Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KCB part of https://github.com/keycloak/keycloak/issues/31807 #909

Merged
merged 1 commit into from
Aug 8, 2024
Merged

KCB part of https://github.com/keycloak/keycloak/issues/31807 #909

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .github/actions/keycloak-create-deployment/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@ inputs:
disableStickySessions:
description: 'Disable sticky session in OpenShift Route'
default: 'true'
enablePersistentSessions:
description: 'Enable persistent sessions to DB'
enableKc25Mode:
description: 'Set to true when version older than 26 is deployed'
default: 'false'
enableExternalInfinispanFeature:
description: 'To enable the external Infinispan feature. It disables the embedded caches and only uses the remote caches.'
Expand Down Expand Up @@ -55,7 +55,7 @@ runs:
KC_NAMESPACE_PREFIX: ${{ inputs.projectPrefix }}
KC_INSTANCES: ${{ inputs.replicas }}
KC_DISABLE_STICKY_SESSION: ${{ inputs.disableStickySessions }}
KC_PERSISTENT_SESSIONS: ${{ inputs.enablePersistentSessions }}
KC_KC25_MODE: ${{ inputs.enableKc25Mode }}
KC_EXTERNAL_INFINISPAN: ${{ inputs.enableExternalInfinispanFeature }}
KC_CONTAINER_IMAGE: ${{ inputs.image }}
KC_MEMORY_REQUESTS_MB: ${{ inputs.podMemoryRequests }}
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/rosa-multi-az-cluster-create.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,8 @@ on:
description: 'When true deploy an Active/Active Keycloak deployment'
type: boolean
default: false
enablePersistentSessions:
description: 'To enable Persistent user and client sessions to the DB'
enableKc25Mode:
description: 'Set to true when version older than 26 is deployed'
type: boolean
default: false
enableExternalInfinispanFeature:
Expand All @@ -65,7 +65,7 @@ on:
env:
CLUSTER_PREFIX: ${{ inputs.clusterPrefix || format('gh-{0}', github.repository_owner) }}
REGION: ${{ inputs.region || vars.AWS_DEFAULT_REGION }}
KC_PERSISTENT_SESSIONS: ${{ inputs.enablePersistentSessions }}
KC_KC25_MODE: ${{ inputs.enableKc25Mode }}
KC_EXTERNAL_INFINISPAN: ${{ inputs.enableExternalInfinispanFeature }}

jobs:
Expand Down Expand Up @@ -187,7 +187,7 @@ jobs:
KC_INSTANCES: 3
KC_DISABLE_STICKY_SESSION: true
KC_CRYOSTAT: false
KC_PERSISTENT_SESSIONS: ${{ env.KC_PERSISTENT_SESSIONS }}
KC_KC25_MODE: ${{ env.KC_KC25_MODE }}
KC_EXTERNAL_INFINISPAN: ${{ env.KC_EXTERNAL_INFINISPAN }}
KC_MEMORY_REQUESTS_MB: 3000
KC_MEMORY_LIMITS_MB: 4000
Expand Down Expand Up @@ -228,7 +228,7 @@ jobs:
KC_INSTANCES: 3
KC_DISABLE_STICKY_SESSION: true
KC_CRYOSTAT: false
KC_PERSISTENT_SESSIONS: ${{ env.KC_PERSISTENT_SESSIONS }}
KC_KC25_MODE: ${{ env.KC_KC25_MODE }}
KC_EXTERNAL_INFINISPAN: ${{ env.KC_EXTERNAL_INFINISPAN }}
KC_MEMORY_REQUESTS_MB: 3000
KC_MEMORY_LIMITS_MB: 4000
Expand Down
2 changes: 1 addition & 1 deletion doc/benchmark/modules/ROOT/pages/report/rosa-benchmark-key-results.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ Deploy OpenShift and ROSA as described in xref:kubernetes-guide::prerequisite/pr
KC_CPU_REQUESTS=6
KC_INSTANCES=3
KC_DISABLE_STICKY_SESSION=true
KC_PERSISTENT_SESSIONS=false
KC_KC25_MODE=true
KC_MEMORY_REQUESTS_MB=3000
KC_MEMORY_LIMITS_MB=4000
KC_DB_POOL_INITIAL_SIZE=30
Expand Down
6 changes: 3 additions & 3 deletions doc/kubernetes/modules/ROOT/pages/customizing-deployment.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,9 +221,9 @@ Available options:
+
NOTE: This option is implemented only for OpenShift deployments.

[[KC_PERSISTENT_SESSIONS,KC_PERSISTENT_SESSIONS]]
KC_PERSISTENT_SESSIONS::
We can enable the persistent sessions to be stored in the user-sessions and client-sessions into the target database in use. By default, the `KC_PERSISTENT_SESSIONS` is set to `false` in our benchmark provisioning module, we need to override it to `true` to enable this feature. Please note that, there will be a tax on the endpoint performance when you enable this feature and this is as designed, to provide better resiliency for Keycloak.
[[KC_KC25_MODE,KC_KC25_MODE]]
KC_KC25_MODE::
To deploy older Keycloak version prior to Keycloak 26 it is necessary to enable the KC25 mode.

== Available Benchmark options

Expand Down
8 changes: 3 additions & 5 deletions provision/common/Taskfile.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ vars:
KC_REMOTE_STORE_HOST: '{{default "localhost" .KC_REMOTE_STORE_HOST}}'
KC_REMOTE_STORE_PORT: '{{default "11222" .KC_REMOTE_STORE_PORT}}'
KC_DISABLE_STICKY_SESSION: '{{default "false" .KC_DISABLE_STICKY_SESSION}}'
KC_PERSISTENT_SESSIONS: '{{default "false" .KC_PERSISTENT_SESSIONS}}'
KC_KC25_MODE: '{{default "false" .KC_KC25_MODE}}'
KC_EXTERNAL_INFINISPAN: '{{default "false" .KC_EXTERNAL_INFINISPAN}}'
MULTI_AZ: '{{default "false" .MULTI_AZ}}'
ENV_DATA_JSON_PATH: "{{.ROOT_DIR}}/../environment_data.json"
Expand Down Expand Up @@ -72,7 +72,7 @@ tasks:
- echo {{.KC_REMOTE_STORE_HOST}} > .task/var-KC_REMOTE_STORE_HOST
- echo {{.KC_REMOTE_STORE_PORT}} > .task/var-KC_REMOTE_STORE_PORT
- echo {{.KC_DISABLE_STICKY_SESSION}} > .task/var-KC_DISABLE_STICKY_SESSION
- echo {{.KC_PERSISTENT_SESSIONS}} > .task/var-KC_PERSISTENT_SESSIONS
- echo {{.KC_KC25_MODE}} > .task/var-KC_KC25_MODE
- echo {{.KC_EXTERNAL_INFINISPAN}} > .task/var-KC_EXTERNAL_INFINISPAN
- echo {{.KC_HOSTNAME_OVERRIDE}} > .task/var-KC_HOSTNAME_OVERRIDE
- echo {{.KC_HEALTH_HOSTNAME}} > .task/var-KC_HEALTH_HOSTNAME
Expand All @@ -81,7 +81,6 @@ tasks:
--arg cpu_limits_per_pod "{{ .KC_CPU_LIMITS }}" \
--arg num_of_pods "{{ .KC_INSTANCES }}" \
--argjson sticky_sessions "{{ .KC_DISABLE_STICKY_SESSION }}" \
--argjson persistent_sessions "{{ .KC_PERSISTENT_SESSIONS }}" \
--argjson external_infinispan "{{ .KC_EXTERNAL_INFINISPAN }}" \
--arg mem_req_per_pod "{{ .KC_MEMORY_REQUESTS_MB }}" \
--arg mem_limit_per_pod "{{ .KC_MEMORY_LIMITS_MB }}" \
Expand All @@ -99,7 +98,6 @@ tasks:
"cpuLimitsPerPod": (if ($cpu_limits_per_pod | length) == 0 then null else ($cpu_limits_per_pod | tonumber?) end),
"stickySessionDisabled": ($sticky_sessions),
"externalInfinispanFeatureEnabled": ($external_infinispan),
"persistentSessionsEnabled": ($persistent_sessions),
"memRequestsPerPod": ($mem_req_per_pod|tonumber),
"memLimitPerPod": ($mem_limit_per_pod|tonumber),
"dbPool": {
Expand Down Expand Up @@ -142,7 +140,7 @@ tasks:
- test "{{.KC_REMOTE_STORE_HOST}}" == "$(cat .task/var-KC_REMOTE_STORE_HOST)"
- test "{{.KC_REMOTE_STORE_PORT}}" == "$(cat .task/var-KC_REMOTE_STORE_PORT)"
- test "{{.KC_DISABLE_STICKY_SESSION}}" == "$(cat .task/var-KC_DISABLE_STICKY_SESSION)"
- test "{{.KC_PERSISTENT_SESSIONS}}" == "$(cat .task/var-KC_PERSISTENT_SESSIONS)"
- test "{{.KC_KC25_MODE}}" == "$(cat .task/var-KC_KC25_MODE)"
- test "{{.KC_EXTERNAL_INFINISPAN}}" == "$(cat .task/var-KC_EXTERNAL_INFINISPAN)"
- test "{{.KC_HOSTNAME_OVERRIDE}}" == "$(cat .task/var-KC_HOSTNAME_OVERRIDE)"
- test "{{.KC_HEALTH_HOSTNAME}}" == "$(cat .task/var-KC_HEALTH_HOSTNAME)"
Expand Down
2 changes: 1 addition & 1 deletion provision/infinispan/Utils.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ tasks:
--set alertmanager.webhook.url={{ .ACCELERATOR_WEBHOOK_URL }}
--set alertmanager.webhook.username={{ .ACCELERATOR_WEBHOOK_USERNAME }}
--set alertmanager.webhook.password={{ .ACCELERATOR_WEBHOOK_PASSWORD }}
{{if eq .KC_PERSISTENT_SESSIONS "true"}}--values ispn-helm/persistent-session-caches.yaml{{end}}
{{if eq .KC_KC25_MODE "true"}}--values ispn-helm/kc-25-caches.yaml{{end}}
./ispn-helm
preconditions:
- test -f ".task/kubecfg/{{.ROSA_CLUSTER_NAME}}"
Expand Down
17 changes: 17 additions & 0 deletions provision/infinispan/ispn-helm/kc-25-caches.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
caches:
sessions:
owners: 2
memory:
maxCount: -1
offlineSessions:
owners: 2
memory:
maxCount: -1
clientSessions:
owners: 2
memory:
maxCount: -1
offlineClientSessions:
owners: 2
memory:
maxCount: -1
17 changes: 0 additions & 17 deletions provision/infinispan/ispn-helm/persistent-session-caches.yaml
View file
Open in desktop

This file was deleted.

13 changes: 12 additions & 1 deletion provision/infinispan/ispn-helm/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,16 +15,27 @@ cacheDefaults:
lockTimeout: 4000
caches:
sessions:
owners: 2
owners: 1
memory:
maxCount: 10000
mergePolicy: ALWAYS_REMOVE
actionTokens: {}
authenticationSessions:
mergePolicy: ALWAYS_REMOVE
offlineSessions:
owners: 1
memory:
maxCount: 10000
mergePolicy: ALWAYS_REMOVE
clientSessions:
owners: 1
memory:
maxCount: 10000
mergePolicy: ALWAYS_REMOVE
offlineClientSessions:
owners: 1
memory:
maxCount: 10000
mergePolicy: ALWAYS_REMOVE
loginFailures: { }
work: { }
Expand Down
2 changes: 1 addition & 1 deletion provision/keycloak-tasks/Taskfile.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ vars:
KC_REMOTE_STORE_HOST: '{{default "localhost" .KC_REMOTE_STORE_HOST}}'
KC_REMOTE_STORE_PORT: '{{default "11222" .KC_REMOTE_STORE_PORT}}'
KC_DISABLE_STICKY_SESSION: '{{default "false" .KC_DISABLE_STICKY_SESSION}}'
KC_PERSISTENT_SESSIONS: '{{default "false" .KC_PERSISTENT_SESSIONS}}'
KC_KC25_MODE: '{{default "false" .KC_KC25_MODE}}'
KC_EXTERNAL_INFINISPAN: '{{default "false" .KC_EXTERNAL_INFINISPAN}}'

tasks:
Expand Down
1 change: 0 additions & 1 deletion provision/keycloak-tasks/Utils.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -255,7 +255,6 @@ tasks:
--set namespace={{.NAMESPACE}}
--set keycloakAdminPassword="{{.KC_ADMIN_PASSWORD}}"
--set disableIngressStickySession={{ .KC_DISABLE_STICKY_SESSION }}
--set persistentSessions={{ .KC_PERSISTENT_SESSIONS }}
--set externalInfinispan={{ .KC_EXTERNAL_INFINISPAN }}
--set nodePortsEnabled=false
../minikube/keycloak
Expand Down
7 changes: 0 additions & 7 deletions provision/minikube/keycloak/templates/keycloak.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,9 +57,6 @@ spec:
features:
enabled:
- multi-site # <3>
{{- if .Values.persistentSessions }}
- persistent-user-sessions
{{- end }}
{{- if .Values.externalInfinispan }}
- remote-cache
{{- end }}
Expand All @@ -78,10 +75,6 @@ spec:
# tag::keycloak-ispn[]
additionalOptions:
# end::keycloak-ispn[]
{{- if .Values.persistentSessions }}
- name: spi-user-sessions-infinispan-use-caches
value: "false"
{{- end }}
- name: http-metrics-histograms-enabled
value: 'true'
- name: http-metrics-slos
Expand Down
1 change: 0 additions & 1 deletion provision/openshift/Taskfile.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -273,7 +273,6 @@ tasks:
--set namespace={{.KC_NAMESPACE_PREFIX}}keycloak
--set keycloakAdminPassword="{{.KC_ADMIN_PASSWORD}}"
--set disableIngressStickySession={{ .KC_DISABLE_STICKY_SESSION }}
--set persistentSessions={{ .KC_PERSISTENT_SESSIONS }}
--set externalInfinispan={{ .KC_EXTERNAL_INFINISPAN }}
--set nodePortsEnabled=false
../minikube/keycloak
Expand Down