We are considering using Keycloak to provide authorization tokens in a multi-region environment on GCP. Since it will need to be very highly available we will want to have a Keycloak cluster in each region we runs services.
We are trying to decide on a database to use for this configuration. We need database instances in each region. We need the database instances to be consistent. Has anyone already run into this?
We are considering using postgreSQL with a master slave relationship between the database instances. All administrative updates would always be done on the same Keycloak cluster that would update the master postgreSQL instance. The master postgreSQL instance will update the others.
This will work only if Keycloak does not do any non-administrative database writes. Can anyone tell me if this is the case? Can I run keycloak cluster against a read-only database?