Kong API Gateway is a cloud-native API gateway that is based on the Nginx reverse proxy. It is a simple, fast, and lightweight solution that enables you to control, set up, and direct application-to-dedicated server request routing. The Kong API Gateway helps regulate who can access the services and data that are managed behind it. It ensures data security by allowing only authorized users and apps to access the data. The Kong API Gateway is highly performant and offers the following features:
Kong API Gateway is an efficient solution for managing APIs that offers advanced routing and management capabilities. With flexible request routing, automatic service discovery, advanced load balancing, comprehensive API management, and real-time analytics and monitoring, organizations can effectively route API traffic, discover and register APIs, distribute traffic across backend services, manage APIs throughout their lifecycle, and gain insight into API performance and usage. These capabilities make Kong a highly effective solution for managing APIs at scale and are essential for organizations looking to build and maintain a robust API infrastructure.
One of the key benefits of Kong is access to a wide range of plugins that can be easily added to the gateway, such as authentication, rate limiting, and transformations.
Another advantage of Kong is its flexible deployment options, which allow it to be deployed on-premises, in the cloud, or as a managed service, depending on the organization’s needs. Additionally, Kong API Gateway provides improved security with features like authentication and authorization, encryption, and rate limiting that help protect sensitive data and prevent attacks on APIs.
Kong API Gateway can be used for the following purposes:
To install the Kong API gateway and experience it, we will use our local Kubernetes cluster set up with Kind. Alternatively, you can use minikube to set up your local Kubernetes cluster.
bash -c "cat <<EOF > /tmp/kind-config.yaml && kind create cluster --config /tmp/kind-config.yaml
apiVersion: kind.x-k8s.io/v1alpha4
kind: Cluster
name: kong-quick-start
networking:
apiServerAddress: "0.0.0.0"
apiServerPort: 16443
nodes:
- role: control-plane
extraPortMappings:
- listenAddress: "0.0.0.0"
protocol: TCP
hostPort: 80
containerPort: 80
- listenAddress: "0.0.0.0"
protocol: TCP
hostPort: 443
containerPort: 443
EOF"
$ kubectl config use-context kind-kong-quick-start
$ kubectl cluster-info
$ kubectl create namespace kong
$ kubectl create secret generic kong-config-secret -n kong \
--from-literal=portal_session_conf='{"storage":"kong","secret":"super_secret_salt_string","cookie_name":"portal_session","cookie_same_site":"off","cookie_secure":false}' \
--from-literal=admin_gui_session_conf='{"storage":"kong","secret":"super_secret_salt_string","cookie_name":"admin_session","cookie_same_site":"off","cookie_secure":false}' \
--from-literal=pg_host="enterprise-postgresql.kong.svc.cluster.local" \
--from-literal=kong_admin_password=kong \
--from-literal=password=kong
$ kubectl create secret generic kong-enterprise-license --from-literal=license="'{}'" -n kong --dry-run=client -o yaml | kubectl apply -f -
$ helm repo add jetstack https://charts.jetstack.io ; helm repo update
$ helm upgrade --install cert-manager jetstack/cert-manager --set installCRDs=true --namespace cert-manager --create-namespace
$ bash -c "cat <<EOF | kubectl apply -n kong -f -
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: quickstart-kong-selfsigned-issuer-root
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: quickstart-kong-selfsigned-issuer-ca
spec:
commonName: quickstart-kong-selfsigned-issuer-ca
duration: 2160h0m0s
isCA: true
issuerRef:
group: cert-manager.io
kind: Issuer
name: quickstart-kong-selfsigned-issuer-root
privateKey:
algorithm: ECDSA
size: 256
renewBefore: 360h0m0s
secretName: quickstart-kong-selfsigned-issuer-ca
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: quickstart-kong-selfsigned-issuer
spec:
ca:
secretName: quickstart-kong-selfsigned-issuer-ca
EOF"
$ helm repo add kong https://charts.konghq.com ; helm repo update
$ helm install quickstart kong/kong --namespace kong --values https://bit.ly/KongGatewayHelmValuesAIO
$ open "https://$(kubectl get ingress --namespace kong quickstart-kong-manager -o jsonpath='{.spec.tls[0].hosts[0]}')"
$ curl --silent --insecure -X GET https://kong.127-0-0-1.nip.io/api -H 'kong-admin-token:kong'
Kong API Gateway is a cloud-native API gateway that uses the Nginx reverse proxy to provide advanced routing and management capabilities. It helps organizations efficiently manage their APIs by offering flexible request routing, automatic service discovery, advanced load balancing, comprehensive API management, and real-time analytics and monitoring. Kong also provides improved security with features such as authentication and authorization, encryption, and rate limiting, as well as access to a large plugin ecosystem. Additionally, Kong can be deployed on-premises, in the cloud, or as a managed service, making it an effective solution for managing APIs at scale.