Does KUBE_PING work with the Keycloak 17 (Quarkus distro)?

Configuring the server
1

I downloaded the latest jgroups-kubernetes jar file from this website Maven Central Repository Search and placed it in in lib/lib/main directory of Keycloak 17.0.0

This is my new cache-ispn-kube-ping.xml file

<!-- custom stack goes into the jgroups element -->
<jgroups>
    <stack name="kube-ping-tcp" extends="tcp">
        <org.jgroups.protocols.kubernetes.KUBE_PING
                    namespace="default"
                   stack.combine="REPLACE"
                   stack.position="MPING" />
    </stack>
</jgroups>

<cache-container name="keycloak">
    <!-- custom stack must be referenced by name in the stack attribute of the transport element -->
    <transport lock-timeout="60000" stack="kube-ping-tcp"/>
    <local-cache name="realms">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <memory max-count="10000"/>
    </local-cache>
    <local-cache name="users">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <memory max-count="10000"/>
    </local-cache>
    <distributed-cache name="sessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="authenticationSessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="offlineSessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="clientSessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="offlineClientSessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="loginFailures" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <local-cache name="authorization">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <memory max-count="10000"/>
    </local-cache>
    <replicated-cache name="work">
        <expiration lifespan="-1"/>
    </replicated-cache>
    <local-cache name="keys">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <expiration max-idle="3600000"/>
        <memory max-count="1000"/>
    </local-cache>
    <distributed-cache name="actionTokens" owners="2">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <expiration max-idle="-1" lifespan="-1" interval="300000"/>
        <memory max-count="-1"/>
    </distributed-cache>
</cache-container>

When I execute the command

kc.sh --verbose start-dev --cache=ispn --cache-config-file=cache-ispn-kube-ping.xml

I get the following exception ClassNotFoundException: org.jgroups.protocols.kubernetes.KUBE_PING

2

Try putting it in the providers/ directory. I’ve had problems putting 3rd party jars in any of the lib/ dirs.

2 Likes
3

This actually worked! Thanks!

4

Hi everyone,

im also trying to configure KUBE_PING in order to discover my pods, although still unsuccessful. I created my question on the other Keycloak forum, describing my configuration in detail:

@swati-thapa, are your pods being able to find each other or do you get the same message as me no members discovered ?

I also get the WARN Unable to persist Infinispan internal caches as no global state enabled. Is this maybe the reason why is not working for me? Im not really sure how to fix it.

5

@tse00 For me, the pods were able to find each other, and cluster was formed successfully. But now facing an issue, where although cluster is formed, the Keycloak UI still looks disfigured, which is the same behavior as when the pods don’t find each other.

Also, try placing it in the providers folder

6

I have it in the providers folder. I can see KUBE_PING in the logs being recognize, so that should not be the problem. Is there a specific reason why you use the parameters:

stack.combine="REPLACE"
stack.position="MPING"

?

About your issue, I see “-1” on the configuration of your infinispan. Thats means the lifespan of the distributed-caches are disabled. Try to set it to some positive value like 900000000000000000. I hope it helps.