... Using Minikube (https://github.com/kubernetes/minikube) you will have a Keycloak cluster running in no time (if you don’t try to mount persistent volumes for the DB from the host as I did :) Best regards, Sebastian Mit freundlichen Grüßen / Best regards Sebastian Schuster Engineering and Support (INST/ESY1) Bosch Software Innovations GmbH | Schöneberger Ufer 89-91 | 10785 Berlin | GERMANY | www.bosch-si.com<http://www.bosch-si.com> Tel. +49 30 726112-485<tel:%2B49%2030%20726112-485> | Fax +49 30 726112-100<tel:%2B49%2030%20726112-100> | Sebastian.Schuster@bosch-si.com<mailto:Sebastian.Schuster@bosch-si.com> Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B Geschäftsführung: Dr.-Ing. Rainer Kallenbach, Michael Hahn _______________________________________________ keycloak-user mailing list keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-user