如何在kubernetes上运行的keydepate上持久化用户会话?
pod重启后,所有用户会话数据丢失 但pod重启后,所有其他数据都存在(例如:-领域、用户、领域设置) KeyClope与Postgres一起运行,作为单个pod中的持久性存储 以下是部署文件配置:如何在kubernetes上运行的keydepate上持久化用户会话?,kubernetes,keycloak,Kubernetes,Keycloak,pod重启后,所有用户会话数据丢失 但pod重启后,所有其他数据都存在(例如:-领域、用户、领域设置) KeyClope与Postgres一起运行,作为单个pod中的持久性存储 以下是部署文件配置: apiVersion: apps/v1 kind: Deployment metadata: name: idms namespace: default labels: app: idms spec: replicas: 1 selector: matchLab
apiVersion: apps/v1
kind: Deployment
metadata:
name: idms
namespace: default
labels:
app: idms
spec:
replicas: 1
selector:
matchLabels:
app: idms
template:
metadata:
labels:
app: idms
spec:
containers:
- name: postgres
image: registry.prod.srv.da.nsn-rdnet.net/edge/postgres:12.3-alpine
imagePullPolicy: "IfNotPresent"
ports:
- containerPort: 5432
lifecycle:
postStart:
exec:
command: ["/bin/bash","-c","sleep 5 && PGPASSWORD=$POSTGRES_PASSWORD psql $POSTGRES_DB -U $POSTGRES_USER -c \'CREATE SCHEMA IF NOT EXISTS keycloak;\'"]
envFrom:
- configMapRef:
name: postgres-config
- name: keycloak
image: quay.io/keycloak/keycloak:10.0.1
env:
- name: KEYCLOAK_USER
value: "XXXXXXX"
- name: KEYCLOAK_PASSWORD
value: "XXXXXXX"
- name: REALM
value: "XXXXXXX"
- name: PROXY_ADDRESS_FORWARDING
value: "true"
- name: DB_VENDOR
value: "POSTGRES"
- name: DB_ADDR
value: "localhost"
- name: DB_PORT
value: "5432"
- name: DB_DATABASE
value: "postgresdb"
- name: DB_USER
value: "xxxxxxxxx"
- name: DB_PASSWORD
value: "xxxxxxxxx"
- name: DB_SCHEMA
value: "keycloak"
- name: KEYCLOAK_IMPORT
value: "/opt/jboss/keycloak/startup/elements/realm.json"
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: postgredb
- mountPath: /opt/jboss/keycloak/startup/elements
name: elements
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
readinessProbe:
httpGet:
path: /auth/realms/master
port: 8080
volumes:
- name: elements
configMap:
name: keycloak-elements
- name: postgredb
persistentVolumeClaim:
claimName: postgres-pv-claim
您能让我知道,持久化用户会话所需的任何配置吗?请查看
在第节中,它显示您需要将:CACHE\u OWNERS\u COUNT
设置为2
或更高,将CACHE\u OWNERS\u AUTH\u SESSIONS\u COUNT
设置为2
或更高
如果您有一个大型(根据我的经验超过100万次)会话,还建议使用单独的Infinispan群集