How do you handle thousands of users with key-auth in k8s?

I’m looking to add API key-based authentication to my API.

I’m looking at docs around the key-auth plugin:

I understand that in Kubernetes, Kong usually runs without database. Then the usual way to create users is according to the second link above is to create a KongConsumer resources alongside a kongCredType secret.

I don’t understand how this solution is supposed to scale to hundreds or thousands of users. It seems like it’s more suited for a handful of service-to-service auths. Juggling thousands of KongConsumer k8s resources for my users seems sketchy.

Should I be looking at running Kong with a database and using the REST API to manage user keys?

Yes.

If you have a few thousands of users (<5000), you can use the DB-less mode of Kong but if you have a large number of consumers, then please use the DB-mode and use Kong’s Admin API to provision the consumers and their credentials directly.


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ