Re: [keycloak-user] Keycloak Scalability Issues

Hello, I am looking for help regarding having Keycloak accommodate roughly a million, long-lived sessions. My setup: I have an externalized infinispan cluster which houses the clientSessions and sessions caches, and using Keycloak 4.8.0. The infinispan cluster can hold that many entries in each cache, however it seems Keycloak itself struggles with this. When I restart Keycloak (for whatever reason), it seems to attempt to load all sessions from infinispan into memory, which to me seems counter intuitive to using an externalized cache system. Unless I give Keycloak enough RAM to handle 1 million or so sessions, it seems like I would have to clear all session data in order for the application to start up again. Also, session lifetime is expected to be 8 months to a year. My standalone-ha.xml for cache configuration looks like this: <replicated-cache name="sessions" statistics-enabled="true"> <state-transfer timeout="600000" /> <object-memory size="400000" /> <remote-store remote-servers="infinispan-socket" passivation="false" cache= "sessions" shared="true" purge="false" preload="false"> <property name="rawValues">true</property> <property name="marshaller"> org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property> </remote-store> </replicated-cache> <replicated-cache name="clientSessions" statistics-enabled="true"> <state-transfer timeout="600000" /> <object-memory size="400000" /> <remote-store remote-servers="infinispan-socket" cache="clientSessions" passivation="false" shared="true" purge="false" preload="false"> <property name="rawValues">true</property> <property name="marshaller"> org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property> </remote-store> </replicated-cache> Is this correct? Is there a more efficient way to handle this? Thanks in advance, DKD _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user