Hi, I’m trying to setup a high availability keycloak cluster composed of two keycloak instances (18.0.2) behind a reverse proxy (HAproxy) and a MariaDB Galera cluster. Communications between the keycloak instances and the databases are handled by a couple of ProxySQL managed by keepalived.
Communications between all components work fine, but I’m having issue when starting the cluster. There seem to be SQL syntax errors during the update of the database handled by liquibase. I’ve tried setting up a MariaDB Galera cluster with the following mariadb-server version :
- 10.3 (error on an ‘ALTER TABLE’ statements that seems to be compatible only in MariaDB 10.5)
- 10.5 (to fix the above error bu then ran into an syntax error on a ‘CREATE TABLE’ statement)
I’m running out of option. Could some please advise ?
Here’s the configuration file :
db=mariadb
db-username=<nice user>
db-password=<nice pwd>
db-url=jdbc:mariadb://<proxy_sql_vip>:3306/<my_keycloak_db>?characterEncoding=UTF-8
http-enabled=true
http-host=0.0.0.0
http-port=8080
proxy=edge
hostname=ha-keycloak-int.local-trust.com
log=file
log-file=/tmp/keycloak.log
log-level=debug
and the runtime configuration (bin/kc.sh show-config) after the build (bin/kc.sh build --transaction-xa-enabled=false)
Current Mode: none
Runtime Configuration:
kc.cache = ispn (PersistedConfigSource)
kc.config.args = show-config (SysPropConfigSource)
kc.db = mariadb (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.db-password = ******* (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.db-url = jdbc:mariadb://<proxy_sql_vip>:3306/<my_keycloak_db>?characterEncoding=UTF-8 (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.db-username = <nice_user> (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.health-enabled = false (PersistedConfigSource)
kc.home.dir = /opt/keycloak-18.0.2/bin/../ (SysPropConfigSource)
kc.hostname = ha-keycloak-int.local-trust.com (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.http-enabled = true (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.http-host = 0.0.0.0 (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.http-port = 8080 (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.http-relative-path = / (PersistedConfigSource)
kc.log = file (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.log-console-output = default (PropertiesConfigSource[source=jar:file:///opt/keycloak-18.0.2/lib/lib/main/org.keycloak.keycloak-quarkus-server-18.0.2.jar!/META-INF/keycloak.conf])
kc.log-file = /tmp/keycloak.log (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.log-level = debug (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.metrics-enabled = false (PersistedConfigSource)
kc.proxy = edge (PropertiesConfigSource[source=file:/opt/keycloak-18.0.2/bin/../conf/keycloak.conf])
kc.quarkus-properties-enabled = false (PersistedConfigSource)
kc.show.config = none (SysPropConfigSource)
kc.transaction-xa-enabled = false (PersistedConfigSource)
kc.version = 18.0.2 (SysPropConfigSource)
And here’s the error i’m running into (MariaDB Galera cluster with mariadb-server : 10.5
2022-06-30 15:50:06,395 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (production) mode
2022-06-30 15:50:06,395 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) Error details:: java.lang.RuntimeException: Failed to update database
at org.keycloak.quarkus.runtime.storage.database.liquibase.QuarkusJpaUpdaterProvider.update(QuarkusJpaUpdaterProvider.java:122)
at org.keycloak.quarkus.runtime.storage.database.liquibase.QuarkusJpaUpdaterProvider.update(QuarkusJpaUpdaterProvider.java:85)
at org.keycloak.quarkus.runtime.storage.database.jpa.QuarkusJpaConnectionProviderFactory.update(QuarkusJpaConnectionProviderFactory.java:520)
at org.keycloak.quarkus.runtime.storage.database.jpa.QuarkusJpaConnectionProviderFactory.createOrUpdateSchema(QuarkusJpaConnectionProviderFactory.java:486)
at org.keycloak.quarkus.runtime.storage.database.jpa.QuarkusJpaConnectionProviderFactory.postInit(QuarkusJpaConnectionProviderFactory.java:154)
at org.keycloak.quarkus.runtime.integration.QuarkusKeycloakSessionFactory.init(QuarkusKeycloakSessionFactory.java:96)
at org.keycloak.quarkus.runtime.integration.jaxrs.QuarkusKeycloakApplication.initializeKeycloakSessionFactory(QuarkusKeycloakApplication.java:68)
at org.keycloak.quarkus.runtime.integration.jaxrs.QuarkusKeycloakApplication.startup(QuarkusKeycloakApplication.java:49)
at org.keycloak.quarkus.runtime.integration.QuarkusLifecycleObserver.onStartupEvent(QuarkusLifecycleObserver.java:37)
at org.keycloak.quarkus.runtime.integration.QuarkusLifecycleObserver_Observer_onStartupEvent_b0e82415b143738dc1f986a5fa4668e83d0a5dea.notify(Unknown Source)
at io.quarkus.arc.impl.EventImpl$Notifier.notifyObservers(EventImpl.java:320)
at io.quarkus.arc.impl.EventImpl$Notifier.notify(EventImpl.java:302)
at io.quarkus.arc.impl.EventImpl.fire(EventImpl.java:73)
at io.quarkus.arc.runtime.ArcRecorder.fireLifecycleEvent(ArcRecorder.java:128)
at io.quarkus.arc.runtime.ArcRecorder.handleLifecycleEvents(ArcRecorder.java:97)
at io.quarkus.deployment.steps.LifecycleEventsBuildStep$startupEvent1144526294.deploy_0(Unknown Source)
at io.quarkus.deployment.steps.LifecycleEventsBuildStep$startupEvent1144526294.deploy(Unknown Source)
at io.quarkus.runner.ApplicationImpl.doStart(Unknown Source)
at io.quarkus.runtime.Application.start(Application.java:101)
at io.quarkus.runtime.ApplicationLifecycleManager.run(ApplicationLifecycleManager.java:103)
at io.quarkus.runtime.Quarkus.run(Quarkus.java:67)
at org.keycloak.quarkus.runtime.KeycloakMain.start(KeycloakMain.java:86)
at org.keycloak.quarkus.runtime.cli.command.AbstractStartCommand.run(AbstractStartCommand.java:34)
at picocli.CommandLine.executeUserObject(CommandLine.java:1939)
at picocli.CommandLine.access$1300(CommandLine.java:145)
at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2358)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2352)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2314)
at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2179)
at picocli.CommandLine$RunLast.execute(CommandLine.java:2316)
at picocli.CommandLine.execute(CommandLine.java:2078)
at org.keycloak.quarkus.runtime.cli.Picocli.parseAndRun(Picocli.java:88)
at org.keycloak.quarkus.runtime.KeycloakMain.main(KeycloakMain.java:77)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at io.quarkus.bootstrap.runner.QuarkusEntryPoint.doRun(QuarkusEntryPoint.java:60)
at io.quarkus.bootstrap.runner.QuarkusEntryPoint.main(QuarkusEntryPoint.java:31)
Caused by: liquibase.exception.LiquibaseException: liquibase.exception.MigrationFailedException: Migration failed for change set META-INF/jpa-changelog-1.2.0.Beta1.xml::1.2.0.Beta1::psilva@redhat.com:
Reason: liquibase.exception.DatabaseException: (conn=84) You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ' NAME VARCHAR(255) NOT NULL)' at line 1 [Failed SQL: (1064) CREATE TABLE PR
OTOCOL_MAPPER_CONFIG (PROTOCOL_MAPPER_ID VARCHAR(36) NOT NULL, VALUE CLOB, NAME VARCHAR(255) NOT NULL)]