Preventing split-brain situations in cross-datacenter installations


I have a cross-datacenter installation of Keycloak 4.8.3 in active/active mode and using Infinispan 9.3.6 with synchronous replication.
I’ve had communication problems between datacenters.
When it happenned, both Infinispan servers were active, considered the other one as offline and went on working normally without any replication.
To prevent this, I need the load balancer to be able to find out about this situation, but I honestly cannot think of a way to automatically detect it.
May be a headless call to Infinispan management interface, but I don’t find information on how to do that.

Any suggestion of some test I can do which will fail if replication is disabled?

Thank you very much,


Hey, sorry in advance I don’t have an answer.
But I would like to ask some questions,

  1. After this situation of network problems between the DCs, are they (each keycloak standalone/domain) synced back?
  2. You are searching for a solution with the LB to prevent it, but I’m not sure I’ve understood what the solution shoild solve? I get that there is ‘split brain’ situation, so are you trying to prevent it by changing one of the DCs to be ‘offline’ so all of the requests will be to one and only one dc?
  3. How is your experience with the Cross DC keycloak deployment?