What is the current state of support for CockroachDB?

I’ve done a few searches and it seems the KeyCloak development is working toward full support of CockroachDB, but I haven’t seen any clear guidance on using this database platform. The list at Configuring the database - Keycloak does not include CRDB.

What risks am I taking by marrying these two technologies on a low-volume production workload?

Keycloak (official) plans support for CRDB in the “new” store, but will never support CRDB for the “legacy” store. We attempted to get a patch merged that enables it, but it was refused. We maintain a docker image that is up to date with Keycloak releases that contains our patch. Quay

It must be run with a few configuration options set:

1 Like

Are you using the docker image referenced above? This works fine for me:

docker run -p 8081:8081 \
-e KC_DB=cockroach \
-e KC_DB_USERNAME=keycloak-user \
-e KC_DB_PASSWORD=keycloak-password \
-e KC_DB_URL=jdbc:postgresql://localhost:26257/keycloak_db_20 \
quay.io/phasetwo/keycloak-crdb start --hostname-port=8081 

I used quay.io/keycloak/keycloak:20.0.3
I added --storage=jpa after start, and now it is works fine.

For quay.io/phasetwo/keycloak-crdb - works fine without --storage=jpa

When can users expect the “new” store to be production-ready?

The Keycloak maintainers might have an answer to that. A better place to ask that question would be in the discussions on the official GitHub repo.