How should Keycloak know about the cluster without specifying/configuration? Just using a loadbalancer in front of two nodes is not enough.
Read the docs: Server Installation and Configuration Guide, chapter 9 and 10 is worth reading, also chapter 3 for basic understanding the operation modes. Using domain mode is not for running a HA cluster.
i do not use domain mode (highly customized standalone-ha), and have DB-based replication. i suspect this is what you want, tuned according to your use case (how you replicate, whether you use DB or some other data store, etc).
as dasniko said, first spend time with the docs…if example config is helpful at all you can see:
@dasniko :
I read the documentation before to post this message.
I was pretty sure the domain mode was not adapted to achieve my objective (a HA cluster) but it remained a little doubt: that’s why I wrote this message
Because from what I understood, sessions are stored in the infinispan cache.
And for this part, I can’t understand how you can have a replication sorry
Or maybe all Keycloak instances are on the same “physical” (can be a VM) server?
@dasniko …and loose all ROI from the ~two years i’ve spent getting automation/config/etc just right for current state (tradeoffs vs all good – but change is ineveitible just being the curmudgeon since i’ve been on the internet too long at this point)
@kortex yep, multi-node cluster with active failover. you can tune replication such that a single node going down does not loose data.
counter balanced by “change for the sake of change is not necessarily useful” (new will always appear shiny) – although i see the reasons for moving to a lighter/container-optimized framework. i welcome it, but have done this long enough to realize “things always change” (no escaping that) but also “use boring tech” is a way to success/sanity/focusing on business value vs constantly swapping legos.
keep up the good work and don’t mind the curmudgeon in the corner