[keycloak-user] Clustered Keycloak in Kubernetes
Staffan
solsson at gmail.com
Fri Feb 24 02:38:57 EST 2017
Hi,
I got a direct question based on the mailing list thread
http://lists.jboss.org/pipermail/keycloak-user/2016-November/008470.html.
The author tried different <inet-address value="${jboss.bind.address}"/>
values in standalone-ha.xml but failed to get docker containers to
"discover" each other.
Here's is my reply, which I think should be in the mailing list as well:
I never got the default JGroups config - UDP broadcast - to work in
Kubernetes (except in single-node testing). May work in some k8s clusters,
but I ended up switching to TCP. Instead of broadcast I chose JDBC for
jgroups "ping". I summarized my conclusions in https://github.com/jboss-
dockerfiles/keycloak/pull/62.
Regarding port binding I ended up using the interface "eth0" instead of an
IP. It allowed external connections in all docker contexts I tested,
without being specific to a network setup.
You can see the config changes produced by the PR as a diff in the build
output, for example: https://hub.docker.com/r/solsson/keycloak-ha-mysql/
builds/btueapadj2mhwhuggjbne4j/
regards
/Staffan
More information about the keycloak-user
mailing list