Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Made available as an open-source project in 2015, its core values are high performance and extensibility.
Actively maintained, Kong is widely used in production at companies ranging from startups to Global 5000 as well as government organizations.
If you are building for web, mobile or IoT (Internet of Things) you will likely end up needing common functionality to run your actual software. Kong can help by acting as a gateway (or a sidecar) for microservices requests while providing load balancing, logging, authentication, rate-limiting, transformations, and more through plugins.
- Cloud-Native: Platform agnostic, Kong can run from bare metal to Kubernetes.
- Dynamic Load Balancing: Load balance traffic across multiple upstream services.
- Hash-based Load Balancing: Load balance with consistent hashing/sticky sessions.
- Circuit-Breaker: Intelligent tracking of unhealthy upstream services.
- Health Checks: Active and passive monitoring of your upstream services.
- Service Discovery: Resolve SRV records in third-party DNS resolvers like Consul.
- Serverless: Invoke and secure AWS Lambda or OpenWhisk functions directly from Kong.
- WebSockets: Communicate to your upstream services via WebSockets.
- OAuth2.0: Easily add OAuth2.0 authentication to your APIs.
- Logging: Log requests and responses to your system over HTTP, TCP, UDP, or to disk.
- Security: ACL, Bot detection, whitelist/blacklist IPs, etc...
- Syslog: Logging to System log.
- SSL: Setup a Specific SSL Certificate for an underlying service or API.
- Monitoring: Live monitoring provides key load and performance server metrics.
- Forward Proxy: Make Kong connect to intermediary transparent HTTP proxies.
- Authentications: HMAC, JWT, Basic, and more.
- Rate-limiting: Block and throttle requests based on many variables.
- Transformations: Add, remove, or manipulate HTTP requests and responses.
- Caching: Cache and serve responses at the proxy layer.
- CLI: Control your Kong cluster from the command line.
- REST API: Kong can be operated with its RESTful API for maximum flexibility.
- Geo-Replicated: Configs are always up-to-date across different regions.
- Failure Detection & Recovery: Kong is unaffected if one of your Cassandra nodes goes down.
- Clustering: All Kong nodes auto-join the cluster keeping their config updated across nodes.
- Scalability: Distributed by nature, Kong scales horizontally by simply adding nodes.
- Performance: Kong handles load with ease by scaling and using NGINX at the core.
- Plugins: Extendable architecture for adding functionality to Kong and APIs.
For more info about plugins, you can check out the Plugins Hub.
Kong comes in many shapes. While this repository contains its core's source code, other repos are also under active development:
- Kong Docker: A Dockerfile for running Kong in Docker.
- Kong Packages: Pre-built packages for Debian, Red Hat, and OS X distributions (shipped with each release).
- Kong Vagrant: A Vagrantfile for provisioning a development ready environment for Kong.
- Kong Homebrew: Homebrew Formula for Kong.
- Kong CloudFormation: Kong in a 1-click deployment for AWS EC2
- Kong AWS AMI: Kong AMI on the AWS Marketplace.
- Kong on Microsoft Azure: Run Kong using Azure Resource Manager.
- Kong on Heroku: Deploy Kong on Heroku in one click.
- Kong and Instaclustr: Let Instaclustr manage your Cassandra cluster.
- Nightly Builds: Builds of the master branch available every morning at about 9AM PST.
If you are planning on developing on Kong, you'll need a development
next branch holds the latest unreleased source code.
You can use a Vagrant box running Kong and Postgres that you can find at Kong/kong-vagrant.
Kong mostly is an OpenResty application made of Lua source files, but also requires some additional third-party dependencies. We recommend installing those by following the source install instructions at https://getkong.org/install/source/.
Instead of following the second step (Install Kong), clone this repository and install the latest Lua sources instead of the currently released ones:
$ git clone https://github.com/Kong/kong $ cd kong/ # you might want to switch to the development branch. See CONTRIBUTING.md $ git checkout next # install the Lua sources $ luarocks make
Running for development
Check out the development section of the default configuration file for properties to tweak in order to ease the development process for Kong.
$ make dev
Kong relies on three test suites using the busted testing library:
- Unit tests
- Integration tests, which require Postgres and Cassandra to be up and running
- Plugins tests, which require Postgres to be running
The first can simply be run after installing busted and running:
$ make test
However, the integration and plugins tests will spawn a Kong instance and
perform their tests against it. As so, consult/edit the
configuration file to make your test instance point to your Postgres/Cassandra
servers, depending on your needs.
You can run the integration tests (assuming both Postgres and Cassandra are
running and configured according to
$ make test-integration
And the plugins tests with:
$ make test-plugins
Finally, all suites can be run at once by simply using:
$ make test-all
Consult the run_tests.sh script for a more advanced example usage of the tests suites and the Makefile.
Finally, a very useful tool in Lua development (as with many other dynamic
languages) is performing static linting of your code. You can use luacheck
make dev) for this:
$ make lint
When developing, you can use the
Makefile for doing the following operations:
||Install the Kong luarock globally|
||Install development dependencies|
||Lint Lua files in
||Run the unit tests suite|
||Run the integration tests suite|
||Run the plugins test suite|
||Run all unit + integration + plugins tests at once|
Enterprise Support & Demo
If you are working in a large organization you should learn more about Kong Enterprise.
Copyright 2016-2018 Kong Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.