search

skulpturenz / shared-resources

MIT License
0 stars 0 forks source link

chore: static ips for keycloak #279

Open nmathew98 opened 5 days ago

nmathew98 commented 5 days ago

unsure if supported in swarm (should be)

https://gist.github.com/natcl/3d881d00a56c8a961e6dab8ba51a5a37 https://forums.docker.com/t/assign-first-class-ip-address-with-swarm-service/136198/8

also see: https://github.com/moby/moby/issues/24170

https://stackoverflow.com/questions/54403235/sticky-sessions-with-docker-swarm

{{.Task.Slot}}

nmathew98 commented 4 days ago

some timeouts but its fine:

authnz_keycloak:

"Endpoint": {
            "Spec": {
                "Mode": "vip"
            },
            "VirtualIPs": [
                {
                    "NetworkID": "ktp34kujxye1c6fl98egf7inl",
                    "Addr": "10.0.2.171/24"
                }
            ]
        },

keycloak.1:

"Networks": {
                "keycloak": {
                    "IPAMConfig": {
                        "IPv4Address": "10.0.2.175"
                    },
                    "Links": null,
                    "Aliases": null,
                    "MacAddress": "02:42:0a:00:02:af",
                    "NetworkID": "ktp34kujxye1c6fl98egf7inl",
                    "EndpointID": "5c8997ef57a0c0747b1c8a45d85a7dec363d566cb2462910daab0a45eef05f77",
                    "Gateway": "",
                    "IPAddress": "10.0.2.175",
                    "IPPrefixLen": 24,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "DriverOpts": null,
                    "DNSNames": [
                        "authnz_keycloak.1.6jcs52tac9pxqu1vyy8sl8daq",
                        "e4dcaa9344fa",
                        "keycloak.1"
                    ]
                }
            }

keycloak.2:

"Networks": {
                "keycloak": {
                    "IPAMConfig": {
                        "IPv4Address": "10.0.2.174"
                    },
                    "Links": null,
                    "Aliases": null,
                    "MacAddress": "02:42:0a:00:02:ae",
                    "NetworkID": "ktp34kujxye1c6fl98egf7inl",
                    "EndpointID": "c59ba0133c004268ecbb5277633dcafc3e6949efc7c3af6e8aa8699366ac3305",
                    "Gateway": "",
                    "IPAddress": "10.0.2.174",
                    "IPPrefixLen": 24,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "DriverOpts": null,
                    "DNSNames": [
                        "authnz_keycloak.2.uih2e2id964bhw50mhcdtb4ko",
                        "05878e00ed5a",
                        "keycloak.2"
                    ]
                }
            }
        }

ip has changed (10.0.2.172 and 10.0.2.173 to 10.0.2.174 and 10.0.2.175, lb ip is not changing but container ips change):

image

https://github.com/user-attachments/assets/3213d94e-8807-44b4-9498-11458142ab39

is fine for the moment

problem: Nginx is only refreshed after all the swarm services are updated, when all swarm services are updated there is a moment that Nginx has the old ips instead of the new ips since we are referring to the container directly for sticky sessions

nmathew98 commented 4 days ago

specifying ttl needs NGINX plus, but no errors if its there on free