/ SPEAKER
Ryan Emerson
Red Hat
Ryan Emerson is a Principal Software Engineer at Red Hat. He is a member of the Infinispan and Keycloak open-source product teams, wherehe leads the development of the Infinispan Kubernetes Operator, in addition to contributing to the development of the Infinispan core/server.During the last year, he has primarily focused on developing new multi-site HA architectures for Keycloak.Prior to joining Red Hat, Ryan earned his PhD from Newcastle University researching the Scalable coordination of distributed in-memory transactions.
Highly available Identity and Access Management with multi-site Keycloak deployments in the cloud
Conference (ADVANCED level)
A single sign on solution for your customers and employees shouldn't be a single-point-of-failure in your architecture. Keycloak, a popular Open Source Identity and Access Management solution that provides single sign on, amongst other capabilities, is no exception to this.
A clustered Keycloak deployment in a single site or datacenter provides sufficient availability for many. An increasing number of organizations need to utilize multiple sites for improved resiliency or to meet legal requirements. In 2023, Keycloak overhauled its multi-site capabilities for public cloud infrastructures, tested them thoroughly and provided deployment blueprints to the community. They show how to set up an AWS infrastructure and deploy Keycloak across multiple sites.
This talk presents, from an architects and developer perspective, how we approached the problem, which architecture we chose, the challenges we faced and which tools helped us along the way. Expect to dive into concepts like load shedding, cache stampedes, and automated failover. See tools like Gatling, Helm, OpenTelemetry, Kubernetes Operators and AWS infrastructure in action. We will also provide an outlook for the next steps in our journey.
These insights will help you to improve your Keycloak deployments as well as design and test your own applications so they can withstand high load and site failures.
More A clustered Keycloak deployment in a single site or datacenter provides sufficient availability for many. An increasing number of organizations need to utilize multiple sites for improved resiliency or to meet legal requirements. In 2023, Keycloak overhauled its multi-site capabilities for public cloud infrastructures, tested them thoroughly and provided deployment blueprints to the community. They show how to set up an AWS infrastructure and deploy Keycloak across multiple sites.
This talk presents, from an architects and developer perspective, how we approached the problem, which architecture we chose, the challenges we faced and which tools helped us along the way. Expect to dive into concepts like load shedding, cache stampedes, and automated failover. See tools like Gatling, Helm, OpenTelemetry, Kubernetes Operators and AWS infrastructure in action. We will also provide an outlook for the next steps in our journey.
These insights will help you to improve your Keycloak deployments as well as design and test your own applications so they can withstand high load and site failures.
Keycloak is a popular Open Source Identity and Access Management (IAM) solution that provides single sign on, amongst other capabilities.
Over the last 10 years it has grown its community, and in 2023 it joined the Cloud Native Computing Foundation (CNCF) at the Linux Foundation.
This session invites all Keycloak users and contributors to share their successes and challenges, and to discuss ideas and upcoming features with the Keycloak maintainers.
After a short introduction to Keycloak and its latest features and roadmap, we'll switch to "lean coffee" mode: We'll collect the participants topics, prioritize them by dot-voting, and discuss them one by one starting with the ones which received the highest number of points.
As Keycloak maintainers, we would like to use this opportunity to connect with Keycloak users and contributors to learn what works well, what needs improvement and to generate ideas for future roadmap items.
More Over the last 10 years it has grown its community, and in 2023 it joined the Cloud Native Computing Foundation (CNCF) at the Linux Foundation.
This session invites all Keycloak users and contributors to share their successes and challenges, and to discuss ideas and upcoming features with the Keycloak maintainers.
After a short introduction to Keycloak and its latest features and roadmap, we'll switch to "lean coffee" mode: We'll collect the participants topics, prioritize them by dot-voting, and discuss them one by one starting with the ones which received the highest number of points.
As Keycloak maintainers, we would like to use this opportunity to connect with Keycloak users and contributors to learn what works well, what needs improvement and to generate ideas for future roadmap items.
English 
Français