Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Logins/Updates #175

Open
malins opened this issue Oct 11, 2024 · 2 comments
Open

Logins/Updates #175

malins opened this issue Oct 11, 2024 · 2 comments

Comments

@malins
Copy link

malins commented Oct 11, 2024
edited
Loading

Hello,

I'm seeing dozens of logins/update operations per minute on my Keycloak instance originating from this provider, while I have only a couple of managed resources (1 client and 2 protocol mappers referencing this client). The managed resources are in state Ready=True/Synced=True, so I do not see any reason why constant logins/updates are required.

From they Keycloak logs:

2024-10-11 11:02:44,950 INFO  [org.keycloak.events] (executor-thread-87) type="LOGIN", realmId="03b5c1c7-e48a-498f-876c-cab6da425875", realmName="master", clientId="admin-cli", userId="504d731c-ef59-4c92-b0f8-80602250b63d", sessionId="6378022c-52f9-4a72-842e-c0cc80b92283", ipAddress="10.244.0.7", auth_method="openid-connect", token_id="9263a4f2-4af2-4270-a924-3ee960f49312", grant_type="password", refresh_token_type="Refresh", scope="email profile", refresh_token_id="24b45e81-9215-4701-a0e8-6eb0e327f8e3", client_auth_method="client-secret", username="admin", authSessionParentId="6378022c-52f9-4a72-842e-c0cc80b92283", authSessionTabId="VAL6LV5H_Yk"

2024-10-11 11:02:44,988 INFO  [org.keycloak.events] (executor-thread-87) operationType="UPDATE", realmId="03b5c1c7-e48a-498f-876c-cab6da425875", realmName="master", clientId="867589e4-a96b-4f6b-aab7-1b4cb95886d4", userId="504d731c-ef59-4c92-b0f8-80602250b63d", ipAddress="10.244.0.7", resourceType="CLIENT", resourcePath="clients/edf18451-8727-4a87-a0e4-77cea22a750c"

Is this a bug or is this normal behaviour? I'm running the latest version of this provider.

Thank you,
Manuel
@Breee
Copy link
Collaborator

Breee commented Oct 15, 2024
edited
Loading

That should be normal, as it is reconciling constantly to sync the desired state.
You can try to watch your ressources to see if they update really quickly with kubectl get <resource> -w , if yes then we have to check why.

maybe also related to #65 ?

@malins
Copy link
Author

malins commented Oct 15, 2024

I was using a wrong (illegal) value for one of the fields of "Client". However, the update was accepted by Keycloak (and was corrected silently by Keycloak), and the provider discovered a "diff" just milliseconds after and therefore went into a very fast loop.

I'm not that deep into CP provider development, but throttling the update rate to a max of 1 update per second would be not a bad idea, altough this was my mistake at the end.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@malins @Breee