I am running into some configuration troubles in setting up a Keycloak server in standalone clustered mode. Despite configuring the datasource to use a postgres database on {REMOTE_IP}, it is failing to start the server complaining that it cannot connect to localhost:5432.
I've been searching all over but I'm befuddled why the DataSource would try to connect to localhost when the connection-url is set to a remote host.
Is there any mistake in my configuration? How can I figure out why PG is trying to connect to localhost instead of {REMOTE_IP}
My setup is 1 Postgres database server and 2 Keycloak servers
I followed the installation instructions for using a relational database and have added the JDBC drivers v9.4.1212 for Postgres.
My DataSource configuration is as follows:
<datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
<connection-url>jdbc:postgresql://{REMOTE_IP}:5432/keycloak</connection-url>
<driver>postgresql</driver>
<pool>
<max-pool-size>20</max-pool-size>
</pool>
<security>
<user-name>keycloak</user-name>
<password>{PASSWORD}</password>
</security>
</datasource>
The error message from the logs reads:
...
Caused by: org.postgresql.util.PSQLException: Connection to localhost:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:262)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:52)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:216)
at org.postgresql.Driver.makeConnection(Driver.java:404)
at org.postgresql.Driver.connect(Driver.java:272)
at java.sql.DriverManager.getConnection(DriverManager.java:664)
at java.sql.DriverManager.getConnection(DriverManager.java:247)
at org.postgresql.ds.common.BaseDataSource.getConnection(BaseDataSource.java:86)
at org.postgresql.ds.PGPoolingDataSource.getConnection(PGPoolingDataSource.java:309)
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:312)
... 43 more
Caused by: java.net.ConnectException: Connection refused (Connection refused)
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at org.postgresql.core.PGStream.<init>(PGStream.java:61)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:144)
... 52 more
I've verified that I can connect to postgres using psql
# psql -h {REMOTE_IP} keycloak keycloak
psql (9.5.7)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384,
bits: 256, compression: off)
Type "help" for help.
keycloak=>
I managed to figure this out for my case. The JDBC driver for postgres was configured to use a PGPoolingDataSource and had a datasource-class defined.
<driver name="postgresql" module="org.postgresql">
<xa-datasource-class>org.postgresql.xa.PGXADataSource</xa-datasource-class>
<datasource-class>org.postgresql.ds.PGPoolingDataSource</datasource-class>
</driver>
When the datasource-class is defined, the connection url must be passed through a connection-property instead of connection-url. I updated my configuration and the server booted up fine.
<datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
<connection-url>jdbc:postgresql://{REMOTE_IP}:5432/keycloak</connection-url>
<connection-property name="url">jdbc:postgresql://{REMOTE_IP}:5432/keycloak</connection-property>
<driver>postgresql</driver>
<pool>
<max-pool-size>20</max-pool-size>
</pool>
<driver-class>org.postgresql.Driver</driver-class>
<security>
<user-name>keycloak</user-name>
<password>{PASSWORD}</password>
</security>
</datasource>
This issue is noted in the wildfly issue tracker https://issues.jboss.org/browse/WFLY-6157