search

ivangfr / keycloak-clustered

Keycloak-Clustered extends quay.io/keycloak/keycloak official Keycloak Docker image by adding JDBC_PING discovery protocol.
162 stars 57 forks source link

Wrong Fields in JGROUPSPING table #17

Closed fsainovich closed 1 year ago

fsainovich commented 1 year ago

When I use your prebuilt image (ivanfranchin/keycloak-clustered:latest) i get follow columns in JGROUPSPING table:

               own_addr               | cluster_name | bind_addr |          updated           |                                              ping_data                                               
--------------------------------------+--------------+-----------+----------------------------+------------------------------------------------------------------------------------------------------
 c1b085ca-1b8b-454b-b784-4ef13fbd9d37 | ISPN         | 10.9.9.42 | 2022-10-04 14:11:58.300151 | \x02b7844ef13fbd9d37c1b085ca1b8b454b030100123631626164626536613561352d343630363310040a09092a1e78ffff

But if I try to built my own image with the cache-ispn-jdbc-ping.xml inside the 19.0.2 folder (https://github.com/ivangfr/keycloak-clustered/tree/master/19.0.2), i get the followns results:

               own_addr               | bind_addr |          created           | cluster_name |                                              ping_data                                               
--------------------------------------+-----------+----------------------------+--------------+------------------------------------------------------------------------------------------------------
 16c69e8a-c9aa-49c5-aeb9-94bf47c65266 | 127.0.0.1 | 2022-10-04 14:07:46.437592 | ISPN         | \x02aeb994bf47c6526616c69e8ac9aa49c5030100123638313366656139656565622d35303834321004ac1800021e78ffff

The column "update" don't exist and bind_addr is not equal.

Could you share the same cache-ispn-jdbc-ping.xml used to generate latest image ?

My dockerfile:

FROM quay.io/keycloak/keycloak:19.0.2

COPY cache-ispn-jdbc-ping.xml /opt/keycloak/conf/cache-ispn-jdbc-ping.xml

RUN rm -f /opt/keycloak/conf/cache-ispn.xml

ENV KC_CACHE_CONFIG_FILE=cache-ispn-jdbc-ping.xml
ENV KC_DB=postgres

RUN /opt/keycloak/bin/kc.sh build --db=postgres
RUN /opt/keycloak/bin/kc.sh show-config

ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
fsainovich commented 1 year ago

I have been extracted the file from your latest image (and use in my image and works):

<?xml version="1.0" encoding="UTF-8"?>

<infinispan xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:infinispan:config:11.0 http://www.infinispan.org/schemas/infinispan-config-11.0.xsd" xmlns="urn:infinispan:config:11.0">

<cache-container name="keycloak">
    <transport lock-timeout="60000" stack="${env.KC_DB}-jdbc-ping-tcp"/>
    <local-cache name="realms">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <memory max-count="10000"/>
    </local-cache>
    <local-cache name="users">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <memory max-count="10000"/>
    </local-cache>
    <distributed-cache name="sessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="authenticationSessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="offlineSessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="clientSessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="offlineClientSessions" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="loginFailures" owners="2">
        <expiration lifespan="-1"/>
    </distributed-cache>
    <local-cache name="authorization">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <memory max-count="10000"/>
    </local-cache>
    <replicated-cache name="work">
        <expiration lifespan="-1"/>
    </replicated-cache>
    <local-cache name="keys">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <expiration max-idle="3600000"/>
        <memory max-count="1000"/>
    </local-cache>
    <distributed-cache name="actionTokens" owners="2">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <expiration max-idle="-1" lifespan="-1" interval="300000"/>
        <memory max-count="-1"/>
    </distributed-cache>
</cache-container>

ivangfr commented 1 year ago

Were you able to see the differences?

As far I as remember, I used the same cache-ispn-jdbc-ping.xml file to build the latest image.

So, the cache-ispn-jdbc-ping.xml is supposed to identical in the pre-build image and the one present in the 19.0.2 folder.

ivangfr commented 1 year ago

I've just pulled the docker image ivanfranchin/keycloak-clustered:latest and run its docker container.

After that, I docker exec into it and checked the cache-ispn-jdbc-ping.xml inside /opt/keycloak/conf/ folder.

I've compared the file in the docker container and the one in https://github.com/ivangfr/keycloak-clustered/blob/master/19.0.2/cache-ispn-jdbc-ping.xml, and they are identical.

Let me know if you've found some issue.

Best regards

fsainovich commented 1 year ago

Hi Ivan, I think that I downloaded a wrong file. After your reply, I have cloned all the repo and use folder 19.0.2 and all is OK. My mistake.

Thank you so much for your quickly reply.

Fernando.

ivangfr commented 1 year ago

Hi @fsainovich No problem! Thanks for the feedback!