[keycloak-user] Performance loss migrating from Keycloak 1.7.0 to Keycloak 2.5.5/3.x
Vito Vessia
onerrorgoto at aruba.it
Tue May 16 09:09:58 EDT 2017
Hi all,
we have adopted Keycloak as foundation for our identity services since the
beginning (july 2015) and after an initial development period we developed
our federation/mail/whatever providers we fixed the underlyng Keyckoak
version to 1.7.0 for more than one year.
Recently we have upgraded to Keycloak 2.5.5 doing a big reworking related
to the new architecture of the former Federation providers, etc...
The first impression is the it is more robust and stable, but it seems to
be slower then the 1.7.0 version. Without any SPI installed, using a raw
keycloak realm, on the same machine the pure login via OpenId Connect
endpoints takes:
30 ms on Keycloak 1.7.0 (average value after 100 logins)
100 ms on Keycloak 2.5.5 (average value after 100 logins)
We get the same gap both with H2 and Oracle database.
If we mount our SPI providers (User Storage and others), the gap is greater
but of course it could be an issue into our code after the migration to the
new SPI architecture.
Is there a specific reason for this gap? (i.e. a better management of the
concurrency).
Is there a specific setting/strategy to improve the performance?
The configuration has been tested both on Linux and Windows on a standalone
server. The Wildfly -Xmx has been set to 1g on both the Keycloak version.
--Vito Vessia
More information about the keycloak-user
mailing list