logo

What is Keycloak Quarkus and Why You Need it Now Instead of WildFly?

by
As applications become more complex and distributed, the need for robust, flexible, and performant IAM solutions has never been greater. You’re likely facing challenges like managing user identities across multiple applications, securing APIs, and ensuring compliance with ever-changing regulations. These challenges demand a modern approach to IAM, one that can keep pace with the rapid evolution of technology.

Traditional IAM solutions, while functional, often struggle to meet the demands of modern applications. They can be resource-intensive, slow to adapt to new requirements, and difficult to integrate with cloud-native environments. This is where Keycloak, a leading open-source IAM solution, steps in. But even Keycloak has undergone a significant transformation, moving from its legacy WildFly foundation to a more modern and efficient architecture based on Quarkus. This shift is not just a technical upgrade; it’s a fundamental change that impacts how you should approach IAM.

This blog post will delve into the reasons behind this shift, exploring the benefits of Keycloak Quarkus and why it’s essential for your IAM strategy. We’ll also touch on why sticking with the older WildFly version might be holding you back. Let’s dive in and explore the future of IAM with Keycloak.

Keycloak: A Quick Overview

Before we dive into the specifics of Keycloak Quarkus, let’s briefly recap what Keycloak is and why it’s become a popular choice for IAM. Keycloak is an open-source Identity and Access Management solution that provides a wide range of features, including:

  • Single Sign-On (SSO): Allows users to access multiple applications with a single set of credentials.
  • Identity Brokering: Enables integration with external identity providers like Google, Facebook, and Active Directory.
  • User Management: Provides tools for managing users, groups, and roles.
  • Authorization: Offers fine-grained control over access to resources.
  • API Security: Secures your APIs using industry-standard protocols like OAuth 2.0 and OpenID Connect.

Keycloak’s flexibility and comprehensive feature set have made it a favorite among developers and organizations looking for a robust and customizable IAM solution. It’s a powerful tool that can handle complex authentication and authorization scenarios, making it suitable for a wide range of applications. You can learn more about Keycloak at www.keycloak.org.

The Legacy: Keycloak on WildFly

Historically, Keycloak was built on top of WildFly, a Java application server. While WildFly is a capable platform, it comes with certain limitations that have become increasingly apparent in the context of modern application development. These limitations include:

  • Resource Consumption: WildFly is a relatively heavy application server, requiring significant resources to run efficiently. This can be a concern, especially in cloud environments where resource optimization is crucial.
  • Startup Time: WildFly’s startup time can be slow, which can impact development workflows and deployment times.
  • Complexity: The complexity of WildFly can make it challenging to configure and maintain, especially for teams that are not deeply familiar with Java application servers.
  • Cloud-Native Challenges: WildFly is not inherently designed for cloud-native environments, making it less suitable for containerized deployments and microservices architectures.

These limitations have led the Keycloak team to explore alternative platforms that could better meet the demands of modern IAM. This is where Quarkus comes into the picture.

The Modern Approach: Keycloak on Quarkus

Quarkus is a Kubernetes-native Java framework designed for building lightweight and fast applications. It’s optimized for cloud-native environments and offers significant advantages over traditional Java application servers like WildFly. The move to Quarkus for Keycloak is a major architectural shift that brings numerous benefits:

  • Faster Startup Times: Quarkus boasts incredibly fast startup times, often measured in milliseconds. This significantly improves development workflows and reduces deployment times.
  • Lower Resource Consumption: Quarkus applications consume significantly fewer resources than their WildFly counterparts, making them more efficient and cost-effective to run.
  • Improved Performance: Quarkus is designed for high performance, resulting in faster response times and better overall user experience.
  • Cloud-Native Friendly: Quarkus is built with cloud-native principles in mind, making it ideal for containerized deployments and microservices architectures.
  • Developer Productivity: Quarkus offers a streamlined development experience with features like live coding and hot reloading, boosting developer productivity.

The transition to Quarkus is not just about performance; it’s about embracing a modern approach to application development. By adopting Quarkus, Keycloak is better positioned to meet the evolving needs of its users and remain a leader in the IAM space. πŸš€

Why You Need Keycloak Quarkus Now

The benefits of Keycloak Quarkus are clear, but why should you be considering this move now? Here are some compelling reasons:

  • Future-Proofing Your IAM: The Keycloak project is actively investing in the Quarkus version, with new features and improvements primarily focused on this platform. Sticking with the WildFly version means you’ll miss out on the latest advancements and may eventually face compatibility issues.
  • Improved Performance and Scalability: As your application grows, the performance and scalability benefits of Quarkus become increasingly important. Keycloak Quarkus can handle higher loads with fewer resources, saving you time and money.
  • Enhanced Developer Experience: The faster startup times and streamlined development experience of Quarkus can significantly improve your team’s productivity.
  • Cloud-Native Readiness: If you’re deploying your applications in a cloud environment, Keycloak Quarkus is a much better fit than the WildFly version. It’s designed for containerization and microservices, making it easier to integrate with your cloud infrastructure.
  • Reduced Operational Costs: The lower resource consumption of Quarkus can translate into significant cost savings, especially in cloud environments where you pay for the resources you use.

Ignoring the shift to Keycloak Quarkus is like sticking with an outdated operating system. While it might still work, you’re missing out on the latest features, performance improvements, and security updates. The time to embrace Keycloak Quarkus is now, before you fall too far behind. 🧐

Making the Transition: What You Need to Know

With the release of Keycloak 17, the default distribution has transitioned from WildFly to Quarkus, introducing several significant changes that impact configuration, deployment, and operation. Understanding these changes is crucial for a smooth migration.

Key Changes in the Quarkus Distribution:

  • Configuration Overhaul: The complex XML-based configuration files used in WildFly have been replaced with a simplified configuration approach in Quarkus, utilizing straightforward configuration files, CLI arguments, and environment variables. This change enhances ease of configuration but necessitates manual migration of existing settings.
  • Application Server Paradigm Shift: Unlike WildFly, Quarkus is not an application server but a framework for building applications. This shift means that dynamic deployment and runtime alterations are no longer supported, favoring immutability and faster startup times.
  • Context Path Modification: The default context path has changed, removing the /auth segment. To restore the previous context path, you can specify the --http-relative-path build option during startup.
  • Custom Provider Deployment: The method for packaging and deploying custom providers has evolved, requiring adjustments to align with the Quarkus framework’s deployment model.
  • Kubernetes and OpenShift Integration: A new operator and Custom Resource Definitions (CRDs) have been introduced to enhance deployment and management within Kubernetes and OpenShift environments.

Steps for a Successful Migration:

  1. Review the New Server Guides: Familiarize yourself with the updated server guides to understand the installation and configuration processes in the Quarkus distribution.
  2. Manually Migrate Configurations: Identify the configuration changes applied in your legacy setup and manually apply them to the new distribution, adhering to the updated configuration methods.
  3. Adapt to the Framework Shift: Recognize that Quarkus’s immutability requires a build step for optimizations. Incorporate this build step into your installation process, CI pipeline, or custom container image creation.
  4. Set Up Initial Admin Users: Instead of using the deprecated add-user-keycloak.sh script, set the environment variables KC_BOOTSTRAP_ADMIN_USERNAME and KC_BOOTSTRAP_ADMIN_PASSWORD to establish the initial admin user during the first startup.
  5. Adjust Custom Providers: Repackage and redeploy any custom providers to comply with the new deployment procedures in Quarkus.
  6. Leverage New Operators for Orchestration: Utilize the new operator and CRDs for streamlined deployment and management in Kubernetes and OpenShift environments.

Embracing these changes will enable you to leverage Quarkus’s benefits, including improved performance, simplified configuration, and enhanced cloud-native capabilities, ensuring a more efficient and robust Keycloak deployment.

Skycloak: Your Partner in Keycloak Success

Shameless Promotion! Navigating the complexities of Keycloak, especially the transition to Quarkus, can be challenging. That’s where Skycloak comes in. We offer managed Keycloak services that take the burden of deployment, maintenance, and scaling off your shoulders. With Skycloak, you can focus on building your applications while we handle the intricacies of IAM. We provide:

  • Expert Support: Our team of Keycloak experts is available to assist you with every step of the process, from migration to ongoing maintenance.
  • Managed Infrastructure: We handle the infrastructure, ensuring your Keycloak instance is always available, secure, and performant.
  • Scalability: We can scale your Keycloak instance to meet your growing needs, without you having to worry about the underlying infrastructure.
  • Cost-Effective Solutions: Our managed services are designed to be cost-effective, allowing you to get the most out of Keycloak without breaking the bank.

If you’re looking for a hassle-free way to leverage the power of Keycloak Quarkus, Skycloak is your ideal partner. You can also compare Skycloak pricing with other providers and see how we can help you achieve your IAM goals. For more information on our pricing, visit Clear Pricing. With Access to the Most Powerful IAM Features.

Conclusion

The shift from Keycloak WildFly to Keycloak Quarkus is a significant step forward in the evolution of IAM. By embracing Quarkus, Keycloak is better positioned to meet the demands of modern applications, offering improved performance, scalability, and developer experience. If you’re serious about IAM, you need to be considering this move now. Don’t get left behind with outdated technology. The future of Keycloak is Quarkus, and the future of your IAM strategy should be too.

We encourage you to explore Keycloak Quarkus and see how it can benefit your organization. And if you need help along the way, remember that we areΒ here to support you. Start your journey to modern IAM today!

Leave a Comment

Β© 2025 All Rights Reserved. Made by Yasser