Installation

In this short guide we’re going to install one or multiple instances of Keycloak.

Decide on a database provider

You can install Keycloak with the built-in database or by using an external database. The built-in database is configured by default. When using component instantiation, you can choose the provider individually per instance.
- Use built-in database
- Use external database
Set up encrypted database connection

Encrypting the connection to the database adds more security at the cost of some TLS overhead. Supported are self-signed certificates by default, though Let’s Encrypt and other commercial certificates can be used for the external database provider.
- Encrypt database connection
Decide on encryption mode between ingress controller and Keycloak

By default the traffic between ingress controller and Keycloak pods is re-encrypted. You can also choose to passthrough the traffic directly to Keycloak on supported ingress controllers.
1. Configure ingress
2. Setup certificates for Keycloak
Decide whether you need multiple instances

Since component version 2.x, multiple instances of the component can be installed. For example, keycloak-prod and keycloak-test. They need to be in separate namespaces though.
- Deploy multiple instances