Hi,
Here is configuration that works for me. We are running Keycloak 24.0.1 (Quarkus Engine) in Azure Container Apps, but the same config should work with Azure VMs as well.
- We build a custom docker container to add some parameters and plugins needed.
FROM quay.io/keycloak/keycloak:24.0.1 as builder
# Configure a database vendor
ENV KC_DB=mysql
WORKDIR /opt/keycloak
COPY jar/azure-storage-8.6.6.jar /opt/keycloak/providers/azure-storage-8.6.6.jar
COPY jar/jgroups-azure-2.0.2.Final.jar /opt/keycloak/providers/jgroups-azure-2.0.2.Final.jar
RUN /opt/keycloak/bin/kc.sh build --health-enabled=true --metrics-enabled=true --cache=ispn --cache-stack=azure
FROM quay.io/keycloak/keycloak:24.0.1
COPY --from=builder /opt/keycloak/ /opt/keycloak/
ENV KC_HTTP_RELATIVE_PATH=/auth
ENV KC_HEALTH_ENABLED=true
Here in the jar folder, I put 2 plugins:
Link to jars:
https://repo1.maven.org/maven2/org/jgroups/azure/jgroups-azure/2.0.2.Final/jgroups-azure-2.0.2.Final.jar
https://repo1.maven.org/maven2/com/microsoft/azure/azure-storage/8.6.6/azure-storage-8.6.6.jar
2. You need to have Azure Storage account created with a container in it to store ISPN cache and pass this info via JAVA_OPTS_APPEND
JAVA_OPTS_APPEND
-Djboss.jgroups.azure_ping.storage_account_name="${storage_account_name}"
-Djboss.jgroups.azure_ping.storage_access_key="${storage_access_key}"
-Djboss.jgroups.azure_ping.container="${storage_container}"
Here I passed storage_account_name, storage_access_key and storage_container as parameters.
Hope it will help. I spent couple of days to figure it out