By default SSO service stores session in distributed cluster key-value storage provided by consul. This allows great failure tolerance and guarantees read-write safety by design. On the other hand for high volume sites this can come at a performance penalty. 


To address this there are several session storage mechanisms included in solution that allows storing sessions in external relation database or REDIS service that comes bundled with Notakey Authentication Appliance. 


Assuming that REDIS service is configured using VRRP with address 10.0.1.98, to switch to REDIS storage you will need to run the following configuration commands: 


ntk cfg set :sso.base.\"store.type\" "redis"
ntk cfg set :sso.base.\"store.redis.host\" "10.0.1.98"


If running a single node or without VRRP, replace 10.0.1.98 with "redis", as this is the internal name for this service. See this tech note for more details. 


Please remember that after any configuration changes, all service instances need to be restarted with "ntk sso restart". Also note that currently there is no way of migrating from one session storage type to another, so all active sessions will be invalidated after service restart. 


Ensure that after changes sessions are being populated in REDIS (run on node where REDIS service is e.g. MASTER)

docker exec -it redis redis-cli -n 0
> keys sso.*