Ehy Philip, sorry for being late, today was a bad day! to make keycloak reconnect to the postgres db when it fails, you have to edit your current configuration file (it could be for example /opt/keycloak/standalone/configuration/standalone-ha.xml or standalone.xml doublecheck it)
replace the datasources block with: <datasources> <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true" statistics-enabled="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}"> <connection-url>jdbc:postgresql://ltaoperdbs01/keycloakdb</connection-url> <driver>postgresql</driver> <pool> <max-pool-size>100</max-pool-size> </pool> <security> <user-name>keycloak</user-name> <password>yourpassword</password> </security> <validation> <check-valid-connection-sql>select 1</check-valid-connection-sql> <background-validation>true</background-validation> <background-validation-millis>15000</background-validation-millis> <valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker"/> <exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter"/> <validate-on-match>false</validate-on-match> </validation> </datasource> <drivers> <driver name="postgresql" module="org.postgresql"> <xa-datasource-class>org.postgresql.xa.PGXADataSource</xa-datasource-class> </driver> </drivers> </datasources> replacing with your postgres database informations. dont forget to make this on all your keycloack cluster node. probably you have to restart the services. jave a look there if you need more info: https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html/administration_and_configuration_guide/sect-example_datasources let us how things are going after this. BR Damiano Il giorno ven 28 gen 2022 alle ore 23:12 Philip Alesio < philip.ale...@gmail.com> ha scritto: > That would be great! > > On Fri, Jan 28, 2022 at 2:50 PM damiano giuliani < > damianogiulian...@gmail.com> wrote: > >> Ehy, i solved the issue you talking about few months ago, you have to >> modify .xml configuration on keycloak side, if you re not in hurry monday i >> send you how i fix it. >> >> Damiano >> >> On Fri, 28 Jan 2022, 20:25 Ken Gaillot, <kgail...@redhat.com> wrote: >> >>> On Fri, 2022-01-28 at 12:15 -0500, Philip Alesio wrote: >>> > Hi Everyone, >>> > >>> > I'm attempting to create a failover cluster that uses Postgresql and >>> > Keycloak and am having difficulty getting Keycloak running. Keycloak >>> > is using a Postgresql database. In one case I'm using DRBD to >>> > replicate the data and in another case I'm using Postgresql. The >>> > failure, in both cases, is that Keycloak fails to connect to the >>> > database. In both cases Pacemaker is running with the Postgresql >>> > resource when I add the Keycloak resource. If I "docker run" >>> > Keyclock, not adding it as a Pacemaker resource, Keycloak starts and >>> > connects to the database. >>> > >>> > Below adds Keycloak as a Pacemaker resource: >>> > >>> > pcs cluster cib cluster1.xml >>> > pcs - >>> > f cluster1.xml resource create p_keycloak ocf:heartbeat:docker image= >>> > jboss/keycloak name=keycloak run_opts="-d -e KEYCLOAK_USER=admin - >>> > e KEYCLOAK_PASSWORD=admin -e DB_ADDR=postgres -e DB_VENDOR=postgres - >>> > e DB_USER=postgres -e DB_PASSWORD=postgres - >>> > e DB_DATABASE=keycloak_db -e JDBC_PARAMS=useSSL=false -p 8080:8080 - >>> > e DB_ADDR=postgres - >>> > e DB_PORT='5432' –network=cluster1dkrnet" op monitor interval=60s >>> > pcs -f >>> > cluster1.xml resource group add g_receiver p_keycloak >>> > pcs cluster cib-push cluster1.xml --config >>> > >>> > Below creates a Keycloak container that is not managed by Pacemaker: >>> > > docker run --name keycloak -e KEYCLOAK_USER=admin - >>> > > e KEYCLOAK_PASSWORD=admin -e DB_ADDR=postgres - >>> > > e DB_VENDOR=postgres -e DB_USER=postgres -e DB_PASSWORD=postgres - >>> > > e DB_DATABASE=keycloak_db -e JDBC_PARAMS=useSSL=false - >>> > > p 8080:8080 -e DB_ADDR=postgres -e DB_PORT='5432' >>> > > --network=cluster1dkrnet jboss/keycloak >>> > >>> > Does anyone have experience with Pacemaker with Keyclock and/or if >>> > there are any thoughts about why Keycloak is not connecting to the >>> > Postgresql database? >>> > >>> > Thanks in advance. >>> >>> I'd check for SELinux denials first. A command executed from the >>> command line is unconstrained, while being executed by a daemon is >>> subject to SELinux policies. >>> >>> Other than that, maybe turn on any debugging options and check the >>> keycloak logs from the container (e.g. using network logging or an >>> exported host disk). >>> -- >>> Ken Gaillot <kgail...@redhat.com> >>> >>> _______________________________________________ >>> Manage your subscription: >>> https://lists.clusterlabs.org/mailman/listinfo/users >>> >>> ClusterLabs home: https://www.clusterlabs.org/ >>> >> _______________________________________________ >> Manage your subscription: >> https://lists.clusterlabs.org/mailman/listinfo/users >> >> ClusterLabs home: https://www.clusterlabs.org/ >> > _______________________________________________ > Manage your subscription: > https://lists.clusterlabs.org/mailman/listinfo/users > > ClusterLabs home: https://www.clusterlabs.org/ >
_______________________________________________ Manage your subscription: https://lists.clusterlabs.org/mailman/listinfo/users ClusterLabs home: https://www.clusterlabs.org/