KEYCLOAK-14715 Documentation for the upgrade to Wildfly 20
This commit is contained in:
mposolda
Marek Posolda
parent
30850c5549
commit
4a033130e3
3 changed files with 67 additions and 11 deletions
|
|
@ -323,6 +323,12 @@ Issues related to authorization may exist just for some other versions of {jdgse
|
|||
+
|
||||
It is currently required to have different configuration files for the JDG servers on both sites as the Infinispan subsystem does not support replacing site names with expressions. See link:https://issues.redhat.com/browse/WFLY-9458[this issue] for more details.
|
||||
|
||||
NOTE: The _PUBLIC_IP_ADDRESS_ below refers to the IP address or hostname, which can be used for your server to bind to. Note that
|
||||
every {jdgserver_name} server and {project_name} server needs to use different address. During example setup with all the servers running on the same host,
|
||||
you may need to add the option `-Djboss.bind.address.management=_PUBLIC_IP_ADDRESS_` as every server needs to use also different management interface.
|
||||
But this option usually should be omitted in production environments to avoid the ability for remote access to your server. For more information,
|
||||
see the link:{appserver_socket_link}[_{appserver_socket_name}_].
|
||||
|
||||
. Start server `jdg1`:
|
||||
+
|
||||
[source,subs="+quotes"]
|
||||
|
|
@ -386,13 +392,6 @@ In production you will likely need to have a separate database server in every d
|
|||
```
|
||||
+
|
||||
|
||||
.. Add this `module` attribute under `cache-container` element of name `keycloak` :
|
||||
+
|
||||
```xml
|
||||
<cache-container name="keycloak" module="org.keycloak.keycloak-model-infinispan">
|
||||
```
|
||||
+
|
||||
|
||||
.. Add the `remote-store` under `work` cache:
|
||||
+
|
||||
```xml
|
||||
|
|
@ -402,6 +401,9 @@ In production you will likely need to have a separate database server in every d
|
|||
<property name="marshaller">org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
|
||||
ifeval::[{project_product}==true]
|
||||
<property name="protocolVersion">2.6</property>
|
||||
endif::[]
|
||||
ifeval::[{project_community}==true]
|
||||
<property name="protocolVersion">2.9</property>
|
||||
endif::[]
|
||||
</remote-store>
|
||||
</replicated-cache>
|
||||
|
|
@ -417,6 +419,9 @@ endif::[]
|
|||
<property name="marshaller">org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
|
||||
ifeval::[{project_product}==true]
|
||||
<property name="protocolVersion">2.6</property>
|
||||
endif::[]
|
||||
ifeval::[{project_community}==true]
|
||||
<property name="protocolVersion">2.9</property>
|
||||
endif::[]
|
||||
</remote-store>
|
||||
</distributed-cache>
|
||||
|
|
@ -432,6 +437,9 @@ endif::[]
|
|||
<property name="marshaller">org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
|
||||
ifeval::[{project_product}==true]
|
||||
<property name="protocolVersion">2.6</property>
|
||||
endif::[]
|
||||
ifeval::[{project_community}==true]
|
||||
<property name="protocolVersion">2.9</property>
|
||||
endif::[]
|
||||
</remote-store>
|
||||
</distributed-cache>
|
||||
|
|
@ -442,6 +450,9 @@ endif::[]
|
|||
<property name="marshaller">org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
|
||||
ifeval::[{project_product}==true]
|
||||
<property name="protocolVersion">2.6</property>
|
||||
endif::[]
|
||||
ifeval::[{project_community}==true]
|
||||
<property name="protocolVersion">2.9</property>
|
||||
endif::[]
|
||||
</remote-store>
|
||||
</distributed-cache>
|
||||
|
|
@ -452,6 +463,9 @@ endif::[]
|
|||
<property name="marshaller">org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
|
||||
ifeval::[{project_product}==true]
|
||||
<property name="protocolVersion">2.6</property>
|
||||
endif::[]
|
||||
ifeval::[{project_community}==true]
|
||||
<property name="protocolVersion">2.9</property>
|
||||
endif::[]
|
||||
</remote-store>
|
||||
</distributed-cache>
|
||||
|
|
@ -462,6 +476,9 @@ endif::[]
|
|||
<property name="marshaller">org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
|
||||
ifeval::[{project_product}==true]
|
||||
<property name="protocolVersion">2.6</property>
|
||||
endif::[]
|
||||
ifeval::[{project_community}==true]
|
||||
<property name="protocolVersion">2.9</property>
|
||||
endif::[]
|
||||
</remote-store>
|
||||
</distributed-cache>
|
||||
|
|
@ -474,6 +491,9 @@ endif::[]
|
|||
<property name="marshaller">org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
|
||||
ifeval::[{project_product}==true]
|
||||
<property name="protocolVersion">2.6</property>
|
||||
endif::[]
|
||||
ifeval::[{project_community}==true]
|
||||
<property name="protocolVersion">2.9</property>
|
||||
endif::[]
|
||||
</remote-store>
|
||||
</distributed-cache>
|
||||
|
|
@ -491,6 +511,20 @@ endif::[]
|
|||
|
||||
.. The configuration of distributed cache `authenticationSessions` and other caches is left unchanged.
|
||||
|
||||
.. It is recommended to add the `remoteStoreSecurityEnabled` property with the value of `false` (or eventually `true` if you enabled security
|
||||
for the {jdgserver_name} servers as described above) to the `connectionsInfinispan` SPI in the `keycloak-server` subsystem:
|
||||
+
|
||||
```xml
|
||||
<spi name="connectionsInfinispan">
|
||||
...
|
||||
<provider ...>
|
||||
<properties>
|
||||
...
|
||||
<property name="remoteStoreSecurityEnabled" value="false"/>
|
||||
</properties>
|
||||
...
|
||||
```
|
||||
|
||||
.. Optionally enable DEBUG logging under the `logging` subsystem:
|
||||
+
|
||||
```xml
|
||||
|
|
|
|||
|
|
@ -102,7 +102,7 @@ endif::[]
|
|||
|
||||
:appserver_name: WildFly
|
||||
:appserver_dirref: WILDFLY_HOME
|
||||
:appserver_version: 18
|
||||
:appserver_version: 20
|
||||
|
||||
:appserver_doc_base_url: http://docs.wildfly.org/{appserver_version}
|
||||
:appserver_socket_link: {appserver_doc_base_url}/Admin_Guide.html#Interfaces_and_ports
|
||||
|
|
@ -123,7 +123,7 @@ endif::[]
|
|||
:appserver_loadbalancer_name: {appserver_name} {appserver_version} Documentation
|
||||
|
||||
:jdgserver_name: Infinispan
|
||||
:jdgserver_version: 9.4.16
|
||||
:jdgserver_version: 9.4.18
|
||||
:jdgserver_crossdcdocs_link: https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html/red_hat_data_grid_user_guide/x_site_replication
|
||||
|
||||
:fuseVersion: JBoss Fuse 6.3.0 Rollup 12
|
||||
|
|
@ -133,7 +133,7 @@ endif::[]
|
|||
:fuse7Version: JBoss Fuse 7.4.0
|
||||
|
||||
:subsystem_undertow_xml_urn: urn:jboss:domain:undertow:10.0
|
||||
:subsystem_infinispan_xml_urn: urn:jboss:domain:infinispan:9.0
|
||||
:subsystem_infinispan_xml_urn: urn:jboss:domain:infinispan:10.0
|
||||
:subsystem_datasources_xml_urn: urn:jboss:domain:datasources:5.0
|
||||
:saml_adapter_xsd_urn: https://www.keycloak.org/schema/keycloak_saml_adapter_1_10.xsd
|
||||
:generic_adapter_name: keycloak-gatekeeper
|
||||
|
|
|
|||
|
|
@ -2,6 +2,28 @@
|
|||
|
||||
=== Migrating to 11.0.0
|
||||
|
||||
==== Upgrade to Wildfly 20
|
||||
|
||||
The {project_name} server was upgraded to use Wildfly 20 as the underlying container. This does not directly involve any
|
||||
specific {project_name} server functionality, but there are few changes related to the migration, which are worth mentioning.
|
||||
|
||||
Dependency updates::
|
||||
The dependencies were updated to the versions used by Wildfly 20 server. For example, Infinispan is now 10.1.8.Final.
|
||||
|
||||
Configuration changes::
|
||||
There are few configuration changes in the `standalone(-ha).xml` and `domain.xml` files. You should follow the <<_install_new_version>>
|
||||
section to handle the migration of configuration files automatically.
|
||||
|
||||
Cross-Datacenter Replication changes::
|
||||
* You will need to upgrade {jdgserver_name} server to version {jdgserver_version}. The older version may still work, but it is
|
||||
not guaranteed as they are not tested anymore.
|
||||
* It is recommended to use the `protocolVersion` property added to the `remote-store` element when configuring Infinispan caches.
|
||||
When connecting to the {jdgserver_name} server 9.4.18, the recommended version of the hotrod protocol version is 2.9 as the Infinispan
|
||||
library version differs among {project_name} server and {jdgserver_name} server. For more details, see the
|
||||
Cross-Datacenter documentation.
|
||||
* It is recommended to use `remoteStoreSecurityEnabled` property under `connectionsInfinispan` subsystem. For more details,
|
||||
see the Cross-Datacenter documentation.
|
||||
|
||||
==== LDAP no-import bugfix
|
||||
|
||||
In the previous {project_name} version, when the LDAP provider was configured with `Import Users` OFF, it was possible to update the
|
||||
|
|
@ -183,7 +205,7 @@ Cross-Datacenter Replication changes::
|
|||
==== Upgrade to Wildfly 16
|
||||
|
||||
The {project_name} server was upgraded to use Wildfly 16 as the underlying container. This does not directly involve any
|
||||
specific {project_name} server functionality, but there are few changes related to the migration, which worth mentioning.
|
||||
specific {project_name} server functionality, but there are few changes related to the migration, which are worth mentioning.
|
||||
|
||||
Dependency updates::
|
||||
The dependencies were updated to the versions used by Wildfly 16 server. For example, Infinispan is now 9.4.8.Final.
|
||||
|
|
|
|||
Loading…
Reference in a new issue