Preparing Keycloak for load testing

To run the load tests, some configurations and entities need to be present.

If you have installed the keycloak using minikube, the setup is performed automatically as part of the installation.

Prerequisites

  1. A running Keycloak installation.

Configuration

Choose from the manual or the scripted configuration to set up a realm for a load test. To set up a lot of realms, clients and users, consider using the dataset provider.

Manual configuration

Some scenarios require the User Registration setting to be enabled.

  1. Select the realm that is used for testing.

  2. In the Realm Settings, choose the tab Login and enable the login screen customization User Registration.

Some scenarios require users with password:

  1. Create a user.

  2. In the Credentials tab, set a password. Make the password non-temporary as Keycloak would otherwise prompt for a password.

Some scenarios require a service account with the clientId gatling:

  1. Select the realm that is used for testing.

  2. Create a client with the name gatling.

  3. Set access type to confidential.

  4. Check Service Account Enabled.

  5. Enter a valid redirect uri (e.g. http://localhost).

  6. Click save.

  7. Change to the tab Sevice Account Roles.

  8. Select for realm-management in the Client Roles listbox.

  9. Assign the roles, based on the below role-mapping table for the respective load simulation scenario.

  10. The client secret to be passed to the tests can be copied from the Credentials tab.

Scenario Name Assigned Roles

CreateClient

manage-clients, view-users

CreateDeleteClient

manage-clients, view-users

CrawlUsers

manage-clients, view-users

CreateRole

manage-realm

CreateDeleteRole

manage-realm

CreateClientScope

manage-clients, view-users

CreateDeleteClientScope

manage-clients, view-users

CreateGroup

manage-users

CreateDeleteGroup

manage-users

CreateUsers

manage-users

CreateDeleteUsers

manage-users

Scripted configuration

Instead of following the above manual steps, you can use this initialize-benchmark-entities.sh script to do the setup for you.

  1. Extract the downloaded Keycloak Benchmark module. The script initialize-benchmark-entities.sh is located in the bin folder of this module.

  2. Specify the path to Keycloak distribution directory as the environment variable KEYCLOAK_HOME.

  3. Login to the Keycloak server using the kcadm.sh CLI script, which comes with any Keycloak distribution.

    $KEYCLOAK_HOME/bin/kcadm.sh config credentials --server https://keycloak-keycloak.192.168.12.345.nip.io --realm master --user admin --password admin

  4. Run the following command for creating the needed realm, client and user.

    ./initialize-benchmark-entities.sh -r test-realm -c gatling -u user-0

    Use a -d flag, to recreate the entities from scratch for any reason.

    ./initialize-benchmark-entities.sh -r test-realm -c gatling -u user-0 -d