We’re planning to use Keycloak as our new authentication. We’ll have hundreds of thousands of users, authentication and offline sessions. We would like avoid loosing session data during planned upgrades.
Our plan is to deploy Keycloak to Kubernetes with as remote Infinispan cluster that’s also deployed in Kubernetes. This is similar to the cross-datacenter setup described in the documentation, except we won’t have a second site.
The upgrade procedure requires shutting down Keycloak, running the upgrade script and then deploying the new version. Given that we use an external Infinispan cluster, is it safe to assume that after an upgrade Keycloak will be able to reload existing session data on startup? The implementation of the infinispan entities is stable and hasn’t changed in few years. Is there anything else to consider?
Thanks,
Todd