mtls-auth plugin #7513
Replies: 1 comment
-
There are a few different ways to answer this/approach it. "Why is it a paid feature in Kong?" "Why is it not a paid feature in some other software?" "Is it ever going to change, and if so, when?" The last is the most tactical and probably has the most impact on you right now, so I'll answer that first. While we do periodically revisit what license various features/plugins are targeted to, right now we don't have any plans to move the mTLS auth plugin to an open source license. The "why" questions have a lot more to do with strategy and general business considerations. I'll answer a little of it here, but I don't think I can exhaustively answer in a GH discussion: whole dissertations could be (and have been) written on how most open source software is/needs to be subsidized and how software like Kong's gateway specifically is best suited for that subsidization through commercial software subscriptions (either SaaS or self-managed or both), so I won't go into that here, but will mention that is exactly what Kong has done. Picking out what goes into the various license levels in the open core business is somewhere between an art and a science. Like art, there often is no absolute correct answer or deterministic formula for picking the license and like science, sometimes the answer should change as you learn more, and hence our periodic revisiting of past decisions. mTLS auth is specifically in a paid offering because of what you mention: that it's pretty important, but specifically who and where it's important to. That is, many enterprises, especially those in regulated industries, want to use such a feature, a.k.a. there is commercial demand for it. Simultaneously, there's not as much non-commercial demand for such a feature. Those are 2 important datapoints for decisions, but again, there is no full formula or decision tree I could provide to say exactly why a feature is in 1 license vs another. |
Beta Was this translation helpful? Give feedback.
-
Hello,
Is there any specific reason why mtls-auth plugin is not included in OSS ? given that mTLS is out of the box for standard nginx also kubernetes nginx ingress includes it and extensively used.
We are actively evaluating various ingress controllers and mTLS is pretty important are there any plans to include this in OSS
Beta Was this translation helpful? Give feedback.
All reactions