Hello,
I need help in configuring infinispan to discover the keycloak servers in my cluster.
My setup looks like this:
I'm running two keycloak containers (version-19) in docker with a common DB.
keycloak1 and postgres running in an EC2 instance
keycloak2 (another instance) running in an EC2 instance in a different region. Ports are open between these two instances and I'm using the custom stack for jdbc-ping to discover the KC instances, but its not discovered. I can confirm both the EC2 instances can talk to each other and all the containers can talk to each other.
I have also tried adding the public IP of the EC2 instances in the stack like this and I still couldnt get that working. I could not see the JGROUPSPING table created, I guess that is the problem?
<TCP external_addr="*****" />
<jgroups>
<stack name="jdbc-ping-tcp" extends="tcp">
<JDBC_PING connection_driver="org.postgresql.Driver"
connection_username="${env.KC_DB_USERNAME}"
connection_password="${env.KC_DB_PASSWORD}"
connection_url="${env.KC_DB_URL}"
initialize_sql="CREATE TABLE IF NOT EXISTS JGROUPSPING (own_addr varchar(200) NOT NULL, bind_addr VARCHAR(200) NOT NULL, created timestamp NOT NULL, cluster_name varchar(200) NOT NULL, ping_data BYTEA, constraint PK_JGROUPSPING PRIMARY KEY (own_addr, cluster_name));"
insert_single_sql="INSERT INTO JGROUPSPING (own_addr, bind_addr, created, cluster_name, ping_data) values (?,'${jboss.bind.address:127.0.0.1}',NOW(), ?, ?);"
delete_single_sql="DELETE FROM JGROUPSPING WHERE own_addr=? AND cluster_name=?;"
select_all_pingdata_sql="SELECT ping_data FROM JGROUPSPING WHERE cluster_name=?;"
info_writer_sleep_time="500"
remove_all_data_on_view_change="true"
stack.combine="REPLACE"
stack.position="MPING" />
</stack>
</jgroups>
This is what i see, could someone help me to resolve this.
keycloak-jdbc | 2022-10-26 11:39:46,526 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000088: Unable to use any JGroups configuration mechanisms provided in properties {}. Using default JGroups configuration!
keycloak-jdbc | 2022-10-26 11:39:48,652 INFO [org.jgroups.protocols.pbcast.GMS] (keycloak-cache-init) 6e3721a7dbd5-18224: no members discovered after 2008 ms: creating cluster as coordinator
take a look at this thread: Use of JDBC_PING with Keycloak 17 (Quarkus distro) - #27 by anowak-ct
Note that exists a cache stack based on S3 (see Configuring distributed caches - Keycloak), but I’ve never used it and dont’ know exactly how to configure them, but based on GitHub - jgroups-extras/jgroups-aws: A port of Zalando's NATIVE_S3_PING to JGroups, I suppose you can just use cache-stack=ec2 and set those environment variables:
AWS_ACCESS_KEY_ID="qF7ujVAaYUp3Tx7m"
AWS_SECRET_KEY="WzbG3R2KGtx5rsHQUx2PKQPS2f6WzMtf"
S3_PING_REGION_NAME="eu-central-1"
S3_PING_BUCKET_NAME="jgroups"
Thank you for your response. I can try that, but it looks like there are a lot of things to configure.
I have also read in the other posts that it should work with JDBC_PING.
Im not sure which IP should be used as external IP “”
I’m pretty sure it will be easier to use --cache-stack=ec2 then configuring JDBC_PING, as the quarkus-based keycloak (versions >17) come with this pretty much solved and jdbc_ping was not included.