add persistent sessions as provisioning config and part of CI

Signed-off-by: Kamesh Akella <[email protected]>
keycloak · May 2, 2024 · b280a6c · b280a6c
1 parent 5e38fbd
commit b280a6c
Show file tree

Hide file tree

Showing 11 changed files with 23 additions and 1 deletion.
diff --git a/.github/actions/keycloak-create-deployment/action.yml b/.github/actions/keycloak-create-deployment/action.yml
@@ -12,6 +12,9 @@ inputs:
   disableStickySessions:
     description: 'Disable sticky session in OpenShift Route'
     default: 'true'
+  enablePersistentSessions:
+    description: 'Enable persistent sessions to DB'
+    default: 'false'
   image:
     description: 'Keycloak Image'
   podMemoryRequests:
@@ -49,6 +52,7 @@ runs:
         KC_NAMESPACE_PREFIX: ${{ inputs.projectPrefix }}
         KC_INSTANCES: ${{ inputs.replicas }}
         KC_DISABLE_STICKY_SESSION: ${{ inputs.disableStickySessions }}
+        KC_PERSISTENT_SESSIONS: ${{ inputs.enablePersistentSessions }}
         KC_CONTAINER_IMAGE: ${{ inputs.image }}
         KC_MEMORY_REQUESTS_MB: ${{ inputs.podMemoryRequests }}
         KC_MEMORY_LIMITS_MB: ${{ inputs.podMemoryLimit }}

diff --git a/.github/workflows/rosa-multi-az-cluster-create.yml b/.github/workflows/rosa-multi-az-cluster-create.yml
@@ -152,6 +152,7 @@ jobs:
           KC_CPU_REQUESTS: 6
           KC_INSTANCES: 3
           KC_DISABLE_STICKY_SESSION: true
+          KC_PERSISTENT_SESSIONS: false
           KC_MEMORY_REQUESTS_MB: 3000
           KC_MEMORY_LIMITS_MB: 4000
           KC_DB_POOL_INITIAL_SIZE: 30

diff --git a/.github/workflows/rosa-scaling-benchmark.yml b/.github/workflows/rosa-scaling-benchmark.yml
@@ -95,6 +95,7 @@ env:
   KC_CPU_REQUESTS: 6
   KC_INSTANCES: 3
   KC_DISABLE_STICKY_SESSION: true
+  KC_PERSISTENT_SESSIONS: false
   KC_MEMORY_REQUESTS_MB: 3000
   KC_MEMORY_LIMITS_MB: 4000
   KC_DB_POOL_INITIAL_SIZE: 30

diff --git a/doc/benchmark/modules/ROOT/pages/report/rosa-benchmark-key-results.adoc b/doc/benchmark/modules/ROOT/pages/report/rosa-benchmark-key-results.adoc
@@ -35,6 +35,7 @@ Deploy OpenShift and ROSA as described in xref:kubernetes-guide::prerequisite/pr
 KC_CPU_REQUESTS=6
 KC_INSTANCES=3
 KC_DISABLE_STICKY_SESSION=true
+KC_PERSISTENT_SESSIONS=false
 KC_MEMORY_REQUESTS_MB=3000
 KC_MEMORY_LIMITS_MB=4000
 KC_DB_POOL_INITIAL_SIZE=30

diff --git a/doc/kubernetes/modules/ROOT/pages/customizing-deployment.adoc b/doc/kubernetes/modules/ROOT/pages/customizing-deployment.adoc
@@ -221,6 +221,10 @@ Available options:
 +
 NOTE: This option is implemented only for OpenShift deployments.
 
+[[KC_PERSISTENT_SESSIONS,KC_PERSISTENT_SESSIONS]]
+KC_PERSISTENT_SESSIONS::
+We can enable the persistent sessions to be stored in the user-sessions and client-sessions into the target database in use. By default, the `KC_PERSISTENT_SESSIONS` is set to `false` in our benchmark provisioning module, we need to override it to `true` to enable this feature. Please note that, there will be a tax on the endpoint performance when you enable this feature and this is as designed, to provide better resiliency for Keycloak.
+
 == Available Benchmark options
 
 The following configuration options are available to configure the helper applications.

diff --git a/provision/common/Taskfile.yaml b/provision/common/Taskfile.yaml
@@ -24,6 +24,7 @@ vars:
   KC_REMOTE_STORE_HOST: '{{default "localhost" .KC_REMOTE_STORE_HOST}}'
   KC_REMOTE_STORE_PORT: '{{default "11222" .KC_REMOTE_STORE_PORT}}'
   KC_DISABLE_STICKY_SESSION: '{{default "false" .KC_DISABLE_STICKY_SESSION}}'
+  KC_PERSISTENT_SESSIONS: '{{default "false" .KC_PERSISTENT_SESSIONS}}'
   MULTI_AZ: '{{default "false" .MULTI_AZ}}'
   ENV_DATA_JSON_PATH: "{{.ROOT_DIR}}/../environment_data.json"
   KC_REPOSITORY: '{{default "" .KC_REPOSITORY}}'
@@ -70,13 +71,15 @@ tasks:
       - echo {{.KC_REMOTE_STORE_HOST}} > .task/var-KC_REMOTE_STORE_HOST
       - echo {{.KC_REMOTE_STORE_PORT}} > .task/var-KC_REMOTE_STORE_PORT
       - echo {{.KC_DISABLE_STICKY_SESSION}} > .task/var-KC_DISABLE_STICKY_SESSION
+      - echo {{.KC_PERSISTENT_SESSIONS}} > .task/var-KC_PERSISTENT_SESSIONS
       - echo {{.KC_HOSTNAME_OVERRIDE}} > .task/var-KC_HOSTNAME_OVERRIDE
       - echo {{.KC_HEALTH_HOSTNAME}} > .task/var-KC_HEALTH_HOSTNAME
       - |
         jq -n --arg cpu_requests_per_pod "{{ .KC_CPU_REQUESTS }}" \
           --arg cpu_limits_per_pod "{{ .KC_CPU_LIMITS }}" \
           --arg num_of_pods "{{ .KC_INSTANCES }}" \
           --argjson sticky_sessions "{{ .KC_DISABLE_STICKY_SESSION }}" \
+          --argjson persistent_sessions "{{ .KC_PERSISTENT_SESSIONS }}" \
           --arg mem_req_per_pod "{{ .KC_MEMORY_REQUESTS_MB }}" \
           --arg mem_limit_per_pod "{{ .KC_MEMORY_LIMITS_MB }}" \
           --arg db_pool_init "{{ .KC_DB_POOL_INITIAL_SIZE }}" \
@@ -134,6 +137,7 @@ tasks:
       - test "{{.KC_REMOTE_STORE_HOST}}" == "$(cat .task/var-KC_REMOTE_STORE_HOST)"
       - test "{{.KC_REMOTE_STORE_PORT}}" == "$(cat .task/var-KC_REMOTE_STORE_PORT)"
       - test "{{.KC_DISABLE_STICKY_SESSION}}" == "$(cat .task/var-KC_DISABLE_STICKY_SESSION)"
+      - test "{{.KC_PERSISTENT_SESSIONS}}" == "$(cat .task/var-KC_PERSISTENT_SESSIONS)"
       - test "{{.KC_HOSTNAME_OVERRIDE}}" == "$(cat .task/var-KC_HOSTNAME_OVERRIDE)"
       - test "{{.KC_HEALTH_HOSTNAME}}" == "$(cat .task/var-KC_HEALTH_HOSTNAME)"
 

diff --git a/provision/keycloak-tasks/Taskfile.yaml b/provision/keycloak-tasks/Taskfile.yaml
@@ -52,6 +52,7 @@ vars:
   KC_REMOTE_STORE_HOST: '{{default "localhost" .KC_REMOTE_STORE_HOST}}'
   KC_REMOTE_STORE_PORT: '{{default "11222" .KC_REMOTE_STORE_PORT}}'
   KC_DISABLE_STICKY_SESSION: '{{default "false" .KC_DISABLE_STICKY_SESSION}}'
+  KC_PERSISTENT_SESSIONS: '{{default "false" .KC_PERSISTENT_SESSIONS}}'
 
 tasks:
   default:

diff --git a/provision/keycloak-tasks/Utils.yaml b/provision/keycloak-tasks/Utils.yaml
@@ -124,7 +124,7 @@ tasks:
       PRODUCT: '{{ default "keycloak-operator" .KC_OPERATOR_NAME }}'
       CHANNEL: '{{ .KC_OPERATOR_CHANNEL }}'
       VERSION: '{{ .KC_OPERATOR_VERSION }}'
-  
+
   install-keycloak-operator:
     desc: "Install the Keycloak operator"
     internal: true
@@ -255,6 +255,7 @@ tasks:
         --set namespace={{.NAMESPACE}}
         --set keycloakAdminPassword="{{.KC_ADMIN_PASSWORD}}"
         --set disableIngressStickySession={{ .KC_DISABLE_STICKY_SESSION }}
+        --set persistentSessions={{ .KC_PERSISTENT_SESSIONS }}
         --set nodePortsEnabled=false
         ../minikube/keycloak
     preconditions:

diff --git a/provision/minikube/keycloak/templates/keycloak.yaml b/provision/minikube/keycloak/templates/keycloak.yaml
@@ -57,6 +57,9 @@ spec:
   features:
     enabled:
       - multi-site # <3>
+{{- if .Values.persistentSessions }}
+      - persistent-user-sessions
+{{- end }}
 {{- if .Values.infinispan.customConfig }}
   # tag::keycloak-ispn[]
   cache:

diff --git a/provision/minikube/keycloak/values.yaml b/provision/minikube/keycloak/values.yaml
@@ -40,6 +40,7 @@ keycloakAdminPassword: admin
 disableIngressStickySession: false
 jvmDebug: true
 predefinedAdmin: true
+persistentSessions: false
 infinispan:
   jgroupsTls: false
   customConfig: false

diff --git a/provision/openshift/Taskfile.yaml b/provision/openshift/Taskfile.yaml
@@ -270,6 +270,7 @@ tasks:
         --set namespace={{.KC_NAMESPACE_PREFIX}}keycloak
         --set keycloakAdminPassword="{{.KC_ADMIN_PASSWORD}}"
         --set disableIngressStickySession={{ .KC_DISABLE_STICKY_SESSION }}
+        --set persistentSessions={{ .KC_PERSISTENT_SESSIONS }}
         --set nodePortsEnabled=false
         ../minikube/keycloak
       - >