Hi,
I am trying to configure haproxy as part of enabling keycloak standalone cluster. I have an application which is authenticated using keycloak server. Here I am trying to configure 2 keycloak servers for my application for load balancing.
frontend haproxynode
bind HAPROXYIP:PORT
mode http
default_backend backendnodes
backend backendnodes
balance roundrobin
server server1 KEYCLOAK_SERVER1_IP:PORT check
server server2 KEYCLOAK_SERVER2_IP:PORT check
I am new in this and this is the configuration I am trying right now. If I am commenting one of the backend servers it works fine. If both the servers are enabled in backend section, request goes to both servers at same time and redirection issue happens when logging into the website.
So I tried using the cookies for enabling sticky session.
backend backendnodes
balance roundrobin
#cookie KC_ROUTE insert indirect nocache
cookie AUTH_SESSION_ID prefix nocache
server keynd1 KEYCLOAK_SERVER1_IP:PORT check cookie keynd1
server keynd2 KEYCLOAK_SERVER2_IP:PORT check cookie keynd2
I tried both KC_ROUTE and AUTH_SESSION_ID. I am getting the login screen, but getting 403, forbidden error. I am starting my keycloak servers using the command:
./standalone.sh -b KEYCLOAK_IP -c standalone-ha.xml -Djboss.socket.binding.port-offset=200 -Djboss.node.name=keynd1
Why I am getting this forbidden error? Do I need to make any more configurations to fix this issue? Please help.
Thanks & Regards,
Deeps