Angga Suriana

Production-Ready Keycloak on Kubernetes with Auto-Clustering

The Challenge

Running Keycloak in production is notoriously challenging. Session loss during scaling, complex external cache configurations, and maintaining high availability while ensuring session persistence across multiple replicas are common pain points. Traditional approaches often require external Infinispan clusters or Redis, adding operational complexity and potential failure points.

Solution Overview

Instead of managing external caching systems, we can leverage Keycloak’s built-in clustering capabilities with Kubernetes-native service discovery. This approach uses JGroups with DNS-based discovery through headless services,

The Invisible Character That's Killing Your Production Deployments

Yesterday’s daily standup was supposed to be 15 minutes. It turned into a 2-hour debugging session instead. A feature we’d already demoed to the client last week suddenly wasn’t showing up in production. The app team kept saying ‘it works fine in staging,’ while DevOps insisted ‘infrastructure looks good on our end.’ Meanwhile, the client kept asking when it would go live.

What made it frustrating was that all our monitoring was green. Database connections healthy, API response times normal, zero error rate. But somehow the new feature just wasn’t there. No error logs, no exceptions, nothing crashed.

The Self-Healing Systems That Kill Themselves

Your service is down. Again. Third time this week, and it’s only Tuesday.

The alerts started flooding in around lunch. Connection timeouts to ActiveMQ, database pool exhaustion, pods stuck in CrashLoopBackOff. Your team scrambles to investigate, but here’s the weird part: every individual component looks healthy. ActiveMQ is running fine, database performance is normal, pods would start successfully if they could just get past the connection phase.

You check the obvious suspects. Network? Fine. DNS? Working. Firewall rules? All good. Load balancer health checks? Passing. So what’s killing your perfectly healthy infrastructure?

The Silent Infrastructure Killer That’s Breaking Your Distributed Systems

It’s 3 AM and your pager won’t stop screaming. Half your Docker Swarm nodes show as unreachable, but ping works fine. SSH works fine. The applications seem fine until they’re suddenly not. Your monitoring dashboards are green across the board, except for that one terrifying metric dropping to zero: service availability.

Sound familiar? Light traffic flows perfectly, users are happy, performance looks great. Then peak hours hit and everything cascades into chaos. Logs tell you nothing useful, just “node unreachable,” “connection timeout,” “cluster partition detected.”

Example content

Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Sed posuere consectetur est at lobortis. Cras mattis consectetur purus sit amet fermentum.

Curabitur blandit tempus porttitor. Nullam quis risus eget urna mollis ornare vel eu leo. Nullam id dolor id nibh ultricies vehicula ut id elit.

Etiam porta sem malesuada magna mollis euismod. Cras mattis consectetur purus sit amet fermentum. Aenean lacinia bibendum nulla sed consectetur.