[keycloak-user] Keycloak configurations
Dmitry Telegin
dt at acutus.pro
Mon Jul 30 20:27:48 EDT 2018
Hi Vandana,
> 1)Is there any puppet module for keycloak 4.1. final , any puppet
> module
> for keycloak-SAML adapter ?
Have look at this: https://forge.puppet.com/treydock/keycloak
This is a puppet module to install (and possibly configure) Keycloak.
As for SAML adapter - not that I know of, unfortunately.
> 2) What is the good practice haveing one keycloak for all wildfly
> server
> which QA non prod , one for Dev non -prod, one for test non prod
> wildfly server ?
If you mean "should we have separate Keycloak instances for different
environments, or one would suffice?" - well, that depends on your
needs.
Technically, there is no restriction like "one Wildfly server - one
Keycloak server", so you can safely use one instance of Keycloak;
you'll just have to configure three clients per application, reflecting
the corresponding environment (QA, dev, testing). Please remember than
if this instance goes down for some reason, this will affect all the
teams.
If you decide to have dedicated Keycloak instances, but you want the
same users/groups everywhere, you'll probably need to configure shared
external user store like LDAP or Active Directory.
> 3) having one keycloak server for whole prod environment ?
In production, it's common to setup a Keycloak cluster, for the
purposes of high availability and load balancing. You should consider
this if you expect high load and/or have requirements for high
availability.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro
>
>
> Thanks
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list