[ClusterLabs] Pacemaker managing Keycloak
philip.alesio at gmail.com
Fri Jan 28 17:12:05 EST 2022
That would be great!
On Fri, Jan 28, 2022 at 2:50 PM damiano giuliani <
damianogiuliani87 at gmail.com> wrote:
> Ehy, i solved the issue you talking about few months ago, you have to
> modify .xml configuration on keycloak side, if you re not in hurry monday i
> send you how i fix it.
> On Fri, 28 Jan 2022, 20:25 Ken Gaillot, <kgaillot at redhat.com> wrote:
>> On Fri, 2022-01-28 at 12:15 -0500, Philip Alesio wrote:
>> > Hi Everyone,
>> > I'm attempting to create a failover cluster that uses Postgresql and
>> > Keycloak and am having difficulty getting Keycloak running. Keycloak
>> > is using a Postgresql database. In one case I'm using DRBD to
>> > replicate the data and in another case I'm using Postgresql. The
>> > failure, in both cases, is that Keycloak fails to connect to the
>> > database. In both cases Pacemaker is running with the Postgresql
>> > resource when I add the Keycloak resource. If I "docker run"
>> > Keyclock, not adding it as a Pacemaker resource, Keycloak starts and
>> > connects to the database.
>> > Below adds Keycloak as a Pacemaker resource:
>> > pcs cluster cib cluster1.xml
>> > pcs -
>> > f cluster1.xml resource create p_keycloak ocf:heartbeat:docker image=
>> > jboss/keycloak name=keycloak run_opts="-d -e KEYCLOAK_USER=admin -
>> > e KEYCLOAK_PASSWORD=admin -e DB_ADDR=postgres -e DB_VENDOR=postgres -
>> > e DB_USER=postgres -e DB_PASSWORD=postgres -
>> > e DB_DATABASE=keycloak_db -e JDBC_PARAMS=useSSL=false -p 8080:8080 -
>> > e DB_ADDR=postgres -
>> > e DB_PORT='5432' –network=cluster1dkrnet" op monitor interval=60s
>> > pcs -f
>> > cluster1.xml resource group add g_receiver p_keycloak
>> > pcs cluster cib-push cluster1.xml --config
>> > Below creates a Keycloak container that is not managed by Pacemaker:
>> > > docker run --name keycloak -e KEYCLOAK_USER=admin -
>> > > e KEYCLOAK_PASSWORD=admin -e DB_ADDR=postgres -
>> > > e DB_VENDOR=postgres -e DB_USER=postgres -e DB_PASSWORD=postgres -
>> > > e DB_DATABASE=keycloak_db -e JDBC_PARAMS=useSSL=false -
>> > > p 8080:8080 -e DB_ADDR=postgres -e DB_PORT='5432'
>> > > --network=cluster1dkrnet jboss/keycloak
>> > Does anyone have experience with Pacemaker with Keyclock and/or if
>> > there are any thoughts about why Keycloak is not connecting to the
>> > Postgresql database?
>> > Thanks in advance.
>> I'd check for SELinux denials first. A command executed from the
>> command line is unconstrained, while being executed by a daemon is
>> subject to SELinux policies.
>> Other than that, maybe turn on any debugging options and check the
>> keycloak logs from the container (e.g. using network logging or an
>> exported host disk).
>> Ken Gaillot <kgaillot at redhat.com>
>> Manage your subscription:
>> ClusterLabs home: https://www.clusterlabs.org/
> Manage your subscription:
> ClusterLabs home: https://www.clusterlabs.org/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users