How do you handle thousands of users with key-auth in k8s?

serain · July 10, 2020, 11:20pm

I’m looking to add API key-based authentication to my API.

I’m looking at docs around the key-auth plugin:

I understand that in Kubernetes, Kong usually runs without database. Then the usual way to create users is according to the second link above is to create a KongConsumer resources alongside a kongCredType secret.

I don’t understand how this solution is supposed to scale to hundreds or thousands of users. It seems like it’s more suited for a handful of service-to-service auths. Juggling thousands of KongConsumer k8s resources for my users seems sketchy.

Should I be looking at running Kong with a database and using the REST API to manage user keys?

hbagdi · July 13, 2020, 5:45pm

Yes.

If you have a few thousands of users (<5000), you can use the DB-less mode of Kong but if you have a large number of consumers, then please use the DB-mode and use Kong’s Admin API to provision the consumers and their credentials directly.

rohit-chowdhary · January 26, 2021, 7:42pm

@hbagdi Does this mean that CP and the Database need to be up and running all the time, unlike suggested in the documentation that they can be brought down as long as DP are up and running ?
thanks

Topic		Replies	Views
Creating an APIkey when declaratively creating a KongCredential	3	726	August 5, 2019
How to automatically generate API key? Kubernetes	4	891	November 21, 2023
Kong DB-less mode and dynamic Consumers	3	890	December 26, 2019
Relate many-to-one user/consumer, modify kong db from external service Questions	0	332	February 4, 2020
How to use multiple key-auth per consumer Questions	3	646	February 4, 2020

How do you handle thousands of users with key-auth in k8s?

Related Topics