The Keycloak single cluster architecture is targeted at use cases that:
Deploy to an infrastructure with transparent networking, like for example a single Kubernetes cluster.
Are constrained to a single AWS Region or an equivalent low-latency setup.
Permit planned outages for maintenance.
Fit within a defined user and request count.
Can accept the impact of periodic outages.
We regularly test Keycloak with the following configuration:
An OpenShift cluster deployed across three availability-zones
Provisioned with Red Hat OpenShift Service on AWS (ROSA), using ROSA HCP.
At least one worker node for each availability-zone
OpenShift version 4.17.
Amazon Aurora PostgreSQL database
High availability with a primary DB instance in one Availability Zone, and synchronously replicated readers in the other Availability Zones
Version 16.8
While equivalent setups should work, you will need to verify the performance and failure behavior of your environment. We provide functional tests, failure tests and load tests in the Keycloak Benchmark Project.
Read more on each item in the Building blocks single-cluster deployments guide.
We regularly test Keycloak with the following load:
100,000 users
300 requests per second
While we did not see a hard limit in our tests with these values, we ask you to test for higher volumes with horizontally and vertically scaled Keycloak name instances and databases.
Even with the additional redundancy of three availability-zones, downtime can still occur when:
Simultaneous node failures occur
Rolling out Keycloak upgrades
Infrastructure fails, for example the Kubernetes cluster
For more details on limitations see the Concepts for single-cluster deployments guide.
The different guides introduce the necessary concepts and building blocks. For each building block, a blueprint shows how to deploy a fully functional example. Additional performance tuning and security hardening are still recommended when preparing a production setup.