[keycloak-user] Keycloak Scalability Issues
Dev Doongoor
dr.doon+keycloak at gmail.com
Fri May 3 13:53:32 EDT 2019
Hello,
I am looking for help regarding having Keycloak accommodate roughly a
million, long-lived sessions.
My setup: I have an externalized infinispan cluster which houses the
clientSessions and sessions caches, and using Keycloak 4.8.0.
The infinispan cluster can hold that many entries in each cache, however it
seems Keycloak itself struggles with this.
When I restart Keycloak (for whatever reason), it seems to attempt to load
all sessions from infinispan into memory, which to me seems counter
intuitive to using an externalized cache system.
Unless I give Keycloak enough RAM to handle 1 million or so sessions, it
seems like I would have to clear all session data in order for the
application to start up again.
Also, session lifetime is expected to be 8 months to a year.
My standalone-ha.xml for cache configuration looks like this:
<replicated-cache name="sessions" statistics-enabled="true">
<state-transfer timeout="600000" />
<object-memory size="400000" />
<remote-store remote-servers="infinispan-socket" passivation="false" cache=
"sessions" shared="true" purge="false" preload="false">
<property name="rawValues">true</property>
<property name="marshaller">
org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
</remote-store>
</replicated-cache>
<replicated-cache name="clientSessions" statistics-enabled="true">
<state-transfer timeout="600000" />
<object-memory size="400000" />
<remote-store remote-servers="infinispan-socket" cache="clientSessions"
passivation="false" shared="true" purge="false" preload="false">
<property name="rawValues">true</property>
<property name="marshaller">
org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
</remote-store>
</replicated-cache>
Is this correct? Is there a more efficient way to handle this?
Thanks in advance,
DKD
More information about the keycloak-user
mailing list