Why Kong Is the Ideal Cloud‑Native API Gateway and How to Deploy It

What Is Kong?

Kong is a next‑generation API gateway designed for modern architectures such as hybrid cloud and hybrid organizations. It is cloud‑native, high‑performance, easy to use, and extensible, making it suitable for API gateway, Kubernetes Ingress, and service‑mesh sidecar scenarios.

Key Features

Cloud‑native: runs on bare metal to Kubernetes.

High performance: built on non‑blocking Nginx.

Plugin system: many ready‑to‑use plugins and a Lua‑based custom plugin interface.

Circuit breaking, logging, authentication (IP whitelist/blacklist, HMAC, JWT, OAuth 2.0, etc.).

SSL termination, rate limiting, health checks, dynamic routing.

RESTful admin API and real‑time monitoring.

Why Use Kong?

Common problems in microservice environments include:

Unified entry point : authentication, IP restriction, and rate limiting are scattered across services.

Usability and extensibility : migrating from an LNMP stack to Spring Boot/Spring Cloud requires a simple, manageable proxy.

Continuous integration and deployment : 2C internet products need hot‑deployment and blue‑green releases, which Kong supports.

Kong addresses these issues by providing a single entry point for traffic control, a user‑friendly dashboard, and CI/CD integration for blue‑green deployments.

How to Use Kong

Example of creating an upstream, adding targets, defining a service, and configuring a route:

# Create an upstream named hello
curl -X POST http://localhost:8001/upstreams --data "name=hello"

# Add two load‑balancing targets
curl -X POST http://localhost:8001/upstreams/hello/targets --data "target=localhost:8080" --data "weight=100"
curl -X POST http://localhost:8001/upstreams/hello/targets --data "target=localhost:8081" --data "weight=100"

# Create a service
curl -X POST http://localhost:8001/services --data "name=hello" --data "host=hello"

# Configure a route for the service
curl -X POST http://localhost:8001/routes --data "paths[]=/hello" --data "service.id={$service.id}"

The dashboard provides a visual interface for managing these resources.

Kong Cluster Architecture

All nodes connect to a shared PostgreSQL database (master‑slave, version 9.6+). Nodes periodically sync data (default every 5 seconds) and use a local cache (configurable via db_cache_ttl) to remain operational if the database fails. Nodes can be added or removed behind an LVS load balancer, and support dynamic scaling.

gRPC support is enabled by configuring proxy_listen in kong.conf:

proxy_listen = 0.0.0.0:8000, 0.0.0.0:8443 ssl, 0.0.0.0:9080 http2

Monitoring integrates with Prometheus and Grafana.

Important notes: Keep nginx_kong.lua template files consistent. Rotate Kong logs with logrotate .

Kong Plugins

Kong ships with many built‑in plugins (authentication, rate limiting, logging, etc.) and allows custom plugins written in Lua. After loading, plugins appear in the admin UI.

Custom Plugin Development

A minimal plugin consists of handler.lua and schema.lua. Example directory structure:

simple-plugin/
├── handler.lua
└── schema.lua

Example handler.lua skeleton:

local BasePlugin = require "kong.plugins.base_plugin"
local access = require "kong.plugins.my-custom-plugin.access"
local body_filter = require "kong.plugins.my-custom-plugin.body_filter"

local CustomHandler = BasePlugin:extend()

function CustomHandler:new()
    CustomHandler.super.new(self, "my-custom-plugin")
end

function CustomHandler:access(config)
    CustomHandler.super.access(self)
    access.execute(config)
end

function CustomHandler:body_filter(config)
    CustomHandler.super.body_filter(self)
    body_filter.execute(config)
end

return CustomHandler

Corresponding schema.lua defines configuration validation:

return {
    no_consumer = true,
    fields = {},
    self_check = function(schema, plugin_t, dao, is_updating)
        return true
    end,
}

Deploy the plugin by placing it under /data/kong/plugins/simple-plugin/ and updating kong.conf:

lua_package_path = /data/?.lua;($default);
plugins = bundled,simple-plugin

Reload Kong; the plugin appears in the admin UI if no errors occur.

Common Issues in Production

Large response bodies may require increasing buffer sizes:

nginx_proxy_proxy_buffer_size=128k
nginx_proxy_proxy_buffers=4 256k
nginx_proxy_proxy_busy_buffers_size=256k

Configuration attributes to watch: strip_path: when true, the request path is stripped according to the paths setting. preserve_host: when true, the original Host header is retained after proxying.

Conclusion

Kong is a mature open‑source gateway that excels in performance, ease of use, and extensibility. It serves as a robust service‑governance layer, enabling graceful degradation, circuit breaking, and traffic routing across complex private‑cloud, Hulk‑cloud, or Alibaba Cloud environments.