Removed workarounds no longer necessary after Infinispan 14.0.14 upgrade

keycloak · Aug 17, 2023 · 880e4ea · 880e4ea
1 parent 9afa003
commit 880e4ea
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 36 deletions.
diff --git a/provision/minikube/keycloak/config/kcb-infinispan-cache-config.xml b/provision/minikube/keycloak/config/kcb-infinispan-cache-config.xml
@@ -21,21 +21,6 @@
         xsi:schemaLocation="urn:infinispan:config:14.0 https://www.infinispan.org/schemas/infinispan-config-14.0.xsd"
         xmlns="urn:infinispan:config:14.0">
 
-    <!-- Workaround for https://github.com/keycloak/keycloak/issues/21092 -->
-    <jgroups>
-        <stack name="kubernetes-with-fdsock" extends="kubernetes">
-            <!-- When using an embedded stack, replacement is done by Infinispan which requires environment variables to be
-            prefixed with ".env", while JGroups falls back to environment variables without the prefix.
-            The Keycloak Operator passes this information in an enviornment variable `jgroups.dns.query`.
-            See https://github.com/keycloak/keycloak/issues/21830 for a discussion.
-            -->
-            <dns.DNS_PING dns_query="${env.jgroups.dns.query}" />
-            <!-- Workaround for problems with FD_SOCK2, which might fail when the other nodes are not ready yet.
-            See https://github.com/keycloak/keycloak/issues/21092 -->
-            <FD_SOCK stack.combine="REPLACE" stack.position="FD_SOCK2"/>
-        </stack>
-    </jgroups>
-
     <!-- the statistics="true" attribute is not part of the original KC config and was added by Keycloak Benchmark -->
     <cache-container name="keycloak" statistics="true">
         <transport lock-timeout="60000"/>

diff --git a/provision/minikube/keycloak/config/kcb-infinispan-cache-remote-store-config.xml b/provision/minikube/keycloak/config/kcb-infinispan-cache-remote-store-config.xml
@@ -22,21 +22,6 @@
             urn:infinispan:config:store:remote:14.0 https://www.infinispan.org/schemas/infinispan-cachestore-remote-config-14.0.xsd"
         xmlns="urn:infinispan:config:14.0">
 
-    <!-- Workaround for https://github.com/keycloak/keycloak/issues/21092 -->
-    <jgroups>
-        <stack name="kubernetes-with-fdsock" extends="kubernetes">
-            <!-- When using an embedded stack, replacement is done by Infinispan which requires environment variables to be
-            prefixed with ".env", while JGroups falls back to environment variables without the prefix.
-            The Keycloak Operator passes this information in an enviornment variable `jgroups.dns.query`.
-            See https://github.com/keycloak/keycloak/issues/21830 for a discussion.
-            -->
-            <dns.DNS_PING dns_query="${env.jgroups.dns.query}" />
-            <!-- Workaround for problems with FD_SOCK2, which might fail when the other nodes are not ready yet.
-            See https://github.com/keycloak/keycloak/issues/21092 -->
-            <FD_SOCK stack.combine="REPLACE" stack.position="FD_SOCK2"/>
-        </stack>
-    </jgroups>
-
     <!-- the statistics="true" attribute is not part of the original KC config and was added by Keycloak Benchmark -->
     <cache-container name="keycloak" statistics="true">
         <transport lock-timeout="60000" site="ISPN"/>

diff --git a/provision/minikube/keycloak/templates/keycloak.yaml b/provision/minikube/keycloak/templates/keycloak.yaml
@@ -20,9 +20,6 @@ spec:
       haproxy.router.openshift.io/disable_cookies: 'true'
 {{end}}
   additionalOptions:
-     # Workaround for https://github.com/keycloak/keycloak/issues/21092
-    - name: 'cache-stack'
-      value: kubernetes-with-fdsock
 {{ if or (eq .Values.database "aurora-postgres") (eq .Values.database "postgres") (eq .Values.database "postgres+infinispan") }}
     - name: db
       value: postgres
@@ -154,10 +151,10 @@ spec:
             env:
               # Limiting Keycloak thread pool as it might lead to an exhaustion of the JGroups thread pool.
               # The combined worker thread pool size of all Keycloak instances shouldn't exceed the size of the JGroups thread pool on each node.
-              # Due to https://issues.redhat.com/browse/ISPN-14780 there is currently no way to configure the JGroups thread pool max size,
-              # so there is no way to increase the value from the 100 which are the default in JGroups AFAIK.
+              # After https://issues.redhat.com/browse/ISPN-14780 was fixed in KC 22.0.2 and KC 23, it again defaults to 200.
+              # It can be configured by a system property 'jgroups.thread_pool.max_threads' for a different value.
               - name: 'QUARKUS_THREAD_POOL_MAX_THREADS'
-                value: {{ div 100 .Values.instances | quote }}
+                value: {{ div 200 .Values.instances | quote }}
               # This is the queue size on each Keycloak node, that when exceeded will return a 503 response immediately (load shedding).
               # Assuming a Keycloak pod processes around 200 requests per second, a queue of 1000 would lead to maximum waiting times of around 5 seconds.
               # In the future, the queue size could be determined dynamically on each node based on the processing time of previous requests.