Separating multisite feature for Minikube, fixing dual stack DNS prob…

…lems, fixing GitHub Workflow YAML Signed-off-by: Alexander Schwartz <[email protected]>
keycloak · Aug 8, 2024 · bac2b28 · mhajas · Aug 12, 2024 · ahus1
1 parent bb6c819
commit bac2b28
Show file tree

Hide file tree

Showing 10 changed files with 36 additions and 6 deletions.
diff --git a/.github/actions/keycloak-create-deployment/action.yml b/.github/actions/keycloak-create-deployment/action.yml
@@ -18,6 +18,9 @@ inputs:
   enableExternalInfinispanFeature:
     description: 'To enable the external Infinispan feature. It disables the embedded caches and only uses the remote caches.'
     default: 'false'
+  enableMultiSiteFeature:
+    description: 'To enable the external Infinispan feature. It disables the embedded caches and only uses the remote caches.'
+    default: 'false'
   image:
     description: 'Keycloak Image'
   podMemoryRequests:
@@ -57,6 +60,7 @@ runs:
         KC_DISABLE_STICKY_SESSION: ${{ inputs.disableStickySessions }}
         KC_KC25_MODE: ${{ inputs.enableKc25Mode }}
         KC_EXTERNAL_INFINISPAN: ${{ inputs.enableExternalInfinispanFeature }}
+        KC_MULTI_SITE: ${{ inputs.enableMultiSiteFeature }}
         KC_CONTAINER_IMAGE: ${{ inputs.image }}
         KC_MEMORY_REQUESTS_MB: ${{ inputs.podMemoryRequests }}
         KC_MEMORY_LIMITS_MB: ${{ inputs.podMemoryLimit }}

diff --git a/.github/workflows/rosa-cluster-auto-provision-on-schedule.yml b/.github/workflows/rosa-cluster-auto-provision-on-schedule.yml
@@ -17,6 +17,7 @@ jobs:
       clusterPrefix: gh-keycloak # ${{ env.CLUSTER_PREFIX }} -- unfortunately 'env.' doesn't work here
       activeActive: true
       enableExternalInfinispanFeature: true
+      enableMultiSiteFeature: true
     secrets: inherit
 
   run-functional-tests-active-active-with-external-infinispan:
@@ -56,8 +57,9 @@ jobs:
     uses: ./.github/workflows/rosa-multi-az-cluster-create.yml
     with:
       clusterPrefix: gh-keycloak # ${{ env.CLUSTER_PREFIX }} -- unfortunately 'env.' doesn't work here
-      enablePersistentSessions: true
+      enablePersistentSessionsFeature: true
       enableExternalInfinispanFeature: true
+      enableMultiSiteFeature: true
       createCluster: false
       activeActive: true
     secrets: inherit

diff --git a/.github/workflows/rosa-multi-az-cluster-create.yml b/.github/workflows/rosa-multi-az-cluster-create.yml
@@ -20,14 +20,22 @@ on:
         description: 'When true deploy an Active/Active Keycloak deployment'
         type: boolean
         default: false
-      enablePersistentSessions:
+      enableKc25Mode:
+        description: 'Set to true when version older than 26 is deployed'
+        type: boolean
+        default: false
+      enablePersistentSessionsFeature:
         description: 'To enable Persistent user and client sessions to the DB'
         type: boolean
         default: false
       enableExternalInfinispanFeature:
         description: 'To enable the external Infinispan feature. It disables the embedded caches and only uses the remote caches.'
         type: boolean
-        default: false
+        default: true
+      enableMultiSiteFeature:
+        description: 'To enable the Multi Site Feature'
+        type: boolean
+        default: true
       keycloakBranch:
         description: 'The branch to deploy Keycloak from. If not set nightly image is used'
         type: string
@@ -54,10 +62,18 @@ on:
         description: 'Set to true when version older than 26 is deployed'
         type: boolean
         default: false
+      enablePersistentSessionsFeature:
+        description: 'To enable Persistent user and client sessions to the DB'
+        type: boolean
+        default: false
       enableExternalInfinispanFeature:
         description: 'To enable the external Infinispan feature. It disables the embedded caches and only uses the remote caches.'
         type: boolean
-        default: false
+        default: true
+      enableMultiSiteFeature:
+        description: 'To enable the Multi Site Feature'
+        type: boolean
+        default: true
       keycloakBranch:
         description: 'The branch to deploy Keycloak from. If not set nightly image is used'
         type: string
@@ -67,6 +83,7 @@ env:
   REGION: ${{ inputs.region || vars.AWS_DEFAULT_REGION }}
   KC_KC25_MODE: ${{ inputs.enableKc25Mode }}
   KC_EXTERNAL_INFINISPAN: ${{ inputs.enableExternalInfinispanFeature }}
+  KC_MULTI_SITE: ${{ inputs.enableMultiSiteFeature }}
 
 jobs:
   # Workaround required for passing env variables to reusable workflow declarations as ${{ env.* }} is not available

diff --git a/pom.xml b/pom.xml
@@ -11,7 +11,7 @@
 
   <properties>
     <keycloak.version>999.0.0-SNAPSHOT</keycloak.version>
-    <infinispan.version>15.0.4.Final</infinispan.version>
+    <infinispan.version>15.0.7.Final</infinispan.version>
     <junit5.version>5.10.1</junit5.version>
     <httpclient.version>4.5.14</httpclient.version>
     <maven.enforcer.plugin.version>3.4.1</maven.enforcer.plugin.version>

diff --git a/provision/keycloak-tasks/Utils.yaml b/provision/keycloak-tasks/Utils.yaml
@@ -256,6 +256,7 @@ tasks:
         --set keycloakAdminPassword="{{.KC_ADMIN_PASSWORD}}"
         --set disableIngressStickySession={{ .KC_DISABLE_STICKY_SESSION }}
         --set externalInfinispan={{ .KC_EXTERNAL_INFINISPAN }}
+        --set multiSite={{ .KC_MULTI_SITE }}
         --set nodePortsEnabled=false
         ../minikube/keycloak
     preconditions:

diff --git a/provision/minikube/keycloak/templates/keycloak.yaml b/provision/minikube/keycloak/templates/keycloak.yaml
@@ -56,7 +56,9 @@ spec:
 {{ end }}
   features:
     enabled:
+{{- if .Values.multiSite }}
       - multi-site # <3>
+{{- end }}
 {{- if .Values.externalInfinispan }}
       - remote-cache
 {{- end }}

diff --git a/provision/minikube/keycloak/values.yaml b/provision/minikube/keycloak/values.yaml
@@ -42,6 +42,7 @@ jvmDebug: true
 predefinedAdmin: true
 persistentSessions: false
 externalInfinispan: false
+multiSite: false
 infinispan:
   jgroupsTls: false
   customConfig: false

diff --git a/provision/openshift/Taskfile.yaml b/provision/openshift/Taskfile.yaml
@@ -274,6 +274,7 @@ tasks:
         --set keycloakAdminPassword="{{.KC_ADMIN_PASSWORD}}"
         --set disableIngressStickySession={{ .KC_DISABLE_STICKY_SESSION }}
         --set externalInfinispan={{ .KC_EXTERNAL_INFINISPAN }}
+        --set externalInfinispan={{ .KC_MULTI_SITE }}
         --set nodePortsEnabled=false
         ../minikube/keycloak
       - >

diff --git a/provision/opentofu/modules/aws/accelerator/src/stonith_lambda.py b/provision/opentofu/modules/aws/accelerator/src/stonith_lambda.py
@@ -12,6 +12,8 @@ def handle_site_offline(labels):
 
     acceleratorDNS = labels['accelerator']
     accelerator = jmespath.search(f"Accelerators[?DnsName=='{acceleratorDNS}']", a_client.list_accelerators())
+    if not accelerator:
+        accelerator = jmespath.search(f"Accelerators[?DualStackDnsName=='{acceleratorDNS}']", a_client.list_accelerators())
     if not accelerator:
         print(f"Ignoring SiteOffline alert as accelerator with DnsName '{acceleratorDNS}' not found")
         return

diff --git a/...enchmark-crossdc-tests/src/test/java/org/keycloak/benchmark/crossdc/client/AWSClient.java b/...enchmark-crossdc-tests/src/test/java/org/keycloak/benchmark/crossdc/client/AWSClient.java
@@ -149,7 +149,7 @@ public static void waitForTheHealthCheckToBeInState(String healthCheckId, StateV
    public static Accelerator getAccelerator(GlobalAcceleratorClient gaClient, String acceleratorDns) {
       return gaClient.listAccelerators().accelerators()
             .stream()
-            .filter(a -> acceleratorDns.contains(a.dnsName()))
+            .filter(a -> acceleratorDns.contains(a.dnsName()) || acceleratorDns.contains(a.dualStackDnsName()))
             .findFirst()
             .orElseThrow();
    }