[keycloak-user] Keycloak in production. Use MongoDB or an RDBMS flavour?
Marek Posolda
mposolda at redhat.com
Wed May 11 03:45:05 EDT 2016
On 10/05/16 14:18, Ton Swieb wrote:
> Hi,
>
> I understand from the Keycloak documentation that both MongoDB and
> multiple flavours of RDBMS are supported, but I cannot find any
> recommendation whether to use MongoDB or an RDBMS by default.
>
> Which one is best suited for the Keycloak product?
> I am anticipating a user base of around 10000 users (mainly via
> Identity Brokering), will use offline tokens and use Keycloak as an
> Identity Broker for a SAML IdP. I am starting from a green field
> situation and do not have any restrictions on using a specific DB.
>
> I found a comment of Bill Birke on the Keycloak developer
> mailing-list, http://lists.jboss.org/pipermail/keycloak-dev/2015-July/004924.html,
> wishing he could drop Mongo and not seeing any advantages of using
> Mongo, but unfortunately the thread does not end with a
> conclusion/decision :-)
>
> What is the current position of the Keycloak team about using Mongo?
We added Mongo support very early (somewhen around 2013) as an
alternative storage, which was at that time required by other project,
which consumed keycloak. The second project (Liveoak) is not under
active development anymore, but in the meantime, a lot of people started
to use Keycloak with Mongo and it seems that some of them already in
production.
The advantage of Mongo is good performance and scalability. At some
point, when I tested performance with bigger number of users, I saw much
better performance for Mongo then for MySQL. Also Mongo has support for
DB clustering and sharding (some RDBMS has it too AFAIK, but usually you
need to pay for them, which is not the case with Mongo ;)) . On the
other hand, biggest disadvantage of Mongo is missing support for
transactions. So in theory, if some error/bad situation happens, you can
theoretically end with partially inconsistent data in DB.
Marek
>
> In which scenario should I consider using MongoDB over an RDBMS or
> vice versa? There are off course the usual pro/con's between NoSQL and
> RDBMS, but I would like to know to what extend they hold true when it
> comes to using Keycloak in production or whether Keycloak is optimized
> specifically for NoSQL or RDBMS.
>
> Regards,
>
> Ton
>
More information about the keycloak-user
mailing list