SlideShare una empresa de Scribd logo

Introduction to Kong API Gateway

Yohann Ciurlik
Yohann Ciurlik

Introduction to Kong, an open-source cloud-native, fast, scalable, and distributed API Gateway.

Tecnología
1 de 24
Descargar para leer sin conexión
KONG An API Gateway Yohann Ciurlik Date : October 17th 2017 Version : 1.1
Introduction
3 Introduction Quick overview • Open-source cloud-native, fast, scalable, and distributed Microservice Abstraction Layer • Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015 by Mashape. • Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations. • Licensing model : – Enterprise Edition (EE) – Community Edition (CE)
4 Introduction What is Kong ? • Kong is an API gateway : it’s a form of middleware between computing clients and your API-based applications. • Kong easily and consistently extends the features of your APIs. Some of the popular features deployed through Kong include : – authentication, – security, – traffic control, – serverless, – analytics & monitoring, – request/response transformations – and logging.
5 Introduction Why use Kong ? • Kong is : – Radically Extensible – Blazingly Fast – Open Source – Platform Agnostic – Cloud Native – RESTful
Community Edition (CE)
7 Community Edition (CE) Focus on Community Edition (CE) • Available on Github – Actual version : 0.11.0 – Apache v2 licensing – 3500 commits, 12,5 k*, 1400 forks • No UI & Analytics on CE (!!!) – OS community UI : • Konga • Kongdash, • Kong Dashboard (desktop) – Analytics : • ELK • Runscope, Datadog, …
8 Community Edition (CE) A lot of open source plugins • Authentication – Basic – Key – HMAC – OAUth 2 – LDAP – JWT • Security – ACL – CORS – Dynamics SSL – IP Restriction – Bot Detection • Traffic control – Rate Limiting – Response Rate Limiting – Request Size Limiting – Request termination • Analytics & Monitoring – Galileo – Datadog – Runscope • Transformations – Request Transformer – Response Transformer – Correlation ID • Serverless – AWS Lambda – OpenWhisk • Logging – TCP – UDP – HTTP – File – Syslog – StatsD – Loggly
Enterprise Edition (EE)
10 Enterprise Edition (EE) Benefits • Admin GUI • Dev Portal • API Analytics • More scalability • More security • 24/7 support • More information on https://konghq.com/kong-enterprise-edition/
11 Enterprise Edition (EE) Dev portal & admin GUI in EE https://gelato.io/ Markdown explorer Automatic API Explorer Import OpenAPI/Swaggr Developer Registration
12 Enterprise Edition (EE) Kong Analytics platform in EE https://getgalileo.io/ Realtime Logging Diff comparaison
Architecture overview
14 Architecture overview Based on OpenResty (Nginx & LUA scripting)
15 Architecture overview Native scalability
16 Architecture overview How to install and start Kong … • Distributions – Docker, Vargrant, Pre-built packages – Homebrew, AWS, Azure, Heroku, CloudFormation • Start in 1 min :
17 Architecture overview How to administrate and configure Kong ? • Postman is your best friend for all configuration tasks – Information routes – API – Consumer – Plugin – Certificate – SNI – Upstream – Targets • Also a CLI Tool that allows you to start, stop, and manage your Kong instances.
18 Architecture overview Extend it with your own plugin • Using LUA Scripting – simple-plugin – ├── handler.lua – └── schema.lua • Build the plugin and install it on the server • More information on https://getkong.org/docs/0.11.x/plugin-development/ • Then configure it on your API :
Going further with Kong
20 Going further with Kong Proof of Concept • Expose end-user API with an access : http://docker:8000/person/2016-4987649-53 • Add JWT and upstream Basic Auth plugin • Add JWT authentication : • Check personId correlation between JWT and URI parameter (see plugin code) • Which consumes EIS Thalys API with Basic Authentication https://api.spawnrider.net/api/Person/2016-4987649- 53?personIdType=user&levelOfDetails=full • My demo docker is available on Docker Hub
21 Going further with Kong Benefits and concerns • Benefits – Easy to install, configure and use – Based on reliable products (Nginx, Cassandra, …) – Not an ESB-based technical stack – Well documented • Concerns – No OOTB Administration UI, Developer portal and Analytics platform – Too technical for “non-tech” end-user / administrator
22 Going further with Kong Online materials • Documentation – https://getkong.org/ – https://getkong.org/plugins/ – https://getkong.org/docs/ • Videos & Webinars : – Mashap Youtube Channel – API & Microservices Management with Kong (Webinar) – Microservices Orchestration with Kong, Galileo & Gelato (Webinar)
23 Contact Yohann Ciurlik Managing Solution Architect Digital Customer eXperience (DCX) Capgemini France yohann.ciurlik@Capgemini.com Also on Twitter or LinkedIn
Introduction to Kong API Gateway

Recomendados

Kong API Gateway
Kong API Gateway Kong API Gateway
Kong API Gateway Chris Mague
 
Kong
KongKong
KongTroublemaker Khunpech
 
Kong API
Kong APIKong API
Kong APIPatrick Pierson
 
Microservices & API Gateways
Microservices & API Gateways Microservices & API Gateways
Microservices & API Gateways Kong Inc.
 
Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservicesKunal Hire
 
Basic Kong API Gateway
Basic Kong API GatewayBasic Kong API Gateway
Basic Kong API GatewaySukoomPornsuksiri1
 
Kong Workshop.pdf
Kong Workshop.pdfKong Workshop.pdf
Kong Workshop.pdfAvinashUpadhyaya3
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?LunchBadger
 

Recomendados

Kong API Gateway
Kong API Gateway Kong API Gateway
Kong API Gateway Chris Mague
 
Kong
KongKong
KongTroublemaker Khunpech
 
Kong API
Kong APIKong API
Kong APIPatrick Pierson
 
Microservices & API Gateways
Microservices & API Gateways Microservices & API Gateways
Microservices & API Gateways Kong Inc.
 
Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservicesKunal Hire
 
Basic Kong API Gateway
Basic Kong API GatewayBasic Kong API Gateway
Basic Kong API GatewaySukoomPornsuksiri1
 
Kong Workshop.pdf
Kong Workshop.pdfKong Workshop.pdf
Kong Workshop.pdfAvinashUpadhyaya3
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?LunchBadger
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayAmazon Web Services
 
Flexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with KongFlexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with KongSven Bernhardt
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with KongNebulaworks
 
Designing APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecDesigning APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecAdam Paxton
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee | Google Cloud
 
02 api gateway
02 api gateway02 api gateway
02 api gatewayJanani Velmurugan
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gatewayChengHui Weng
 
How to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credentialHow to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credentialShiu-Fun Poon
 
API Security Lifecycle
API Security LifecycleAPI Security Lifecycle
API Security LifecycleApigee | Google Cloud
 
Architecture: Microservices
Architecture: MicroservicesArchitecture: Microservices
Architecture: MicroservicesAmazon Web Services
 
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...WSO2
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0WSO2
 
API Governance in the Enterprise
API Governance in the EnterpriseAPI Governance in the Enterprise
API Governance in the EnterpriseApigee | Google Cloud
 
API Gateway report
API Gateway reportAPI Gateway report
API Gateway reportGleicon Moraes
 
The Architecture of an API Platform
The Architecture of an API PlatformThe Architecture of an API Platform
The Architecture of an API PlatformJohannes Ridderstedt
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak Abhishek Koserwal
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API ManagementApigee | Google Cloud
 
Architecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyArchitecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyWSO2
 
Apigee Edge: Intro to Microgateway
Apigee Edge: Intro to MicrogatewayApigee Edge: Intro to Microgateway
Apigee Edge: Intro to MicrogatewayApigee | Google Cloud
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best PracticeShiu-Fun Poon
 
KONG-APIGateway.pptx
KONG-APIGateway.pptxKONG-APIGateway.pptx
KONG-APIGateway.pptxAgusto Sipahutar
 
Azure app service to create web and mobile apps
Azure app service to create web and mobile appsAzure app service to create web and mobile apps
Azure app service to create web and mobile appsKen Cenerelli
 

Más contenido relacionado

La actualidad más candente

Flexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with KongFlexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with KongSven Bernhardt
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with KongNebulaworks
 
Designing APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecDesigning APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecAdam Paxton
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gatewayChengHui Weng
 
How to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credentialHow to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credentialShiu-Fun Poon
 
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...WSO2
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0WSO2
 
The Architecture of an API Platform
The Architecture of an API PlatformThe Architecture of an API Platform
The Architecture of an API PlatformJohannes Ridderstedt
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak Abhishek Koserwal
 
Architecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyArchitecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyWSO2
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best PracticeShiu-Fun Poon
 

La actualidad más candente (20)

Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
 
Flexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with KongFlexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with Kong
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with Kong
 
Designing APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecDesigning APIs with OpenAPI Spec
Designing APIs with OpenAPI Spec
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and Roadmap
 
02 api gateway
02 api gateway02 api gateway
02 api gateway
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gateway
 
How to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credentialHow to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credential
 
API Security Lifecycle
API Security LifecycleAPI Security Lifecycle
API Security Lifecycle
 
Architecture: Microservices
Architecture: MicroservicesArchitecture: Microservices
Architecture: Microservices
 
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0
 
API Governance in the Enterprise
API Governance in the EnterpriseAPI Governance in the Enterprise
API Governance in the Enterprise
 
API Gateway report
API Gateway reportAPI Gateway report
API Gateway report
 
The Architecture of an API Platform
The Architecture of an API PlatformThe Architecture of an API Platform
The Architecture of an API Platform
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API Management
 
Architecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyArchitecting an Enterprise API Management Strategy
Architecting an Enterprise API Management Strategy
 
Apigee Edge: Intro to Microgateway
Apigee Edge: Intro to MicrogatewayApigee Edge: Intro to Microgateway
Apigee Edge: Intro to Microgateway
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best Practice
 

Similar a Introduction to Kong API Gateway

Azure app service to create web and mobile apps
Azure app service to create web and mobile appsAzure app service to create web and mobile apps
Azure app service to create web and mobile appsKen Cenerelli
 
IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014Christopher Ferris
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017Patrick Chanezon
 
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptxIBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptxGeorg Ember
 
APIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementAPIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementNGINX, Inc.
 
API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisisChristian Posta
 
Building Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco APIBuilding Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco APIJeff Potts
 
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM BluemixDeploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM BluemixArthur De Magalhaes
 
What's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for BusinessWhat's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for BusinessChris Schalk
 
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsKube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsShikha Srivastava
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event StreamPractical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event StreamEva Mave Ng
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...Harshana Martin
 
Net Devops Overview
Net Devops OverviewNet Devops Overview
Net Devops OverviewJoel W. King
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0WSO2
 
OSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixOSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixMarcel Offermans
 
OCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes LaunchOCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes LaunchPT Datacomm Diangraha
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api ManagementSmartWave
 

Similar a Introduction to Kong API Gateway (20)

KONG-APIGateway.pptx
KONG-APIGateway.pptxKONG-APIGateway.pptx
KONG-APIGateway.pptx
 
Azure app service to create web and mobile apps
Azure app service to create web and mobile appsAzure app service to create web and mobile apps
Azure app service to create web and mobile apps
 
IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017
 
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptxIBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
 
APIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementAPIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & Management
 
Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-
 
API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
 
Building Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco APIBuilding Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco API
 
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM BluemixDeploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
 
What's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for BusinessWhat's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for Business
 
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsKube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
 
M meijer api management - tech-days 2015
M meijer api management - tech-days 2015M meijer api management - tech-days 2015
M meijer api management - tech-days 2015
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event StreamPractical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event Stream
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
 
Net Devops Overview
Net Devops OverviewNet Devops Overview
Net Devops Overview
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
 
OSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixOSGi on Google Android using Apache Felix
OSGi on Google Android using Apache Felix
 
OCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes LaunchOCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes Launch
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management
 

Último

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Último (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

Introduction to Kong API Gateway

  • 1. KONG An API Gateway Yohann Ciurlik Date : October 17th 2017 Version : 1.1
  • 3. 3 Introduction Quick overview • Open-source cloud-native, fast, scalable, and distributed Microservice Abstraction Layer • Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015 by Mashape. • Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations. • Licensing model : – Enterprise Edition (EE) – Community Edition (CE)
  • 4. 4 Introduction What is Kong ? • Kong is an API gateway : it’s a form of middleware between computing clients and your API-based applications. • Kong easily and consistently extends the features of your APIs. Some of the popular features deployed through Kong include : – authentication, – security, – traffic control, – serverless, – analytics & monitoring, – request/response transformations – and logging.
  • 5. 5 Introduction Why use Kong ? • Kong is : – Radically Extensible – Blazingly Fast – Open Source – Platform Agnostic – Cloud Native – RESTful
  • 7. 7 Community Edition (CE) Focus on Community Edition (CE) • Available on Github – Actual version : 0.11.0 – Apache v2 licensing – 3500 commits, 12,5 k*, 1400 forks • No UI & Analytics on CE (!!!) – OS community UI : • Konga • Kongdash, • Kong Dashboard (desktop) – Analytics : • ELK • Runscope, Datadog, …
  • 8. 8 Community Edition (CE) A lot of open source plugins • Authentication – Basic – Key – HMAC – OAUth 2 – LDAP – JWT • Security – ACL – CORS – Dynamics SSL – IP Restriction – Bot Detection • Traffic control – Rate Limiting – Response Rate Limiting – Request Size Limiting – Request termination • Analytics & Monitoring – Galileo – Datadog – Runscope • Transformations – Request Transformer – Response Transformer – Correlation ID • Serverless – AWS Lambda – OpenWhisk • Logging – TCP – UDP – HTTP – File – Syslog – StatsD – Loggly
  • 10. 10 Enterprise Edition (EE) Benefits • Admin GUI • Dev Portal • API Analytics • More scalability • More security • 24/7 support • More information on https://konghq.com/kong-enterprise-edition/
  • 11. 11 Enterprise Edition (EE) Dev portal & admin GUI in EE https://gelato.io/ Markdown explorer Automatic API Explorer Import OpenAPI/Swaggr Developer Registration
  • 12. 12 Enterprise Edition (EE) Kong Analytics platform in EE https://getgalileo.io/ Realtime Logging Diff comparaison
  • 14. 14 Architecture overview Based on OpenResty (Nginx & LUA scripting)
  • 16. 16 Architecture overview How to install and start Kong … • Distributions – Docker, Vargrant, Pre-built packages – Homebrew, AWS, Azure, Heroku, CloudFormation • Start in 1 min :
  • 17. 17 Architecture overview How to administrate and configure Kong ? • Postman is your best friend for all configuration tasks – Information routes – API – Consumer – Plugin – Certificate – SNI – Upstream – Targets • Also a CLI Tool that allows you to start, stop, and manage your Kong instances.
  • 18. 18 Architecture overview Extend it with your own plugin • Using LUA Scripting – simple-plugin – ├── handler.lua – └── schema.lua • Build the plugin and install it on the server • More information on https://getkong.org/docs/0.11.x/plugin-development/ • Then configure it on your API :
  • 20. 20 Going further with Kong Proof of Concept • Expose end-user API with an access : http://docker:8000/person/2016-4987649-53 • Add JWT and upstream Basic Auth plugin • Add JWT authentication : • Check personId correlation between JWT and URI parameter (see plugin code) • Which consumes EIS Thalys API with Basic Authentication https://api.spawnrider.net/api/Person/2016-4987649- 53?personIdType=user&levelOfDetails=full • My demo docker is available on Docker Hub
  • 21. 21 Going further with Kong Benefits and concerns • Benefits – Easy to install, configure and use – Based on reliable products (Nginx, Cassandra, …) – Not an ESB-based technical stack – Well documented • Concerns – No OOTB Administration UI, Developer portal and Analytics platform – Too technical for “non-tech” end-user / administrator
  • 22. 22 Going further with Kong Online materials • Documentation – https://getkong.org/ – https://getkong.org/plugins/ – https://getkong.org/docs/ • Videos & Webinars : – Mashap Youtube Channel – API & Microservices Management with Kong (Webinar) – Microservices Orchestration with Kong, Galileo & Gelato (Webinar)
  • 23. 23 Contact Yohann Ciurlik Managing Solution Architect Digital Customer eXperience (DCX) Capgemini France yohann.ciurlik@Capgemini.com Also on Twitter or LinkedIn