[keycloak-user] Keycloak Clustering, other instance logs me out

John Bartko john.bartko at drillinginfo.com
Wed Mar 30 11:23:25 EDT 2016


When clustering across separate hosts, I had to change the jgroups-udp
socket binding to listen on the public interface (binds to loopback by
default).

On Wed, Mar 30, 2016 at 5:52 AM, Marek Posolda <mposolda at redhat.com> wrote:

>
> When you start the second instance, are you seeing something like this in
> log of both servers?
>
> INFO  [org.infinispan.remoting.transport.jgroups.JGroupsTransport]
> (Incoming-10,shared=udp)
> ISPN000094: Received new cluster view: [node1/keycloak|1] (2)
> [node1/keycloak, node2/keycloak]
>
> If not, then clustering doesn't work properly and the servers doesn't form
> a cluster with each other. From the log you sent, there is just startup of
> one server, which indicates that clustering may not work.
>
> Maybe multicast doesn't work in your network. Either disable
> firewall/selinux/whatever to have multicast working or switch to TCP
> JGroups channel instead of UDP. See the Wildfly and JGroups documentation
> for more details.
>
> Also I personally use the virtual hosts to test clustering of 2 servers on
> same machine (Ie. have virtual servers like kc1:8080 and kc2:8080) . Using
> same host but differ just in port number ( host:8080 and host:8081 ) may
> causing mess with cookies, so
> I am personally not using the setup like this.
>
> Marek
>
>
> On 30/03/16 08:38, Sarp Kaya wrote:
>
> I have tried using standalone-ha.xml with shared database. I thought that
> would be enough but it seems like it’s not. The problem is
>
> I log into kc1 instance, and subsequent requests are authenticated.
> Then I try viewing
> host:8080/auth/realms/master/account
> Which is also authenticated.
>
> Then I try to view this on kc1 by changing port like:
> host:8081/auth/realms/master/account
>
> At this point I expect to see same page. However I get prompted for login
> for both kc1 and kc2. I see no logs at this point.
>
> So now I have switched to using keycloak-ha-postgres because it seemed to
> me that it comes clustering enabled out of box. So I nearly did exactly
> what this page:
>
> https://hub.docker.com/r/jboss/keycloak-ha-postgres/builds/benk6w5cgdmrqonrxvu3bfu/
>  told me to so. The only difference that I have done is adding ports (with
> –p 8080:8080 to one instance and –p 8081:8080 to the another one) and
> adding a new user.
>
> Once I start the I get this log:
>
> 05:28:49,888 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-1) ISPN000078: Starting JGroups channel keycloak
>
> 05:28:49,893 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-2) ISPN000078: Starting JGroups channel server
>
> 05:28:49,902 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-1) ISPN000094: Received new cluster view for channel keycloak:
> [a05014a5dc24|0] (1) [a05014a5dc24]
>
> 05:28:49,907 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-1) ISPN000079: Channel keycloak local address is a05014a5dc24,
> physical addresses are [127.0.0.1:55200]
>
> 05:28:49,902 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-2) ISPN000094: Received new cluster view for channel server:
> [a05014a5dc24|0] (1) [a05014a5dc24]
>
> 05:28:49,914 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-2) ISPN000079: Channel server local address is a05014a5dc24,
> physical addresses are [127.0.0.1:55200]
>
> 05:28:49,925 INFO  [org.infinispan.factories.GlobalComponentRegistry] (MSC
> service thread 1-2) ISPN000128: Infinispan version: Infinispan 'Mahou'
> 8.1.0.Final
>
> 05:28:49,926 INFO  [org.infinispan.factories.GlobalComponentRegistry] (MSC
> service thread 1-1) ISPN000128: Infinispan version: Infinispan 'Mahou'
> 8.1.0.Final
>
> 05:28:49,978 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-2) ISPN000078: Starting JGroups channel web
>
> 05:28:49,982 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-2) ISPN000094: Received new cluster view for channel web:
> [a05014a5dc24|0] (1) [a05014a5dc24]
>
> 05:28:49,984 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-2) ISPN000079: Channel web local address is a05014a5dc24, physical
> addresses are [127.0.0.1:55200]
>
> 05:28:49,985 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-1) ISPN000078: Starting JGroups channel hibernate
>
> 05:28:49,986 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-1) ISPN000094: Received new cluster view for channel hibernate:
> [a05014a5dc24|0] (1) [a05014a5dc24]
>
> 05:28:49,987 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-1) ISPN000079: Channel hibernate local address is a05014a5dc24,
> physical addresses are [127.0.0.1:55200]
>
> 05:28:50,028 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-1) ISPN000078: Starting JGroups channel ejb
>
> 05:28:50,030 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-1) ISPN000094: Received new cluster view for channel ejb:
> [a05014a5dc24|0] (1) [a05014a5dc24]
>
> 05:28:50,031 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service
> thread 1-1) ISPN000079: Channel ejb local address is a05014a5dc24, physical
> addresses are [127.0.0.1:55200]
>
> 05:28:50,357 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 56) WFLYCLINF0002: Started realmVersions cache from keycloak
> container
>
> 05:28:50,391 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 54) WFLYCLINF0002: Started offlineSessions cache from
> keycloak container
>
> 05:28:50,397 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 55) WFLYCLINF0002: Started loginFailures cache from keycloak
> container
>
> 05:28:50,396 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 52) WFLYCLINF0002: Started sessions cache from keycloak
> container
>
> 05:28:50,392 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 53) WFLYCLINF0002: Started realms cache from keycloak
> container
>
> 05:28:50,399 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 51) WFLYCLINF0002: Started users cache from keycloak
> container
>
> 05:28:50,402 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 50) WFLYCLINF0002: Started work cache from keycloak container
>
>
> However I still have the same issue as above (I get logged out). Also I
> don’t get any new logs for the entire log-in, log-out processes.
>
> Am I doing something wrong?
> Thanks,
> Sarp
>
>
> _______________________________________________
> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160330/278967aa/attachment-0001.html 


More information about the keycloak-user mailing list