Powerful
The infrastructure provides a reliable basis for highly available systems, even with hundreds of thousands of users and millions of accesses per hour.
Schwarz IT and STACKIT
Centralized identity management with Keycloak on STACKIT
The challenge
The Schwarz Group, which also includes Lidl and Kaufland, responded to the increasing threat of cyberattacks and data leaks with a strategic decision to move its IT systems to the cloud. A central element of this strategy was the introduction of a central identity management system, as thousands of internal and external users needed to access various digital applications.
Initially, Keycloak, an open source solution for authentication and authorization, was operated locally in the data center on the OpenShift container platform. After two years, however, the company decided to migrate all systems to the cloud, which also included Keycloak's infrastructure, monitoring and user management. The lack of a central solution for managing access and roles for external users was the initial problem.
The implementation
The migration of Keycloak to the STACKIT cloud platform, which belongs to Schwarz Digits and is therefore also part of the Schwarz Group, was a challenging large-scale project. In close cooperation with the STACKIT and database team, an infrastructure was gradually built up that would serve as the basis for all subsequent projects.
The changeover meant moving from a simple open source instance to a scalable, production-ready platform solution for identity and access management. Processes that previously had to be coordinated manually were automated. The new platform now dynamically provides resources, orchestrates containers and manages databases.
The solution
The migration to STACKIT created a central, standardized solution for access management, which was previously a decentralized and complex IT task. The advantages of STACKIT Cloud are manifold:
Flexible and scalable
Resources such as databases and containers can be scaled dynamically. Thanks to Kubernetes, scaling takes place automatically as the number of users increases. Load tests with ten times the normal usage have already been mastered without any problems.
Quickly available
IT resources can be made available on demand, enabling new systems or adjustments to be made within a very short space of time. What used to take weeks can now be done in a matter of minutes.
Cost-efficient
Thanks to the pay-as-you-go principle, only the resources actually used are paid for, resulting in annual savings in the six-figure range.
What began as a solution for a supplier portal has now become a centralized standard for numerous applications. At peak times, Keycloak handles up to 30 log-ins per second and processes over one million access operations per hour thanks to caching.