<div dir="auto">Ehy, i solved the issue you talking about few months ago, you have to modify .xml configuration on keycloak side, if you re not in hurry monday i send you how i fix it.<div dir="auto"><br></div><div dir="auto">Damiano</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 28 Jan 2022, 20:25 Ken Gaillot, <<a href="mailto:kgaillot@redhat.com" target="_blank" rel="noreferrer">kgaillot@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Fri, 2022-01-28 at 12:15 -0500, Philip Alesio wrote:<br>
> Hi Everyone,<br>
> <br>
> I'm attempting to create a failover cluster that uses Postgresql and<br>
> Keycloak and am having difficulty getting Keycloak running. Keycloak<br>
> is using a Postgresql database. In one case I'm using DRBD to<br>
> replicate the data and in another case I'm using Postgresql. The<br>
> failure, in both cases, is that Keycloak fails to connect to the<br>
> database. In both cases Pacemaker is running with the Postgresql<br>
> resource when I add the Keycloak resource. If I "docker run"<br>
> Keyclock, not adding it as a Pacemaker resource, Keycloak starts and<br>
> connects to the database. <br>
> <br>
> Below adds Keycloak as a Pacemaker resource:<br>
> <br>
> pcs cluster cib cluster1.xml<br>
> pcs -<br>
> f cluster1.xml resource create p_keycloak ocf:heartbeat:docker image=<br>
> jboss/keycloak name=keycloak run_opts="-d -e KEYCLOAK_USER=admin -<br>
> e KEYCLOAK_PASSWORD=admin -e DB_ADDR=postgres -e DB_VENDOR=postgres -<br>
> e DB_USER=postgres -e DB_PASSWORD=postgres -<br>
> e DB_DATABASE=keycloak_db -e JDBC_PARAMS=useSSL=false -p 8080:8080 -<br>
> e DB_ADDR=postgres -<br>
> e DB_PORT='5432' –network=cluster1dkrnet" op monitor interval=60s<br>
> pcs -f<br>
> cluster1.xml resource group add g_receiver p_keycloak<br>
> pcs cluster cib-push cluster1.xml --config<br>
> <br>
> Below creates a Keycloak container that is not managed by Pacemaker: <br>
> > docker run --name keycloak -e KEYCLOAK_USER=admin -<br>
> > e KEYCLOAK_PASSWORD=admin -e DB_ADDR=postgres -<br>
> > e DB_VENDOR=postgres -e DB_USER=postgres -e DB_PASSWORD=postgres -<br>
> > e DB_DATABASE=keycloak_db -e JDBC_PARAMS=useSSL=false -<br>
> > p 8080:8080 -e DB_ADDR=postgres -e DB_PORT='5432' <br>
> > --network=cluster1dkrnet jboss/keycloak<br>
> <br>
> Does anyone have experience with Pacemaker with Keyclock and/or if<br>
> there are any thoughts about why Keycloak is not connecting to the<br>
> Postgresql database?<br>
> <br>
> Thanks in advance.<br>
<br>
I'd check for SELinux denials first. A command executed from the<br>
command line is unconstrained, while being executed by a daemon is<br>
subject to SELinux policies.<br>
<br>
Other than that, maybe turn on any debugging options and check the<br>
keycloak logs from the container (e.g. using network logging or an<br>
exported host disk).<br>
-- <br>
Ken Gaillot <<a href="mailto:kgaillot@redhat.com" rel="noreferrer noreferrer" target="_blank">kgaillot@redhat.com</a>><br>
<br>
_______________________________________________<br>
Manage your subscription:<br>
<a href="https://lists.clusterlabs.org/mailman/listinfo/users" rel="noreferrer noreferrer noreferrer" target="_blank">https://lists.clusterlabs.org/mailman/listinfo/users</a><br>
<br>
ClusterLabs home: <a href="https://www.clusterlabs.org/" rel="noreferrer noreferrer noreferrer" target="_blank">https://www.clusterlabs.org/</a><br>
</blockquote></div>