Hello everyone,
We have 3 keybloak 15.0.2 servers in production, in “standalone-ha” mode, with a postgresql database.
Following the reboot of our three instances, we lost around 20% of the offline sessions.
To solve this problem, following our research, we’d like to modify our infinispan configuration file, which in its current state is as follows:
<distributed-cache name="offlineClientSessions" owners="1">
<expiration lifespan="900000000000000000"/>
</distributed-cache>
We’d like to change the owner value from 1 to 2 (or 3).
I have some questions about this:
1 - Does this solution seem right to you? And if not, could you help me solve the problem and recover all the offline sessions following the restart of our servers.
2.a - What is the impact on the servers of increasing the owner value?
2.b - Is there a risk of performance degradation, or greater memory consumption?
2.c - In general, are there any drawbacks or technical problems to increasing the owner parameter?
Thanks in advance
Best regards,
Kevin
First of all: KC15 is very(!) old and as bugs in its infinispan version and implementation in Keycloak itself, expecially for offline sessions. So, do yourself a favor and update your environment.
Increasing the owners for offline sessions is IMHO (I might be wrong) without a huge effect, as offline sessions will be stored in the database. But it can be related to the buggy infinispan usage, as above mentioned, that there are errors/failures.
If you increase the owner count, then of course more overall memory is allocated, as the session will be held on more than on node, it’s then allocating memory/resources on the amount or configured owner nodes. Sounds reasonably, right!?
Hello dasniko,
Thank you for your answer.
Yes indeed, we will consider migrating the instances to a higher version.
If I understand correctly, if I have three nodes and:
-
owner=1, I would have x memory consumed on my node 1 to keep offline sessions
-
owner=2, I would have x1 memory consumed on my node 1 and my node 2 or 3 to keep the offline sessions + x2 memory consumed on my node 2 and my node 1 or 3 to keep the offline sessions + x3 memory consumed on my node 3 and my node 1 or 2 to keep offline sessions
-
owner=3, I would have memory x1 + x2 + x3 consumed on my node 1, my node 2 and my node 3 to keep the sessions offline
That’s right ?
Best regards,
Hey,
May I ask how you checked that you have lost the sessions?
I believe we had a similar problem when our three instances were restarted due to failing liveness checks. However, we have been using Keycloak 22.x.x at the time.