[keycloak-user] Keycloak in Azure cloud

Harrie Hoogeveen - BVA H.Hoogeveen at bva-auctions.com
Fri Apr 12 10:11:15 EDT 2019


Hello,

I am Harrie working for a auction company and we are trying to do a POC with running Keycloak in the cloud. We face the problem that a sync network between node is not really a cloud friendly solution (costs and scalabillety) and we have been trying to to run Keycloak (5) in high availability mode with shared caches.
So far we ported the old redis cache driver to the new Keycloak / infinispan version by loading it as a JBoss module. It seemed very successful at first. Loading of the store works:

<local-cache name="sessions" module="tbacachestore">
    <store class="com.tbauctions.tbacachestore.TbaCacheStoreConf" shared="true" passivation="false"/>
</local-cache>

And if we put passivation=true and shared=false, it actually writes to it when it shutsdown and reads the sessions again when starting up. But that of course does not leave us with a realtime shared cache. When we configure it as a write through cache. It also actually starts doing live reads and deletes, but somehow it never writes to the cache store. We tried many different overwrites, took a look at the casandara implementation and tried al kinds of cache configs. local-cache, replicated-cache, distrubed-cache with different amounts of owners. But so far no luck and we got stuck. We read about successful implementations like this, but always on older versions that do not apply to the current version. So I have some questions.
1) Is this actually a approach that is still supported, and if not, what is your advice on running in the cloud to make sure on node lost or restart we do not loose the active sessions?
2) Is there a good example / documentation on how to implement a shared cache on which multiple nodes read and write so they share sessions for the current 5.0.0 version, without using the cache sync network?

Also, if I am not complying with any netiquettes, please let me know. Its been a while after the last time I used a mailing list.

Best regards,
Harrie Hoogeveen


Met vriendelijke groet,
Kind regards,

Harrie Hoogeveen

________________________________


Harrie Hoogeveen - BVA [cid:BVA_logo_28399888-555e-4d9d-9d46-bb4fa642bca0.png]  <https://www.bva-auctions.com/>


E.      H.Hoogeveen at bva-auctions.com
T.

PO Box 1838
3800 BV Amersfoort
the Netherlands

Kryptonweg 8
3812 RZ Amersfoort
the Netherlands

https://www.bva-auctions.com<http://www.bva-auctions.com/>


________________________________
This email and any attachments may contain confidential material and is solely for the use of the intended recipient(s). If you have received this email in error, please notify the sender immediately and delete this email. If you are not the intended recipient(s), you must not use, retain or disclose any information contained in this email. BVA Auctions does not guarantee that this email or any attachments are free from viruses or 100% secure. Unless expressly stated in the body of the text of the email, this email is not intended to form a binding contract. The general terms and conditions of BVA Auctions, which include a limitation of liability, are applicable to all work and services. Contact information and the terms and conditions are available on request and can also be found on https://www.bva-auctions.com. 12/04/2019 16:11 UTC+02:00
________________________________


More information about the keycloak-user mailing list