From 0b20a4fd3ae7b0b8b37fe226bd94a5411f2d8842 Mon Sep 17 00:00:00 2001 From: Shoubhik Bose Date: Fri, 11 Aug 2017 05:35:04 +0000 Subject: [PATCH 1/3] add documentation to assist deployment changes --- openshift/debugging.md | 95 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 openshift/debugging.md diff --git a/openshift/debugging.md b/openshift/debugging.md new file mode 100644 index 00000000..c3ca3b0c --- /dev/null +++ b/openshift/debugging.md @@ -0,0 +1,95 @@ +### Checking logs in Kibana + +Use the following query in Kibana to filter in meaningful log messages + +``` +kubernetes.container_name: "keycloak-server" AND NOT message: "*Allocation Failure*" +``` + + +### Confirm from logs that keycloak clustering works +``` +:16:31,892 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (Incoming-6,kubernetes,10.1.13.206) ISPN000094: Received new cluster view for channel web: [10.1.12.52|28] (3) [10.1.12.52, 10.1.13.206, 10.1.0.105] +``` + +Cluster formation might take a while, ignore any errors in logs which look like + +``` +11:16:33,050 ERROR [org.jgroups.protocols.TCP] (TransferQueueBundler,kubernetes,10.1.13.206) JGRP000029: 10.1.13.206: failed sending message to 10.1.7.65 (73 bytes): java.net.SocketTimeoutException: connect timed out, headers: GMS: GmsHeader[VIEW_ACK], UNICAST3: DATA, seqno=144, TCP: [cluster_name=kubernetes] +``` + + +### Handling memory issues + +Maintain a good balance between the pod's memory allocation , and the Java memory allocation. +Ensure that the Java memory is slightly lesser than the pod's memory allocation to avoid the pod from crashing. + +``` + strategy: + type: Rolling + resources: + limits: + memory: 2Gi +``` + +``` + - name: JAVA_OPTS + value: >- + -server -Xms256m -Xmx1434m -XX:MetaspaceSize=96M +``` + + +### Using parameters + +If there's an environment variable that wouldn't change much, as of now, it would be fair to harcode it as a parameter +Refer to discussion here : https://github.com/fabric8-services/keycloak-deployment/pull/45 + +``` + replicas: ${REPLICAS} +``` + +and then + +``` +- name: REPLICAS + value: "3" +``` + +### Configuration for active-active clustering + + +``` + + - name: OPENSHIFT_KUBE_PING_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPENSHIFT_KUBE_PING_LABELS + valueFrom: + configMapKeyRef: + name: keycloak-config + key: openshift.kube.ping.labels + - name: OPENSHIFT_KUBE_PING_SERVER_PORT + valueFrom: + configMapKeyRef: + name: keycloak-config + key: openshift.kube.ping.server.port + +``` + +Of course you would need to specify the mode + +``` +- name: OPERATING_MODE + value: ${OPERATING_MODE} + + +### Testing the performance of a deployment + +The performance can be testing by executing the following scripts : +https://github.com/fabric8-services/keycloak-performance-scripts + + + + + From c939b9107d5f8ef5ecb0ce10727a29f8e3f65d58 Mon Sep 17 00:00:00 2001 From: Shoubhik Bose Date: Fri, 11 Aug 2017 05:37:42 +0000 Subject: [PATCH 2/3] add possible mode options. --- openshift/debugging.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openshift/debugging.md b/openshift/debugging.md index c3ca3b0c..454b87d2 100644 --- a/openshift/debugging.md +++ b/openshift/debugging.md @@ -77,12 +77,12 @@ and then ``` -Of course you would need to specify the mode +Of course you would need to specify the mode as CLUSTERED or STANDALONE ``` - name: OPERATING_MODE value: ${OPERATING_MODE} - +``` ### Testing the performance of a deployment From aa249b4170aacf6a96e3673fe82dd2978fbd0886 Mon Sep 17 00:00:00 2001 From: Shoubhik Bose Date: Fri, 11 Aug 2017 05:48:06 +0000 Subject: [PATCH 3/3] fix typo --- openshift/debugging.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/debugging.md b/openshift/debugging.md index 454b87d2..58602a6a 100644 --- a/openshift/debugging.md +++ b/openshift/debugging.md @@ -86,7 +86,7 @@ Of course you would need to specify the mode as CLUSTERED or STANDALONE ### Testing the performance of a deployment -The performance can be testing by executing the following scripts : +The performance can be tested by executing the following scripts : https://github.com/fabric8-services/keycloak-performance-scripts