keycloak-scim/docs/guides/high-availability/examples/generated/ispn-site-b.yaml

---
# Source: ispn-helm/templates/infinispan.yaml
# There are several callouts in this YAML marked with `# <1>' etc. See 'running/infinispan-deployment.adoc` for the details.# tag::infinispan-credentials[]
apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: connect-secret
  namespace: keycloak
data:
  identities.yaml: Y3JlZGVudGlhbHM6CiAgLSB1c2VybmFtZTogZGV2ZWxvcGVyCiAgICBwYXNzd29yZDogc3Ryb25nLXBhc3N3b3JkCiAgICByb2xlczoKICAgICAgLSBhZG1pbgo= # <1>
# end::infinispan-credentials[]
---
# Source: ispn-helm/templates/infinispan.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: cluster-config
  namespace: keycloak
data:
  infinispan-config.yaml: >
    infinispan:
      cacheContainer:
        metrics:
          namesAsTags: true
          gauges: true
          histograms: false
      server:
        endpoints:
          - securityRealm: default
            socketBinding: default
            connectors:
              rest:
                restConnector:
                  authentication:
                    mechanisms: BASIC
              hotrod:
                hotrodConnector: null
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-crossdc-status[]
apiVersion: v1
kind: ConfigMap
metadata:
  name: crossdc-status
  namespace: keycloak
data:
  batch: site status --all-caches --site=site-a
# end::infinispan-crossdc-status[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-crossdc-disconnect[]
apiVersion: v1
kind: ConfigMap
metadata:
  name: crossdc-disconnect
  namespace: keycloak
data:
  batch: site take-offline --all-caches --site=site-a
# end::infinispan-crossdc-disconnect[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-crossdc-connect[]
apiVersion: v1
kind: ConfigMap
metadata:
  name: crossdc-connect
  namespace: keycloak
data:
  batch: site bring-online --all-caches --site=site-a
# end::infinispan-crossdc-connect[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-crossdc-push-state[]
apiVersion: v1
kind: ConfigMap
metadata:
  name: crossdc-push-state
  namespace: keycloak
data:
  batch: site push-site-state --all-caches --site=site-a
# end::infinispan-crossdc-push-state[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-crossdc-push-state-status[]
apiVersion: v1
kind: ConfigMap
metadata:
  name: crossdc-push-state-status
  namespace: keycloak
data:
  batch: site push-site-status --all-caches --site=site-a
# end::infinispan-crossdc-push-state-status[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-crossdc-reset-push-state-status[]
apiVersion: v1
kind: ConfigMap
metadata:
  name: crossdc-reset-push-state-status
  namespace: keycloak
data:
  batch: site clear-push-state-status --all-caches --site=site-a
# end::infinispan-crossdc-reset-push-state-status[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-crossdc-clear-caches[]
apiVersion: v1
kind: ConfigMap
metadata:
  name: crossdc-clear-caches
  namespace: keycloak
data:
  batch: |+
    clearcache actionTokens
    clearcache authenticationSessions
    clearcache clientSessions
    clearcache loginFailures
    clearcache offlineClientSessions
    clearcache offlineSessions
    clearcache sessions
    clearcache work
    
# end::infinispan-crossdc-clear-caches[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-cache-actionTokens[]
apiVersion: infinispan.org/v2alpha1
kind: Cache
metadata:
  name: actiontokens
  namespace: keycloak
spec:
  clusterName: infinispan
  name: actionTokens
  template: |-
    distributedCache:
      mode: "SYNC"
      owners: "2"
      statistics: "true"
      remoteTimeout: 14000
      stateTransfer:
        chunkSize: 16
      backups:
        site-a: # <2>
          backup:
            strategy: "SYNC" # <3>
            timeout: 13000
            stateTransfer:
              chunkSize: 16
# end::infinispan-cache-actionTokens[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-cache-authenticationSessions[]
apiVersion: infinispan.org/v2alpha1
kind: Cache
metadata:
  name: authenticationsessions
  namespace: keycloak
spec:
  clusterName: infinispan
  name: authenticationSessions
  template: |-
    distributedCache:
      mode: "SYNC"
      owners: "2"
      statistics: "true"
      remoteTimeout: 14000
      stateTransfer:
        chunkSize: 16
      backups:
        mergePolicy: ALWAYS_REMOVE # <1>
        site-a: # <2>
          backup:
            strategy: "SYNC" # <3>
            timeout: 13000
            stateTransfer:
              chunkSize: 16
# end::infinispan-cache-authenticationSessions[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-cache-clientSessions[]
apiVersion: infinispan.org/v2alpha1
kind: Cache
metadata:
  name: clientsessions
  namespace: keycloak
spec:
  clusterName: infinispan
  name: clientSessions
  template: |-
    distributedCache:
      mode: "SYNC"
      owners: "2"
      statistics: "true"
      remoteTimeout: 14000
      stateTransfer:
        chunkSize: 16
      backups:
        mergePolicy: ALWAYS_REMOVE # <1>
        site-a: # <2>
          backup:
            strategy: "SYNC" # <3>
            timeout: 13000
            stateTransfer:
              chunkSize: 16
# end::infinispan-cache-clientSessions[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-cache-loginFailures[]
apiVersion: infinispan.org/v2alpha1
kind: Cache
metadata:
  name: loginfailures
  namespace: keycloak
spec:
  clusterName: infinispan
  name: loginFailures
  template: |-
    distributedCache:
      mode: "SYNC"
      owners: "2"
      statistics: "true"
      remoteTimeout: 14000
      stateTransfer:
        chunkSize: 16
      backups:
        site-a: # <2>
          backup:
            strategy: "SYNC" # <3>
            timeout: 13000
            stateTransfer:
              chunkSize: 16
# end::infinispan-cache-loginFailures[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-cache-offlineClientSessions[]
apiVersion: infinispan.org/v2alpha1
kind: Cache
metadata:
  name: offlineclientsessions
  namespace: keycloak
spec:
  clusterName: infinispan
  name: offlineClientSessions
  template: |-
    distributedCache:
      mode: "SYNC"
      owners: "2"
      statistics: "true"
      remoteTimeout: 14000
      stateTransfer:
        chunkSize: 16
      backups:
        mergePolicy: ALWAYS_REMOVE # <1>
        site-a: # <2>
          backup:
            strategy: "SYNC" # <3>
            timeout: 13000
            stateTransfer:
              chunkSize: 16
# end::infinispan-cache-offlineClientSessions[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-cache-offlineSessions[]
apiVersion: infinispan.org/v2alpha1
kind: Cache
metadata:
  name: offlinesessions
  namespace: keycloak
spec:
  clusterName: infinispan
  name: offlineSessions
  template: |-
    distributedCache:
      mode: "SYNC"
      owners: "2"
      statistics: "true"
      remoteTimeout: 14000
      stateTransfer:
        chunkSize: 16
      backups:
        mergePolicy: ALWAYS_REMOVE # <1>
        site-a: # <2>
          backup:
            strategy: "SYNC" # <3>
            timeout: 13000
            stateTransfer:
              chunkSize: 16
# end::infinispan-cache-offlineSessions[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-cache-sessions[]
apiVersion: infinispan.org/v2alpha1
kind: Cache
metadata:
  name: sessions
  namespace: keycloak
spec:
  clusterName: infinispan
  name: sessions
  template: |-
    distributedCache:
      mode: "SYNC"
      owners: "2"
      statistics: "true"
      remoteTimeout: 14000
      stateTransfer:
        chunkSize: 16
      backups:
        mergePolicy: ALWAYS_REMOVE # <1>
        site-a: # <2>
          backup:
            strategy: "SYNC" # <3>
            timeout: 13000
            stateTransfer:
              chunkSize: 16
# end::infinispan-cache-sessions[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-cache-work[]
apiVersion: infinispan.org/v2alpha1
kind: Cache
metadata:
  name: work
  namespace: keycloak
spec:
  clusterName: infinispan
  name: work
  template: |-
    distributedCache:
      mode: "SYNC"
      owners: "2"
      statistics: "true"
      remoteTimeout: 14000
      stateTransfer:
        chunkSize: 16
      backups:
        site-a: # <2>
          backup:
            strategy: "SYNC" # <3>
            timeout: 13000
            stateTransfer:
              chunkSize: 16
# end::infinispan-cache-work[]
---
# Source: ispn-helm/templates/infinispan.yaml
# tag::infinispan-crossdc[]
# tag::infinispan-single[]
apiVersion: infinispan.org/v1
kind: Infinispan
metadata:
  name: infinispan # <1>
  namespace: keycloak
  annotations:
    infinispan.org/monitoring: 'true' # <2>
spec:
  replicas: 3
# end::infinispan-single[]
# end::infinispan-crossdc[]
  # This exposes the http endpoint to interact with its caches - more info - https://infinispan.org/docs/stable/titles/rest/rest.html
  # We can optionally set the host in the below expose yaml block, otherwise it will be set to a default naming pattern.
  expose:
    type: Route
  configMapName: "cluster-config"
  image: quay.io/infinispan/server:14.0.24.Final
  configListener:
    enabled: false
  container:
    extraJvmOpts: '-Dorg.infinispan.openssl=false -Dinfinispan.cluster.name=ISPN  -Djgroups.xsite.fd.interval=2000 -Djgroups.xsite.fd.timeout=15000'
  logging:
    categories:
      org.infinispan: info
      org.jgroups: info
  # tag::infinispan-crossdc[]
  # tag::infinispan-single[]
  security:
    endpointSecretName: connect-secret # <3>
  service:
    type: DataGrid
    # end::infinispan-single[]
    sites:
      local:
        name: site-b # <4>
        # end::infinispan-crossdc[]
        discovery:
          launchGossipRouter: true
          heartbeats:
            interval: 2000
            timeout: 8000
        # tag::infinispan-crossdc[]
        expose:
          type: Route # <5>
        maxRelayNodes: 128
        encryption:
          transportKeyStore:
            secretName: xsite-keystore-secret # <6>
            alias: xsite # <7>
            filename: keystore.p12 # <8>
          routerKeyStore:
            secretName: xsite-keystore-secret # <6>
            alias: xsite # <7>
            filename: keystore.p12 # <8>
          trustStore:
            secretName: xsite-truststore-secret # <9>
            filename: truststore.p12 # <10>
      locations:
        - name: site-a # <11>
          clusterName: infinispan
          namespace: keycloak # <12>
          url: openshift://api.site-a # <13>
          secretName: xsite-token-secret # <14>
          
    # end::infinispan-crossdc[]