Instances with Docker image are warning jgroups different version with DNS_PING (AWS)

I’m running keycloak in AWS Fargate service. I have common Docker image and I’m using DNS_PING for sharing the list of current instance ip address. All instances are complaining about version mismatch:

[0me[33m13:15:43,480 WARN [org.jgroups.protocols.TCP] (Connection.Receiver [ -]-87,ejb,ip-10-207-156-133) JGRP000010: packet from has different version (0.8.2) than ours (4.1.4); packet is discarded (received 3 identical messages from in the last 86016 ms)

The version 0.8.2 <-> 4.1.4 is strange. All instances are using Jboss Keycloak 9.0.2 image.

What can cause the issue? The user SSL is handled by AWS ALB but ALB>Keycloak is done via 8443.

Can the problem be that each container creates their own certificate and others do not trust to it?

I figured out the issue.

The actual problem was that I published instances to AWS CloudMap DNS directory as SRV records. The AWS Fargate puts the default port (HTTPS, 8443) to CloudMap and that was causing the strange version mismatch. I learned that JGroups DNS_PING uses TCP protocol after resolving instances and default port is 7600 for clustering setup.

I changed to DNS type to A and it published only ip address. Now it was using default TCP port 7600 for clustering and everything seems to be fine.

Hi @heikkis, please can you share your DNS_PING configuration…
I’m also running Keycloak (v 19.0.0) in AWS Fargate. I could make the clustering work using JDBC_PING but having difficulties with DNS_PING. No obvious errors in the logs but I just have this endpoint returning 401