What's your rating of Mashape
Kong API Gateway
Of: Thomas Bayer
Date: May 9, 2018
Updated: January 25, 2019
Kong is a so-called API layer. The developers of Kong, the former company Mashape, which is now called Kong Inc., uses the term API Layer as a synonym for API Gateway or API Middleware. Kong was originally developed as an API gateway for Mashape's Marketplace and placed under an open source license in 2015. Kong is based on the open source web server and reverse proxy NGINX and extends its functionality via the programming language Lua.
Kong is available in the Community Edition as open source software and as Kong Enterprise. The Enterprise version also includes:
- A graphical admin interface
- Extended security and authentication
- A developer portal
- Better scalability
Kong can be installed locally or in the cloud. The installation in the cloud can be done e.g. via the Amazon Marketplace or via images such as AMI or Docker. For a local installation there are Ubuntu, debian, CentOS and Red Hat packages.
Kong needs a Cassandra cluster or a Postgres database for operation. Installation via Docker is particularly convenient.
Most of the settings can be made via a configuration file. Since Kong is based on the NGINX server, there are some parameters that must be set on the NGINX server, such as the Retry Behavior with which the repetition of a request is controlled in the event of an error.
The open source version of Kong lacks a graphical user interface. There is a comprehensive and comfortable API for administration. Services, routes and consumers can be created using this API. The listing below shows how a service can be created:
The service connects the service name fruitshop with a backend that provides functions. Kong now knows the backend, but does not yet know which calls should be routed there. The routing information must be added with a route:
A route can be configured with hosts, paths and methods. Kong compares incoming calls with the routes. If they match, the associated service is called. In the example above, a call must have a host header with the value api.predic8.de contain so that the route takes effect and the call is forwarded to the backend via the service:
Kong can be expanded to include functionality using numerous plugins. A plugin can be linked either globally, for an API or for a route. Among other things, there are plugins for:
- Basic authentication
- API keys
- Authentication via LDAP
- Bot detection
- Microsoft Azure
- Amazon Lambda
- Rate limiting
- Correlation Ids
The Developer Guide describes how to create your own plugins.
Plugins for regular expressions and a dedicated configuration language are available for transforming messages. The example below shows how the JSON Properties partner and mail can be renamed:
Kong offers various plugins for logging, including for Prometheus, Syslog, Loggly, File and HTTP.
Several Kong Gateways that share the same database can be combined to form a cluster. Each node has the same configuration and thus the same services and routes. Since each node receives an individual IP address, a load balancer must be operated in front of the cluster.
The configuration of the cluster is stored in a Postgres or in a distributed Apache Cassandra database. Each Kong node has access to the configuration via the database.
Kong is one of the more mature products on the market and is already used for many installations.
The Management API enables the remote control of Kong and thus new possibilities that compensate for the missing UI for the administration. If you still want to use Kong with UI, you can use the commercial version or the API management solution Wicked from Haufe Verlag in Freiburg. Wicked relies on Kong and adds a convenient web console for administration.
- Lean solution
- Degree of ripeness of the product
- Support for web sockets
- Comprehensive API for the configuration and maintenance of APIs, consumers, plugins, ...
- The web console is only available in the commercial version.
- An Apache Cassandra or Postgres database is required for installation.
- Many plugins such as Open ID Connect, Advanced LDAP or Rate Limiting are only available for the Enterprise Subscription.
- When is the BTS Tour in 2018
- How is energy stored in chemical compounds
- Puerto Rico is about to achieve statehood
- Are there magic shows in Bielefeld
- Helps gargle after drinking soda
- How are chit funds going
- Will we ever leave our galaxy
- What's better than facebook groups
- What is the biggest myth about WWE
- What is the example of the TCP protocol
- Why is E so important
- Which sports affect people a lot
- What is placement and induction
- What does algae kill in fish ponds?
- Airplanes have gears like cars
- Can a 2x4 wall be load-bearing
- Why do hurricanes move so slowly
- The electric field lines bend
- How is the Pakistani minister doing
- How famous is Kylie Jenner
- Romania returns to communism
- What is considered a low resolution
- How could Amazon Echo be improved?
- Why are white women so conservative