Announcing the GA of Kong Konnect Dedicated Cloud Gateways

Under the hood, Cloud Gateways is powered by Kong Gateway, the world’s most adopted OSS API gateway technology. Kong Gateway is used to manage APIs both at the edge and internally with the same performance and speed, so you not only get its performance but all the functionality and plugins (community & enterprise) that come with it. Kong Konnect operates on top of Kong Gateway as the API management platform. Kong Konnect enables businesses to have comprehensive governance and visibility across API gateways, Kubernetes footprint, and service mesh through a single control plane and you have a winning combination. Cloud Gateways is a core feature of Kong Konnect Gateway Manager while also integrating with other Kong Konnect modules, like Service Hub, Developer Portal, and API Observability.

With Cloud Gateways, Kong meets you where you are in your cloud journey. We believe customers will experience the most value from running Kong in the cloud as a managed service. Now with hybrid and fully managed versions of Kong Konnect, we’re able to support customers wherever they wish to manage their APIs.

Let’s dive into this new capability!

Multi-cloud and multi-region API infrastructure in one click

Running global API infrastructure is a tedious task. It’s expensive, risky, and complex, but our businesses depend on it — because when our API infrastructure experiences downtime, our applications go down. To complicate matters, data has gravity and customers want to build, run, and govern their APIs where their data and workloads reside.

With Cloud Gateways, you can leverage Kong’s expertise in running a modern global API infrastructure for all your applications. By letting Kong shoulder the burden of operating your API infrastructure, you can dramatically improve site reliability engineering (SRE) productivity, reduce costs, and improve your business’ time to market. Cloud Gateways offers the best of both worlds to our customers, enabling them to run on dedicated infrastructure that isn’t shared with any other customer but is extremely easy to use with a serverless-like developer experience.

Choose the regions where you want to run your API gateway infrastructure, and Kong Konnect will provision, upgrade, scale, and run the infrastructure for you. This allows you to define where your data will reside — putting data close to users to reduce latency and satisfy compliance requirements for data residency.

Choose the clouds and regions where you want to deploy your API infrastructure.

The Cloud Gateways GA currently ships with support for AWS in nine regions. Adding support for new regions is easy and entirely customer-driven, so don’t hesitate to let us know about any other location you would like to use. Support for Microsoft Azure and Google Cloud is coming soon.

AWS regional support at GA. We plan to add new regions on a regular basis and based on customer demand.

You can provision as many Cloud Gateways clusters on as many Kong Konnect Control Planes as you need, or you can decide to re-use the same cluster across multiple Kong Konnect Control Plane Groups.

Once provisioned, you can manage your Cloud Gateways clusters in Kong Konnect’s Gateway Manager. Gateway Manager is the cloud management plane for all API gateway control planes provisioned on the platform and gives you both configuration functionality and data plane segregation to scale across multiple teams and applications in the organization. You can also run Cloud Gateways alongside hybrid self-managed gateways, enabling maximum flexibility and architectural freedom when choosing how to run your API infrastructure.

Autopilot and Custom modes

The ability to elastically adjust resources in response to changing demand and ensure optimal performance during peak periods is one of the primary reasons for businesses to move to the cloud.

Cloud Gateways supports two modes of scaling infrastructure to satisfy the needs of every SRE team.

In Autopilot mode, we can pre-warm the cluster for immediate maximum performance.

With Autopilot mode, Kong Konnect automatically and elastically scales to your cluster based on the number of incoming requests in real time to ensure your API traffic is always being served with appropriately sized infrastructure across every cloud and region. This is the hands-off and easy-to-use “serverless” developer experience, but with all the benefits of running on dedicated infrastructure, which makes Autopilot truly a unique offering in the API landscape.

When you need more control over the underlying resources that Cloud Gateways provisions, you can switch to Custom mode and choose the type of instances you want to provision, and for each region how many instances you want to run. Essentially, with Custom mode, you trade in the automated scalability that Autopilot offers for higher predictability and control of the underlying resources being provisioned.

With Custom mode, you have full control of the underlying infrastructure sizing.

By offering both modes, Cloud Gateways provides maximum freedom for our managed API deployment. Combined with self-managed Hybrid mode, Kong Konnect now offers the most comprehensive and flexible API infrastructure deployment.

Private networking

It’s critical that communication between Cloud Gateways — which runs on Kong’s Konnect global cloud infrastructure — and your APIs takes place via secure communication. We offer two types of security strategies that can be implemented to achieve an appropriate level of compliance with your security controls.

First, Cloud Gateways offers native support for AWS Transit Gateway, which allows you to run our API infrastructure as securely as if it were running in your own account. With AWS Transit Gateway, you can connect your Amazon Virtual Private Clouds (VPCs) and on-prem networks through a central hub. In Kong Konnect, you can configure as many Transit Gateways attachments as needed, and even reuse existing Transit Gateway attachments across a region being used by different Cloud Gateways clusters.

With private networking, you can securely link Dedicated Cloud Gateways with your clouds.

You can further improve security by implementing mTLS across the API traffic, and L7 credential injection that can be validated by the receiving applications. And of course, firewall rules as well.

Smart Global DNS

When starting a Cloud Gateways cluster, you can choose to make the APIs available for public consumption on the internet — for edge and mobile applications — or to make them available only internally without any public internet interface — exclusively for internal API traffic. As a matter of fact, you could have many clusters, each one of them with different API access settings.

You can choose different API access settings for a Cloud Gateway cluster.

When provisioning a cluster, each region will be load balanced automatically. You can choose to either consume each region individually with a dedicated DNS address for each, or you can choose to consume all regions by leveraging our smart global DNS capability.

With Smart Global DNS, we’ll automatically provision a DNS address that can communicate with all the clouds and regions where you’ve deployed Cloud Gateways and choose the best region to use for each API request based on real-time performance and latency affinity. This means that implementing multi-cloud and multi-region connectivity with Kong Konnect is as easy as sending requests to the Smart Global DNS, while at the same time being able to automatically accelerate your API experiences by letting Kong Konnect choose the fastest region to use at any given time.

Native support for Kong Gateway and automatic upgrades

With Cloud Gateways, we can leverage the entire Kong Gateway ecosystem, including all plugins, custom plugins, and all existing automation.

This means that migrating to Cloud Gateways from a self-managed version of Kong Gateway is seamless and easy: the same configuration that you’re running today can be easily imported into Cloud Gateways.

You can upgrade across different Kong Gateways versions with one click: Kong Konnect automatically provisions new infrastructure and slowly moves traffic over while automatically monitoring the API traffic for any errors. Upgrades can be manually configured by selecting a new Kong version to upgrade to, and different clusters can run on different supported versions of Kong Gateway. Rollbacks are also automated.

Get started today

With Cloud Gateways, we’ve built the easiest and the fastest way to run a modern API infrastructure, and we plan to continuously add support for other cloud vendors and more regions. To experience Cloud Gateways today, get started with Kong Konnect and register for our upcoming webinar, Global API Infrastructure the Fast and Easy Way.