RedHat Keycloak operator rolling update expectations

dwickstrom · March 13, 2025, 3:13pm

Hi!

I’m running Keycloak in OpenShift through the RedHat operator: rhbk-operator.v24.0.10-opr.1

Now, I was expecting the operator to be able to perform rolling updates, in such a way that it will not kill all the pods in one go and drop all the user sessions. However, it appears that when I do certain manifest changes, such as tweaking environment variables or log levels, I get my desired behaviour. But when I want to bump the keycloak docker image, then that won’t deploy smoothly.

I’d like to set either set my expectations straight, or try to understand what I might be doing wrong.

Anyone?

Many thanks,
David

xgp · March 13, 2025, 7:04pm

AFAIK, rolling updates are not something that is currently supported by Keycloak. While you can do them in some cases, the operator doesn’t seem to support this.

dasniko · March 13, 2025, 7:33pm

There is currently some work in progress for supporting zero downtime upgrades with operator, depending on the version. Eventually there will be release something in future versions, it won’t be anything “big bang”, there will be a step-by-step improvement of the upgrade experience with operator.

dasniko · March 16, 2025, 4:59pm

I found the issue again: Initial Zero-Downtime Image handling in KC Operator · Issue #36305 · keycloak/keycloak · GitHub

Topic		Replies	Views
Openshift Operator support keycloak installation version below 17 Getting advice	3	26	December 30, 2024
Keycloak operator High availability Configuring the server	0	571	February 17, 2021
Migrating from codecentric/keycloakx to keycloak operator (single instance) Getting advice	0	150	June 21, 2024
Upgrade keycloak in containerized environment (production) Configuring the server	4	1182	March 3, 2022
Keycloak-operator v16.0.0 fails on launch	0	1440	December 23, 2021

RedHat Keycloak operator rolling update expectations

Related topics