[keycloak-user] Performance
Rainer-Harbach Marian
marian.rainer-harbach at apa.at
Mon Mar 26 09:22:50 EDT 2018
Hi Daniel,
On 2018-03-26 10:03, Hammarberg, Daniel wrote:
> In our currently running project, we are moving to Keycloak as SSO for a few sites with about 180000 active users, a large hierarchy of groups and peaks with thousands of calls per second. We are starting to get a feeling that Keycloak cannot handle such a large amount of data and traffic. Is there any documentation anywhere on server sizing and expected performance for large sites? Has anyone run peak tests and endurance tests on Keycloak and in that case, what was the outcome? Does anyone have experience in using Keycloak for sites of this size?
just to give you a rough idea: We are running performance tests against
a small Keycloak cluster (two machines with 24 CPU cores and 12 GB RAM
each). We simulate OIDC and SAML login flows using JMeter. These tests
use five million test users (but there are no groups).
In this scenario we achieve about 400 Logins per second or 12000
requests to the userinfo endpoint per second.
We found that login performance varies greatly with the number of PBKDF2
hashing iterations used (Keycloak uses 27500 by default).
Best regards,
Marian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3853 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20180326/6c8f6c10/attachment.bin
More information about the keycloak-user
mailing list