Kong

Kong is an API gateway and service mesh written atop OpenResty.

Concepts

  • Upstreams .
  • Services represent upstream APIs and microservices managed by Kong.
  • Routes specify how/if requests are sent to services via the Gateway. A Service can have multiple Routes.
  • Consumers model end users of the API, providing access control and reporting.
    • Credentials allow us to identify these clients from their tokens.
  • Plugins allow extending the gateway

History

  • 2.0:
    • Golang plugins introduced.
  • 1.1:
    • Database dependency removed, allowing separation of data plane and control plane.

Configuration

Kong's configuration file is located at /etc/kong/kong.conf.

Datastore

Kong can optionally use a Cassandra or PostgreSQL database to coordinate multiple Kong nodes.

Plugins

Kong plugins can be written in either Golang or Lua, and may select the protocols they affect. They're distributed via Kong Hub. Plugins can be configured in three ways:

  • For datastore-less (DB-less) clusters where there's no admin API, configuration is managed via decK.
  • On Kubernetes Ingress deployments, use the KongPlugin and KongClusterPlugin resources.
  • Generally, use the Admin API.

ACME

The ACME plugin can automatically provision SSL certificates.

Rate limiting

The rate limiting plugin accepts rate limits per-second, -minute, -hour, -day, -month and -year.

decK

decK provides a declarative configuration and drift detection system for Kong.

Admin API

Kong exposes a REST API for administration.


Backlinks