We’re excited to announce the release of Kong Mesh and Kuma 2.1! In this release, we’re shipping the full suite of new and improved policies announced (and started) in 2.0. Additionally, we’re launching some more great UX improvements in the UI and a host of smaller fixes.
In order to take advantage of the latest and greatest in service mesh, we strongly suggest upgrading to Kong Mesh 2.1. Upgrading is simple through kumactl or Helm.
Notable features:
As a refresher, the new selectors use a targetRef system (inspired by GatewayAPI) to select which meshes, services, data plane proxies, etc. are targeted by specific policies. Multiple rules can be specified in the same policy (as supported today) or many different policies can be created targeting different subsets. With the new policy system in Mesh 2.1 the policies will be merged together in the correct precedence rules before calculating and pushing the configuration out to the Envoy dataplane.
If you want to read more about the reasoning behind switching and the design of this new policy matching system, check out the blog post Flexible Policy Match in Kuma 2.0 by our Mesh Engineering Manager Charly.
Below is an example of a new MeshHTTPRoute using targetRef selectors:
Figure 1 : Example of a next-gen MeshHTTPRoute policy
In this example, we can see that we’re applying the policy to our frontend service, and specifying that all the traffic flowing to our backend service at the /api path should be balanced between version 1.0 and 2.0 according to the weighting configuration in the policy.While slightly more verbose than the previous TrafficRoute policy, this new selector scheme allows more flexible and granular control. Additionally, we’ll now take care of merging (according to the documented precedence rules) policies that target the same data plane proxies, rather than only choosing the most specific policy (as was the case pre v2.0).
In 2.0 we implemented 3 policies using this new matching system:
[caption id="attachment_47545" align="aligncenter" width="1024"]
Figure 2: New, cleaner navigation menu[/caption]
Having quick access to the visualization of the policies is critical for managing complex applications. In order to simplify that all of the Kong Mesh policies have been collapsed into a single Policies screen and are now accessible via a dropdown when navigating through them, as shown in Figure 2.
[caption id="attachment_47546" align="aligncenter" width="1024"]
Figure 3: Policies are now listed in a dropdown[/caption]
Furthering the simplification of management, we’ve also added the ability to filter in the UI via a number of metadata fields (e.g., name, tag). These can be combined to provide very specific views of your data planes and services:
[caption id="attachment_47547" align="aligncenter" width="1024"]
Figure 4: New metadata filtering available in the UI and API[/caption]
Debugging Envoy configuration is essential when operating a mesh, so we’ve made it easy to see full XDS configuration for each data plane proxy in the UI, including a regex-enabled search capability to inspect config dump information without having to manually interact with the cluster.
[caption id="attachment_47548" align="aligncenter" width="1024"]
Figure 5: Live search and debugging capabilities for Envoy data plane configuration[/caption]
We’re excited about how the UI is looking and many more UI improvements are coming in the next few releases, so stay tuned!
Get in touch with Kong to learn more about Kong Mesh and how to build an enterprise service mesh. You can also download Kong Mesh and get started for free.
As of September 2025, Kong Gateway Enterprise 3.8 will enter its End Of Life (EOL) phase and will no longer be fully supported by Kong. Following this, Kong Gateway Enterprise 3.8 will enter a 12-month sunset support period, focused on helping cus
We're very excited to announce Kong Mesh 2.12 to the world! Kong Mesh 2.12 delivers two very important features: SPIFFE / SPIRE support, which provides enterprise-class workload identity and trust models for your mesh, as well as a consistent Kuma R
It’s been almost a year since we released our Konnect Terraform provider . In that time we’ve seen over 300,000 installs, have 1.7 times as many resources available, and have expanded the provider to include data sources to enable federated managem
We're happy to announce the 3.5 release of Kong Ingress Controller (KIC). This release includes the graduation of combined services to General Availability, support for connection draining, as well as the start of deprecating support for some Ingre
Update Includes Data Orchestration, CyberArk Support, Solace Integration, and Kafka Schema Validation We’re excited to bring you Kong Gateway Enterprise 3.11 with compelling new features to make your APIs and event streams even more powerful, includ
When we released the beta version of Service Catalog last September, it was in service of a greater API discovery vision we had for Kong Konnect as an API platform. In March of this year, we moved closer to fulfilling that vision when we announced
The new Kong Konnect Dev Portal is now generally available for all users! In March, we announced the public beta version of our reimagined Dev Portal. We set out to fully address the needs of the modern API consumer as well as the needs of the moder