1. Answers
  2. Scaling Keycloak for High Availability on Kubernetes

How do I scale Keycloak for high availability on Kubernetes?

To scale Keycloak for high availability on Kubernetes, we’ll deploy it using a Kubernetes Deployment, ensure it’s highly available using multiple replicas, and expose it via a Kubernetes Service of type LoadBalancer. This setup ensures that Keycloak can handle multiple requests and maintain uptime even if some instances fail.

We’ll define a Deployment specifying multiple replicas of the Keycloak container, and a LoadBalancer Service to distribute traffic across these replicas.

import * as pulumi from "@pulumi/pulumi";
import * as kubernetes from "@pulumi/kubernetes";

const keycloakNs = new kubernetes.core.v1.Namespace("keycloak_ns", {metadata: {
    name: "keycloak",
}});
const keycloak = new kubernetes.apps.v1.Deployment("keycloak", {
    metadata: {
        namespace: keycloakNs.metadata.apply(metadata => metadata.name),
        name: "keycloak",
    },
    spec: {
        replicas: 3,
        selector: {
            matchLabels: {
                app: "keycloak",
            },
        },
        template: {
            metadata: {
                labels: {
                    app: "keycloak",
                },
            },
            spec: {
                containers: [{
                    name: "keycloak",
                    image: "jboss/keycloak:latest",
                    ports: [{
                        containerPort: 8080,
                    }],
                    env: [
                        {
                            name: "DB_VENDOR",
                            value: "H2",
                        },
                        {
                            name: "KEYCLOAK_USER",
                            value: "admin",
                        },
                        {
                            name: "KEYCLOAK_PASSWORD",
                            value: "admin",
                        },
                    ],
                }],
            },
        },
    },
});
const keycloakService = new kubernetes.core.v1.Service("keycloak", {
    metadata: {
        namespace: keycloakNs.metadata.apply(metadata => metadata.name),
        name: "keycloak",
    },
    spec: {
        selector: {
            app: "keycloak",
        },
        type: kubernetes.core.v1.ServiceSpecType.LoadBalancer,
        ports: [{
            port: 80,
            targetPort: 8080,
        }],
    },
});
export const namespace = keycloakNs.metadata.apply(metadata => metadata.name);
export const keycloakServiceName = keycloakService.metadata.apply(metadata => metadata.name);

In this setup:

  • A Kubernetes namespace named keycloak is created to isolate resources.
  • A Deployment for Keycloak is configured with 3 replicas to ensure high availability.
  • Each Keycloak pod is configured to use environment variables for database setup and admin credentials.
  • A Kubernetes Service of type LoadBalancer is configured to expose Keycloak externally.

By scaling Keycloak in Kubernetes, you can achieve high availability and ensure your authentication system is reliable and fault-tolerant.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up