Kong is a very famous and popular open source API management solution with easy-to-install community edition, along with enterprise-level support if needed. They also provide an admin interface as well as a developer portal for the proxy API management. There is an increasing number of community editions emerging such as Kongdash and Konga which creates more choices for people. Kong also has an API for controlling the management layer which every API service and tooling provider should provide.
Even though Kong is an open source platform, KongHQ offers maintenance as well as support licenses to help large enterprises. The enterprise license has some additional features compared to the open-source platform like Security, developer portal and Admin UI.
Deployment is one of the biggest advantages of Kong due to its varied range of installation options along with pre-made containers like Vagrant and Docker. NGINX is one of the most famous HTTP servers along with Apache and IIS and it also has given high performance even during high request rates.
NGINX also has a large community of Lua scripts as well as extensions so you will not be left hanging by a thread when looking for customization. Kong, on the other hand, has moderate complexity regarding deployment. It also requires running Postgres or Cassandra. Some plugins like the rate-limiting one sometimes require additional data stores like Redis. However, its production deployment is less complicated compared to Apigee.
Kong also helps for the deployment of your APIs:
- API Routing – An API object describes an API which is being exposed by Kong. Kong needs details about how to locate the API whenever any consumer starts calling from Proxy port. Each API object should also specify some combination of methods, URLs as well as hosts.
- Consumers – Consumer object represents a customer or just like a user of an API. You can also rely on Kong to being your primary data store, or you can chart the consumer list to your database as it will help to maintain consistency between Kong and other existing primary datastore of yours.
- Certificates – A certificate object constitutes a public /private key pair to gain a SSL certificate.
- Server Name Indication (SNI) – An SNI object consists of many-to-one mapping of hostnames to a certificate.
It also focuses on the core aspects to help you manage your APIs
- Authentication – Helps to protect your services by providing an authentication layer.
- Traffic Control – Manage and restrict inbound as well as outbound API traffic.
- Analytics – Helps to inspect and visualize as well as monitor APIs and traffic.
- Transformations – Transform requests and responses immediately.
- Logging – Streamline requests as well as data from responses to logging solutions.
After that, Kong doesn’t stop, it also has a bunch of special and added features to help make it a scalable solution
- DNS-based load balancing – Here, the backend services registration is done not within Kong but outside. While using DNS-based load balancing, Kong only receives updates from the DNS server.
- Ring-balancer – The ring-balancers services includes the addition and removal of backend services which will be handled by Kong and there is no requirement of DNS updates.
- Clustering – A Kong cluster will allow you to scale and update the system horizontally using more machines to handle large incoming requests. They all have the same configuration as they are all pointed to the same database. Kong nodes which are pointing to the identical datastore will have the same Kong cluster.
- Plugins – Lua-nginx-module is present which helps in Lua scripting capabilities. Kong is distributed with OpenResty, that already include this Lua-nginx-module. OpenResty is like a bundle of modules stretching its capabilities but it is not a fork of NGINX.
- API – Administrative API access is required for programmatic control.
- CLI Reference – Kong instances can be managed, started and stopped using the Command Line Interface(CLI). The CLI also helps to manage the local node in the current machine you are using.
- Serverless – Serverless functions are invoked via APIs.
Kong pricing model is of two types i.e. a free plan and a customized enterprise plan. The free plan has limited features while the enterprise plan is for large organizations. Kong pricing model is considered very customer-friendly. The free plan has features like an open-source plugin, load balancing, service discovery, health checks and community support.
The enterprise plan has all of the features of the free plan plus features like Interactive API Documentation, Open ID Connect, Real-time Monitoring and Data Visualization, Cache Utilization, Flexible Customization, Cache utilization, Advanced Service Routing, Migration Assistance as well as Custom Plugins.
Kong is one of the most highly recommended API gateways. Kong doesn’t have the legacy baggage but it already has a large community of developed plugins. It is designed for managing modern micro-services instead of adding a transformational feature. It also has an ever-increasing community of plugins from its analytics like Moesif which can also verify JSON Web Tokens.