Switch to Kong API: Steps to make it production ready

Hi Guys,

I’ve set up 2 kubernetes cluster on AWS with standard ingress controller ingress-nginx to deal with external traffic. I’m managing authentication between micro services using JWT tokens.

  1. One of my cluster is dedicated to deployment of different micro services.
  2. The second cluster is dedicated to Vault which contains the different JWT secrets needed to access each micro service.
    Both clusters communicates with each other to get the correct secret to verify the JWT token against.

I’m looking at replacing ingress-nginx controller by kong API gateway to manage easily traffic load and security.

The documentation says that the default installation of kong is not production ready, so I would like to know what areas I should look at, specifically to make it robust in terms of loads and security ?
Could give me some detailed guidance so that I can get the best of the open source version of Kong API.
What I’m more concerned about is the ability for Kong to deal with high traffic load.

I would like to underline that I’m not a dev ops initially but a software developer. So sorry, if my question is too general.

Thanks for your time.

You will need to ensure enough replicas of Kong are running.
That’s all I can recommend based on the information you’ve provided.

Let us know if you run into any hiccups and happy to help out further.