[keycloak-user] running multiple instances without clustering
Bill Burke
bburke at redhat.com
Mon May 29 21:45:40 EDT 2017
If you do not load balance, but instead just have a hot backup, this
will work so long as its ok that somebody has to relogin. If you do
load balance, then this will not work because OIDC has non-browser
requests ( code-to-token and refresh token).
On 5/29/17 8:37 PM, Sam Davis wrote:
> Hi,
>
> I understand that Keycloak supports clustering, but I am wondering if it is
> possible to run multiple instances of Keycloak using the same configuration
> database *without* using clustering, i.e. using the standalone
> <https://keycloak.gitbooks.io/documentation/server_installation/topics/operating-mode/standalone.html>
> operating mode.
>
> It looks like the only difference between this and using the standalone
> clustered mode is that the caches will not be synchronized between the
> instances. I understand that it could cause some weird behaviour with user
> sessions (e.g. a user logs out on one instance but is still logged in on
> another, or vice versa). Would it cause any more serious problems (e.g.
> corrupt configuration database) or create security vulnerabilities?
>
> The use case is that my application bundles Keycloak and the application
> and Keycloak run on the same server. If the server goes down, another
> instance of the application on another server will take over, and that
> instance will redirect users to another keycloak instance running on that
> server. So I don't really need clustering, since normally only a single
> Keycloak instance will actually be used at a time and will only be used by
> a single application.
>
> Thanks,
> Sam
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list