The client wanted to migrate more and more of internal and SaaS services to Keycloak but was worried about the lack of high-availability in standalone Keycloak. We created Keycloak domain mode clusters for them and integrated them with their FreeIPA Linux domain. This allowed the customer to start using Keycloak authentication for critical services like AWS and Slack - with help from us.
Main technologies
Keycloak
FreeIPA
Puppet
Benefits
High availability
Centralized authentication
Web SSO
Numbers
4 Keycloak instances
2 domain mode clusters
4 FreeIPA masters
1 Starting point
The client had a single-node standalone Keycloak instance running. While it worked well, the client was blocked from integrating critical services such as AWS or Slack as it lacked high availability.
2 Project
We started by developing and testing automation code for managing Keycloak domain-mode clusters in a testing environment. Once all worked well, we deployed a staging Keycloak domain mode cluster and integrated it with the client's FreeIPA cluster. Once the staging environment was working, we deployed the production domain mode cluster. As the final step we migrated away from the original Keycloak standalone instance. This was easy as Keycloak configurations were all defined as infrastructure code.
3 End result
The Keycloak domain mode cluster enabled the client to start using Keycloak as the authentication and authorization backend for critical services such as AWS and Slack. They used the staging Keycloak domain mode cluster for testing new Keycloak configurations and for integration of new services into Keycloak. Once the testing procedure was complete the same configuration could be trivially deployed to production.
"Puppeteers helped us resolve our Red Hat Enterprise Linux issue. I'm looking forward to upgrading and improving our clients' production environments and our development setups with their help."
We use cookies to improve your experience while you navigate through the website. You may accept or opt-out of cookies by clicking the relevant buttons, or visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc. This information can also be used when interacting with the customer.