N/A

it's not possible as that would just end up with keycloak crashing when it tries to use memory that isn't available, instead you want to tweak the jvm options.

Maybe a service variable like this would work? -

JAVA_TOOL_OPTIONS=-Xms128m -Xmx256m

Though it's untested.

First of all: Thank you for the response and your time Brody!

The Java-Options Xms and Xmx was the solution in the older version of KeyCloak:

"Instead of specifying hardcoded values for the initial and maximum heap size, Keycloak uses relative values to the total memory of a container. The JVM options -Xms, and -Xmx were replaced by -XX:InitialRAMPercentage, and -XX:MaxRAMPercentage."
see here: https://www.keycloak.org/2024/03/keycloak-2400-released

And the new variables are relative to the container Memory of 32 GB

To set the container-Memory-Limit is the recommended way of configuration for KeyCloaks-Memory

the app in the container sees this -

your plan allows you to use 32gb of that, and at this time the app needs to be responsible for keeping its own memory in check.

*"The Keycloak container, instead of specifying hardcoded values for the initial and maximum heap size, uses relative values to the total memory of a container. This behavior is achieved by JVM options -XX:MaxRAMPercentage=70, and -XX:InitialRAMPercentage=50.

The -XX:MaxRAMPercentage option represents the maximum heap size as 70% of the total container memory. The -XX:InitialRAMPercentage option represents the initial heap size as 50% of the total container memory. These values were chosen based on a deeper analysis of Keycloak memory management."*
https://www.keycloak.org/server/containers

Than i will try to choose a MaxRAMPercentage Value thats is small enough to not use to much Ram

So would you want to set a service variable JAVA_OPTS_KC_HEAP to something like -XX:MaxHeapFreeRatio=30 -XX:MaxRAMPercentage=65 ?

Not a good Solution, but the only one i can find now

Yeah, that would be the solution now

where does keycloak recommend restricting the containers memory?

Here: https://github.com/keycloak/keycloak/pull/28812/files
Its really new, so the public documentation does not have it now

*"As the heap size is dynamically calculated based on the total container memory, you should *always set the memory limit* for the container.
Previously, the maximum heap size was set to 512 MB, and in order to approach similar values, you should set the memory limit to at least 750 MB.
For smaller production-ready deployments, the recommended memory limit is 2 GB."*

gotcha

I spend many hours today to analyse the problem 😅

yeah the problem is that keycloak sees a whopping 252 gb

without any config, how much memory was keycloak using?

It begins at 1,4Gb and goes no stop up. At 3GB i removed the pod because of the cost

oh wow

From the Admin-Dashboard of KeyCloak

after the JAVA_OPTS_KC_HEAP variable?

Before. I will try the Variable now

I used now follow Configuration "ENV JAVAOPTSKC_HEAP="-Xms512m -Xmx1g"
Its not recommended to use Xms and Xmx but i dont want to use some relative Percantages. This is more controlable.
In the Metrics Tab of Railway its shows 620MB Ram Usage.

The KeyCloak Dashboard says following:

I will try it with this configuration.

thats much better, what do the service metrics say?

620MB Ram Usage

not bad

Thats a good usage for a keycloak (Keycloak need much (:)

thats java for you

yeah (:

how can i mark this comment with the config i used as the solution?

Thank you!
Bought you a small coffee as a thank you👍

thank you very much