Today, we have really exciting news to share with you all. The Enterprise version of our Kong Gateway is now generally available, and it's like nothing we've ever released before.
One standout component of version 2.3 is that it now has a "free" operating mode so that anyone can start off using the Enterprise gateway product - something previously reserved for only our paying customers.
Version 2.3 also brings several exciting new features that I'll get into in a moment, but before I go any further - I'll let you know that with or without a paid subscription with Kong, you can now download the Enterprise version of Kong Gateway for free here.
It's a Free for All!
The biggest change for our 2.3 gateway is that anyone can now download what we've been calling Kong Gateway Enterprise. You can do so for free today without any paywall or forms to fill out. This Enterprise edition of our gateway is built on the open source gateway with several additional bug fixes since the OSS gateway first released 2.3.0 and also adds some additional testing since then, and notably the inclusion of a user interface, Kong Manager, to help you configure your routes, services, plugins and consumers. If you're just starting out with Kong, we think that this is going to be the easiest, fastest and best way for you to get started.
For those of you who are already Kong customers or are considering becoming one, do note that the Enterprise gateway continues to have differentiated features for those with paid licenses. In order to use our OIDC plugin, Vitals and other paid Enterprise features, you'll need a paid Konnect license. You'll have the option of either running the control plane for your paid license on our SaaS cloud native platform and bringing your own dataplane or managing it yourself. To see what you can get with a subscription, have a look here.
Because of this change - that the Enterprise version of the gateway isn't only applicable to our "Enterprise" subscription package and can also be run in a Free mode - we'll be removing the "Enterprise" terminology from our future blog posts and referring instead to this package as the "Kong Gateway." In order to avoid any confusion/conflation with the Apache 2.0 licensed builds, we'll specifically call out "OSS" as in "Kong Gateway (OSS)" when referring to that build.
We hope all of Kong Nation finds the free additional value of a UI to manage the Kong Gateway useful, and if you want to continue to run only Apache 2.0-licensed code, we continue to provide Kong Gateway (OSS) builds on all of the usual locations. Feel free to post any questions or comments you have on Kong Nation.
Simplified License Management
The Kong Gateway 2.3 brings simplified license management that makes license management easier than before for multiple data planes: if you are a customer bringing your own license, you only need to apply licenses to the Control Plane (CP) to have the licenses distributed down to any of the connected Data Planes (DPs) within the cluster. This should help avoid complex updating and restarting of data planes.
Kong ❤️ UTF-8
As we mentioned in the Kong Gateway (OSS) release blog, with version 2.3, Kong now accepts UTF-8 characters in route and service names. We know that being able to have the gateway support your native character set is important, so now if you want to give a route a name using character sets for Russian, Japanese, Chinese or any number of other languages, you can do so with 2.3 (and yes, emojis are now valid for use in route and service names as well 😊).
New Plugin Capabilities
The Enterprise Rate Limiting Advanced plugin has a new configuration parameter (retry_after_jitter_max) to allow for an additional randomized delay, or jitter, to the "Retry-After" header.
The HTTP Log plugin has been improved to allow you to add headers to the HTTP request. This will help you integrate with many observability systems, including Splunk, the Elastic Stack ("ELK") and others.
Both the Key Authentication plugin and the Enterprise Key Auth – Encrypted plugin have two new configuration parameters: key_in_header and key_in_query. Both are booleans and tell Kong whether to accept (true) or reject (false) passed in either the header or the query string. Both default to "true."
The Request Size Limiting plugin has a new configuration require_content_length that causes the plugin to ensure a valid Content-Length header exists before reading the request body.
And Much More!
Kong Gateway 2.3 introduces some additional new features and fixes, including:
- Postgres connections can now be made using mTLS and SCRAM-SHA-256/SCRAM-SHA-256-PLUS authentication.
- Kong Gateway 2.3 now checks for version compatibility between the control plane and any data planes to ensure the data planes and any plugins have compatibility with the control plane in hybrid mode.
- Certificates now have cert_alt and key_alt fields to specify an alternative certificate and key pair.
- The go-pluginserver stderr and stdout are now written into Kong’s logs, allowing Golang's native log.Printf().
- client_max_body_size and client_body_buffer_size are now configurable. These two parameters used to be hardcoded and set to 10m.
- Custom plugins can now make use of new functionality. kong.node.get_hostname unsurprisingly returns the hostname of the Kong node, kong.cluster.get_id returns a unique global cluster ID (or nil if running in a declarative configuration), and kong.log.set_serialize_value() can now be used to set the format of log serialization in a custom plugin.
The above list only touches on some of the larger improvements and features set for this release. For a complete list of changes, check out the Kong Gateway 2.3 Changelog.
Try it Today!
We're thrilled to be able to share this latest release with you, and we're proud of the contributions from Kong employees, our awesome customers and our great community! Kong Gateway 2.3 is available today as a free trial and for our customers to download.