[keycloak-user] Enabling High Availability for Keycloak 3.1.0 on AWS ECS Instance
Tonnis Wildeboer
tonnis at autonomic.ai
Thu Sep 14 12:30:14 EDT 2017
Jyoti,
I have been working on similar goal and was finally successful
yesterday. We are using postgres and kubernetes.
Here are the key sources of information that enabled me to succeed:
The big key is here:
https://github.com/devsu/docker-keycloak/tree/master/server-ha-mysql
Use the .xsl templates here to transform on the standalone-ha.xml and
you can see what is being done.
I suggest that you simply use JDBC_PING, since you already have a shared
database.
I think it is instructive to understand what JDBC_PING (and JGroups in
general) are doing:
http://jgroups.org/manual4/index.html
https://developer.jboss.org/wiki/JDBCPING
You may benefit from this also, specifically, the need to bind
jgroups-tcp and jgroups-tcp-fd to the proper interface. Not sure about
your situation.
--Tonnis
____________________
Tonnis Wildeboer
Autonomic.ai Engineering
On 09/14/2017 03:32 AM, Jyoti Kumar Singh wrote:
> Hi Team,
>
> I am trying to enable high availability for Keycloak 3.1.0 on AWS ECS
> instances.
>
> I am running two ECS instances in a cluster setup and also I have
> setup Keycloak
> in a clustered mode. To achieve this, I am using "
> */standalone/configuration/standalone-ha.xml *" file while building the
> docker image. Shared MySQL DB and Load Balancer setup are also in place.
>
> But when I checked Keycloak logs I am not seeing clustered nodes related
> information in logs. I am seeing nodes are not able to see each other. But
> same settings are working fine in DCOS Marathon platform.
>
> Interestingly if I run two Keycloak instances in one AWS ECS instance on
> different ports, I could see clustering related logs in Keycloak.
>
> Is there any standard guidelines which I can follow to achieve HA in AWS
> ECS instance ?? I followed the below discussion thread but it didn't help
> me to fix the issue.
>
> #Link:
> http://lists.jboss.org/pipermail/keycloak-user/2016-February/004940.html
>
More information about the keycloak-user
mailing list