Simplifying Keycloak node discovery with JDBC_PING2

[Alexander Schwartz]

Dear Keycloak community,

A common complaint of users attempting to create Keycloak clusters in non-kubernetes environments, is that it's hard to configure the JGroups discovery protocol that Infinispan relies upon to discover cluster members.

We are working on simplifying this, and we are looking for your feedback. 

We're working on implementing a discovery based JDBC_PING2 which uses the database that is configured for Keycloak. This should resolve issues especially in cloud provider environments as it removes the need to add custom JARs. 

It will be both a drop-in replacement and new default for the current default stack that uses UDP for transport. There will be an additional stack type "jdbc-ping" which uses TCP as a transport protocol which should work in environments where UDP is not available (namely cloud providers). 

The Keycloak Operator will continue to use DNS-Ping for discovery and TCP which has proven to be stable and working well. 

While this is still being tested and subject to change, we would like to get community feedback in our GitHub epic that tracks the progress: https://github.com/keycloak/keycloak/issues/34102

You can find nightly builds here: https://www.keycloak.org/nightly/

Together with the updated documentation: https://www.keycloak.org/nightly/server/caching

Best,

Alexander

--

Alexander Schwartz, RHCE

He/Him

Principal Software Engineer, Keycloak Maintainer

Red Hat - Germany remote

asch...@redhat.com   

Red Hat GmbH, Registered seat: Werner von Siemens Ring 12, D-85630 Grasbrunn, Germany 
Commercial register: Amtsgericht Muenchen/Munich, HRB 153243,
Managing Directors: Ryan Barnhart, Charles Cachera, Michael O'Neill, Amy Ross