Cookie based Sticky Sessions for HAProxy with TLS reencrypt#751
Cookie based Sticky Sessions for HAProxy with TLS reencrypt#751pruivo wants to merge 2 commits intokeycloak:mainfrom
Conversation
ahus1
left a comment
ahus1
left a comment
There was a problem hiding this comment.
Thank you for this PR. It doesn't look that ugly, it looks quite manageable. So we would include it by default, at least for the HAProxy setup?
See below for some nitbits.
It can be included sure, but it looks messy and isn't maintainable. You can add a server dynamically, but not add new mappings, which may be a problem when scaling up and down the cluster. |
OK, I didn't know about that one. Maybe add it to the README so I won't forget. Thanks! |
Closes keycloak#750 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
pruivo
force-pushed
the
t_750_haproxy_sticky_session
branch
from
ff7c182 to
64faac6
Compare
ahus1
left a comment
ahus1
left a comment
There was a problem hiding this comment.
@pruivo - thank you for the update to the readme and the config.
Reading the new paragraph, people might think that this is a mandatory configuration for HAProxy, while it is actually optional.
With that, I think the new sections needs an introduction about the concepts and where to find more about it first before diving into the actual configuration. If some of the concepts should be moved to the main documentation in the general proxy guide, that's also fine.
Please let me know your thoughts. Happy to merge it once you're happy with the change and @tkyjovsk had a chance to have a look.
tkyjovsk
left a comment
tkyjovsk
left a comment
There was a problem hiding this comment.
Looks good. My local test of auth-flow requests' sticky-ness was successful.
3 participants
Closes #750
Depends on #749