SlideShare uma empresa Scribd logo

Introduction to Kong API Gateway

Yohann Ciurlik
Yohann Ciurlik

Introduction to Kong, an open-source cloud-native, fast, scalable, and distributed API Gateway.

Tecnologia
1 de 24
Baixar para ler offline
KONG An API Gateway Yohann Ciurlik Date : October 17th 2017 Version : 1.1
Introduction
3 Introduction Quick overview • Open-source cloud-native, fast, scalable, and distributed Microservice Abstraction Layer • Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015 by Mashape. • Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations. • Licensing model : – Enterprise Edition (EE) – Community Edition (CE)
4 Introduction What is Kong ? • Kong is an API gateway : it’s a form of middleware between computing clients and your API-based applications. • Kong easily and consistently extends the features of your APIs. Some of the popular features deployed through Kong include : – authentication, – security, – traffic control, – serverless, – analytics & monitoring, – request/response transformations – and logging.
5 Introduction Why use Kong ? • Kong is : – Radically Extensible – Blazingly Fast – Open Source – Platform Agnostic – Cloud Native – RESTful
Community Edition (CE)
7 Community Edition (CE) Focus on Community Edition (CE) • Available on Github – Actual version : 0.11.0 – Apache v2 licensing – 3500 commits, 12,5 k*, 1400 forks • No UI & Analytics on CE (!!!) – OS community UI : • Konga • Kongdash, • Kong Dashboard (desktop) – Analytics : • ELK • Runscope, Datadog, …
8 Community Edition (CE) A lot of open source plugins • Authentication – Basic – Key – HMAC – OAUth 2 – LDAP – JWT • Security – ACL – CORS – Dynamics SSL – IP Restriction – Bot Detection • Traffic control – Rate Limiting – Response Rate Limiting – Request Size Limiting – Request termination • Analytics & Monitoring – Galileo – Datadog – Runscope • Transformations – Request Transformer – Response Transformer – Correlation ID • Serverless – AWS Lambda – OpenWhisk • Logging – TCP – UDP – HTTP – File – Syslog – StatsD – Loggly
Enterprise Edition (EE)
10 Enterprise Edition (EE) Benefits • Admin GUI • Dev Portal • API Analytics • More scalability • More security • 24/7 support • More information on https://konghq.com/kong-enterprise-edition/
11 Enterprise Edition (EE) Dev portal & admin GUI in EE https://gelato.io/ Markdown explorer Automatic API Explorer Import OpenAPI/Swaggr Developer Registration
12 Enterprise Edition (EE) Kong Analytics platform in EE https://getgalileo.io/ Realtime Logging Diff comparaison
Architecture overview
14 Architecture overview Based on OpenResty (Nginx & LUA scripting)
15 Architecture overview Native scalability
16 Architecture overview How to install and start Kong … • Distributions – Docker, Vargrant, Pre-built packages – Homebrew, AWS, Azure, Heroku, CloudFormation • Start in 1 min :
17 Architecture overview How to administrate and configure Kong ? • Postman is your best friend for all configuration tasks – Information routes – API – Consumer – Plugin – Certificate – SNI – Upstream – Targets • Also a CLI Tool that allows you to start, stop, and manage your Kong instances.
18 Architecture overview Extend it with your own plugin • Using LUA Scripting – simple-plugin – ├── handler.lua – └── schema.lua • Build the plugin and install it on the server • More information on https://getkong.org/docs/0.11.x/plugin-development/ • Then configure it on your API :
Going further with Kong
20 Going further with Kong Proof of Concept • Expose end-user API with an access : http://docker:8000/person/2016-4987649-53 • Add JWT and upstream Basic Auth plugin • Add JWT authentication : • Check personId correlation between JWT and URI parameter (see plugin code) • Which consumes EIS Thalys API with Basic Authentication https://api.spawnrider.net/api/Person/2016-4987649- 53?personIdType=user&levelOfDetails=full • My demo docker is available on Docker Hub
21 Going further with Kong Benefits and concerns • Benefits – Easy to install, configure and use – Based on reliable products (Nginx, Cassandra, …) – Not an ESB-based technical stack – Well documented • Concerns – No OOTB Administration UI, Developer portal and Analytics platform – Too technical for “non-tech” end-user / administrator
22 Going further with Kong Online materials • Documentation – https://getkong.org/ – https://getkong.org/plugins/ – https://getkong.org/docs/ • Videos & Webinars : – Mashap Youtube Channel – API & Microservices Management with Kong (Webinar) – Microservices Orchestration with Kong, Galileo & Gelato (Webinar)
23 Contact Yohann Ciurlik Managing Solution Architect Digital Customer eXperience (DCX) Capgemini France yohann.ciurlik@Capgemini.com Also on Twitter or LinkedIn
Introduction to Kong API Gateway

Recomendados

Kong API
Kong APIKong API
Kong APIPatrick Pierson
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?LunchBadger
 
Kong
KongKong
KongTroublemaker Khunpech
 
Microservices & API Gateways
Microservices & API Gateways Microservices & API Gateways
Microservices & API Gateways Kong Inc.
 
Kong API Gateway
Kong API Gateway Kong API Gateway
Kong API Gateway Chris Mague
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayMark Bate
 
Api Gateway
Api GatewayApi Gateway
Api GatewayKhaqanAshraf
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API ManagementApigee | Google Cloud
 

Recomendados

Kong API
Kong APIKong API
Kong APIPatrick Pierson
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?LunchBadger
 
Kong
KongKong
KongTroublemaker Khunpech
 
Microservices & API Gateways
Microservices & API Gateways Microservices & API Gateways
Microservices & API Gateways Kong Inc.
 
Kong API Gateway
Kong API Gateway Kong API Gateway
Kong API Gateway Chris Mague
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayMark Bate
 
Api Gateway
Api GatewayApi Gateway
Api GatewayKhaqanAshraf
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API ManagementApigee | Google Cloud
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayAmazon Web Services
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and GuidelinesWSO2
 
Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservicesKunal Hire
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak Abhishek Koserwal
 
Swagger
SwaggerSwagger
SwaggerNexThoughts Technologies
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & GuidelinesPrabath Siriwardena
 
Azure API Management
Azure API ManagementAzure API Management
Azure API ManagementDaniel Toomey
 
API Docs with OpenAPI 3.0
API Docs with OpenAPI 3.0API Docs with OpenAPI 3.0
API Docs with OpenAPI 3.0Fabrizio Ferri-Benedetti
 
Designing APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecDesigning APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecAdam Paxton
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 
02 api gateway
02 api gateway02 api gateway
02 api gatewayJanani Velmurugan
 
Opa gatekeeper
Opa gatekeeperOpa gatekeeper
Opa gatekeeperRita Zhang
 
Basic Kong API Gateway
Basic Kong API GatewayBasic Kong API Gateway
Basic Kong API GatewaySukoomPornsuksiri1
 
Using RAML 1.0 Like a Pro
Using RAML 1.0 Like a ProUsing RAML 1.0 Like a Pro
Using RAML 1.0 Like a ProMuleSoft
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gatewayChengHui Weng
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker, Inc.
 
API as-a-Product with Azure API Management (APIM)
API as-a-Product with Azure API Management (APIM)API as-a-Product with Azure API Management (APIM)
API as-a-Product with Azure API Management (APIM)Bishoy Demian
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0WSO2
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayAmazon Web Services
 
OpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerOpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerSmartBear
 
KONG-APIGateway.pptx
KONG-APIGateway.pptxKONG-APIGateway.pptx
KONG-APIGateway.pptxAgusto Sipahutar
 
Azure app service to create web and mobile apps
Azure app service to create web and mobile appsAzure app service to create web and mobile apps
Azure app service to create web and mobile appsKen Cenerelli
 

Mais conteúdo relacionado

Mais procurados

API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and GuidelinesWSO2
 
Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservicesKunal Hire
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak Abhishek Koserwal
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & GuidelinesPrabath Siriwardena
 
Azure API Management
Azure API ManagementAzure API Management
Azure API ManagementDaniel Toomey
 
Designing APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecDesigning APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecAdam Paxton
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 
Opa gatekeeper
Opa gatekeeperOpa gatekeeper
Opa gatekeeperRita Zhang
 
Using RAML 1.0 Like a Pro
Using RAML 1.0 Like a ProUsing RAML 1.0 Like a Pro
Using RAML 1.0 Like a ProMuleSoft
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gatewayChengHui Weng
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker, Inc.
 
API as-a-Product with Azure API Management (APIM)
API as-a-Product with Azure API Management (APIM)API as-a-Product with Azure API Management (APIM)
API as-a-Product with Azure API Management (APIM)Bishoy Demian
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0WSO2
 
OpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerOpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerSmartBear
 

Mais procurados (20)

Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and Guidelines
 
Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservices
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak
 
Swagger
SwaggerSwagger
Swagger
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
Azure API Management
Azure API ManagementAzure API Management
Azure API Management
 
API Docs with OpenAPI 3.0
API Docs with OpenAPI 3.0API Docs with OpenAPI 3.0
API Docs with OpenAPI 3.0
 
Designing APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecDesigning APIs with OpenAPI Spec
Designing APIs with OpenAPI Spec
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
 
02 api gateway
02 api gateway02 api gateway
02 api gateway
 
Opa gatekeeper
Opa gatekeeperOpa gatekeeper
Opa gatekeeper
 
Basic Kong API Gateway
Basic Kong API GatewayBasic Kong API Gateway
Basic Kong API Gateway
 
Using RAML 1.0 Like a Pro
Using RAML 1.0 Like a ProUsing RAML 1.0 Like a Pro
Using RAML 1.0 Like a Pro
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gateway
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to Docker
 
API as-a-Product with Azure API Management (APIM)
API as-a-Product with Azure API Management (APIM)API as-a-Product with Azure API Management (APIM)
API as-a-Product with Azure API Management (APIM)
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
 
OpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerOpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of Swagger
 

Semelhante a Introduction to Kong API Gateway

Azure app service to create web and mobile apps
Azure app service to create web and mobile appsAzure app service to create web and mobile apps
Azure app service to create web and mobile appsKen Cenerelli
 
IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014Christopher Ferris
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017Patrick Chanezon
 
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptxIBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptxGeorg Ember
 
APIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementAPIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementNGINX, Inc.
 
API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisisChristian Posta
 
Building Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco APIBuilding Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco APIJeff Potts
 
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM BluemixDeploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM BluemixArthur De Magalhaes
 
What's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for BusinessWhat's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for BusinessChris Schalk
 
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsKube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsShikha Srivastava
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event StreamPractical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event StreamEva Mave Ng
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...Harshana Martin
 
Net Devops Overview
Net Devops OverviewNet Devops Overview
Net Devops OverviewJoel W. King
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0WSO2
 
OSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixOSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixMarcel Offermans
 
OCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes LaunchOCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes LaunchPT Datacomm Diangraha
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api ManagementSmartWave
 

Semelhante a Introduction to Kong API Gateway (20)

KONG-APIGateway.pptx
KONG-APIGateway.pptxKONG-APIGateway.pptx
KONG-APIGateway.pptx
 
Azure app service to create web and mobile apps
Azure app service to create web and mobile appsAzure app service to create web and mobile apps
Azure app service to create web and mobile apps
 
IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017
 
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptxIBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
 
APIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementAPIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & Management
 
Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-
 
API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
 
Building Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco APIBuilding Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco API
 
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM BluemixDeploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
 
What's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for BusinessWhat's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for Business
 
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsKube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
 
M meijer api management - tech-days 2015
M meijer api management - tech-days 2015M meijer api management - tech-days 2015
M meijer api management - tech-days 2015
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event StreamPractical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event Stream
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
 
Net Devops Overview
Net Devops OverviewNet Devops Overview
Net Devops Overview
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
 
OSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixOSGi on Google Android using Apache Felix
OSGi on Google Android using Apache Felix
 
OCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes LaunchOCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes Launch
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management
 

Último

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Último (20)

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

Introduction to Kong API Gateway

  • 1. KONG An API Gateway Yohann Ciurlik Date : October 17th 2017 Version : 1.1
  • 3. 3 Introduction Quick overview • Open-source cloud-native, fast, scalable, and distributed Microservice Abstraction Layer • Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015 by Mashape. • Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations. • Licensing model : – Enterprise Edition (EE) – Community Edition (CE)
  • 4. 4 Introduction What is Kong ? • Kong is an API gateway : it’s a form of middleware between computing clients and your API-based applications. • Kong easily and consistently extends the features of your APIs. Some of the popular features deployed through Kong include : – authentication, – security, – traffic control, – serverless, – analytics & monitoring, – request/response transformations – and logging.
  • 5. 5 Introduction Why use Kong ? • Kong is : – Radically Extensible – Blazingly Fast – Open Source – Platform Agnostic – Cloud Native – RESTful
  • 7. 7 Community Edition (CE) Focus on Community Edition (CE) • Available on Github – Actual version : 0.11.0 – Apache v2 licensing – 3500 commits, 12,5 k*, 1400 forks • No UI & Analytics on CE (!!!) – OS community UI : • Konga • Kongdash, • Kong Dashboard (desktop) – Analytics : • ELK • Runscope, Datadog, …
  • 8. 8 Community Edition (CE) A lot of open source plugins • Authentication – Basic – Key – HMAC – OAUth 2 – LDAP – JWT • Security – ACL – CORS – Dynamics SSL – IP Restriction – Bot Detection • Traffic control – Rate Limiting – Response Rate Limiting – Request Size Limiting – Request termination • Analytics & Monitoring – Galileo – Datadog – Runscope • Transformations – Request Transformer – Response Transformer – Correlation ID • Serverless – AWS Lambda – OpenWhisk • Logging – TCP – UDP – HTTP – File – Syslog – StatsD – Loggly
  • 10. 10 Enterprise Edition (EE) Benefits • Admin GUI • Dev Portal • API Analytics • More scalability • More security • 24/7 support • More information on https://konghq.com/kong-enterprise-edition/
  • 11. 11 Enterprise Edition (EE) Dev portal & admin GUI in EE https://gelato.io/ Markdown explorer Automatic API Explorer Import OpenAPI/Swaggr Developer Registration
  • 12. 12 Enterprise Edition (EE) Kong Analytics platform in EE https://getgalileo.io/ Realtime Logging Diff comparaison
  • 14. 14 Architecture overview Based on OpenResty (Nginx & LUA scripting)
  • 16. 16 Architecture overview How to install and start Kong … • Distributions – Docker, Vargrant, Pre-built packages – Homebrew, AWS, Azure, Heroku, CloudFormation • Start in 1 min :
  • 17. 17 Architecture overview How to administrate and configure Kong ? • Postman is your best friend for all configuration tasks – Information routes – API – Consumer – Plugin – Certificate – SNI – Upstream – Targets • Also a CLI Tool that allows you to start, stop, and manage your Kong instances.
  • 18. 18 Architecture overview Extend it with your own plugin • Using LUA Scripting – simple-plugin – ├── handler.lua – └── schema.lua • Build the plugin and install it on the server • More information on https://getkong.org/docs/0.11.x/plugin-development/ • Then configure it on your API :
  • 20. 20 Going further with Kong Proof of Concept • Expose end-user API with an access : http://docker:8000/person/2016-4987649-53 • Add JWT and upstream Basic Auth plugin • Add JWT authentication : • Check personId correlation between JWT and URI parameter (see plugin code) • Which consumes EIS Thalys API with Basic Authentication https://api.spawnrider.net/api/Person/2016-4987649- 53?personIdType=user&levelOfDetails=full • My demo docker is available on Docker Hub
  • 21. 21 Going further with Kong Benefits and concerns • Benefits – Easy to install, configure and use – Based on reliable products (Nginx, Cassandra, …) – Not an ESB-based technical stack – Well documented • Concerns – No OOTB Administration UI, Developer portal and Analytics platform – Too technical for “non-tech” end-user / administrator
  • 22. 22 Going further with Kong Online materials • Documentation – https://getkong.org/ – https://getkong.org/plugins/ – https://getkong.org/docs/ • Videos & Webinars : – Mashap Youtube Channel – API & Microservices Management with Kong (Webinar) – Microservices Orchestration with Kong, Galileo & Gelato (Webinar)
  • 23. 23 Contact Yohann Ciurlik Managing Solution Architect Digital Customer eXperience (DCX) Capgemini France yohann.ciurlik@Capgemini.com Also on Twitter or LinkedIn