I’m deploying Keycloak 24.0.5 to AWS ECS Fargate and am running into an odd issue. When I have 30 realms or less, everything works as expected. As soon as I create or import another realm, the admin console no longer loads. The browser console indicates a 400 Bad Request error from /admin/serverinfo. If I delete any realm to bring the total back down to 30, the admin console loads successfully once again.
To make it even more puzzling; when deploying this same image locally I do not encounter this artificial realm limit with /admin/serverinfo, I’m able to create or import realms without issues. This would suggest the issue is with how it is being deployed in ECS, but I haven’t been able to figure out why.
What could be causing this? I haven’t found any errors in the application logs that correlate with this behavior, the normal authentication requests all appear to be successful. I would greatly appreciate thoughts or ideas from the community.
Error after creating realm #31 and reloading the admin console:
Differences in running locally and deployed to a different environment often yields, from my experience, to network and/or database connection problems.
Perhaps it’s worth turning on the DEBUG level on server log output, so there is more information which might be useful!?
@dasniko Thanks for chiming in! I’m not sure about network or database connection issues being the culprit since the server behaves normally as long as the number of realms is below 31. If either were the cause I would expect the issue to present regardless of the number of realms. I’m able to delete realms via kcadm.sh within the container whenever I run into the admin console issue, which would suggest there isn’t an issue with the database connection.
To expand a bit further on my setup; networking consists of an AWS application load balancer that forwards all HTTPS traffic to the ECS container, and the database is a PostgreSQL cluster running in RDS.
I have DEBUG logs enabled but so far have not found anything to indicate what the problem might be.