Announcing Kong Konnect Dedicated Cloud Gateways in Tech Preview
CTO and Co-Founder
We’re excited to announce that the tech preview of Dedicated Cloud Gateways (SaaS) in Kong Konnect is finally here! Dedicated Cloud Gateways are the easiest way to run performant, scalable, and highly available global API management infrastructure with Kong Gateway on Kong Konnect, Kong’s unified API platform.
With the new Dedicated Cloud Gateways (SaaS) capability we’ve crafted a cloud offering that allows you to finally run multi-cloud and multi-region distributed API management infrastructure at the edge or internally with 1-click. No downtime for upgrades, elastic automated scalability to handle all API traffic workloads, and support for private networking to securely connect your cloud with Kong Konnect — all this is part and parcel of Dedicated Cloud Gateways.
Under the hood, Dedicated Cloud Gateways are powered by Kong Gateway, the world’s most adopted OSS API gateway technology. This is used to manage APIs both at the edge and internally with the same performance and speed. This also means that you get all the Kong Gateway capabilities and plugins with Dedicated Cloud Gateways — including support for custom plugins — while also integrating with other Kong Konnect modules, like Service Hub, Developer Portal, and API Observability.
Let’s dive into this new capability!
Multi-cloud and multi-region API infrastructure in 1-click
Running global API infrastructure is a tedious task. It’s expensive, it’s risky, and it’s complex. Furthermore, our business depends on it, because when our API infrastructure experiences downtime, our applications are down.
With Dedicated Cloud Gateway, you can leverage Kong’s expertise to run a modern global API infrastructure for all your applications. This means you can dramatically improve SRE productivity, reduce costs, and enjoy the benefits of simplified operations when running on one or more cloud providers. Dedicated Cloud Gateways offer the best of both worlds to our customers, enabling them to run on dedicated infrastructure that isn’t shared with any other customer but is extremely easy to use with a serverless-like developer experience.
Using Dedicated Cloud Gateway, you can choose the clouds and regions where you want to run your API gateway infrastructure, while Kong Konnect takes care of provisioning, upgrading, scaling, and running the infrastructure for you.
Choose the clouds and regions where you want to deploy your API infrastructure.
The Dedicated Cloud Gateways tech preview ships with support for AWS and seven regions. At GA in early 2024, we plan to add support for Microsoft Azure and Google Cloud (GCP) as well. Adding support for new regions is easy and entirely customer-driven, so don’t hesitate to let us know about any other location that you would like to use.
AWS regional support at Tech Preview. We plan to add new regions every month.
You can provision as many Dedicated Cloud Gateways clusters on as many Kong Konnect Control Planes as you need, or you can decide to re-use the same cluster across multiple Kong Konnect Control Plane Groups.
Once provisioned, you can manage your Dedicated Cloud Gateways clusters in Kong Konnect’s Gateway Manager.
Gateway Manager is the cloud management plane for all API gateway control planes provisioned on the platform and gives you both configuration and data plane segregation to scale across multiple teams and applications in the organization. You can also run Dedicated Cloud Gateways alongside the Hybrid self-managed gateways, enabling maximum flexibility and architectural freedom when choosing how to run your API infrastructure.
Autopilot and Custom modes
Dedicated Cloud Gateways support two modes of operation to satisfy the needs of every SRE team.
In Autopilot mode, we can pre-warm the cluster for immediate maximum performance.
With Autopilot mode, Kong Konnect will automatically and elastically scale to your cluster based on the number of incoming requests at any given time to ensure that your API traffic is always being served with the appropriate sizing across every cloud and every region. This is a “serverless” developer experience that is hands-off and easy to use but with all the benefits of running on dedicated infrastructure, which makes Autopilot truly a unique offering in the API landscape.
When you need more control over the underlying resources than Dedicated Cloud Gateways provisions, you can switch to Custom mode where you can choose the type of instances that you want to provision, and for each region how many instances you want to run. Essentially, with Custom mode, you trade in the automated scalability that Autopilot offers for higher predictability and control of the underlying resources that are being provisioned.
With Custom mode, you have full control of the underlying infrastructure sizing.
By offering both modes, Dedicated Cloud Gateways allows for maximum freedom for our managed API deployment. Combined with self-managed Hybrid mode, Kong Konnect offers the most complete API infrastructure deployment in the world.
It’s critical that communication between Dedicated Cloud Gateways — which run on Kong’s Konnect global cloud infrastructure — and your APIs takes place via secure communication. As such, we offer two types of security strategies that can be implemented to achieve an appropriate level of compliance with your security controls.
First, Dedicated Cloud Gateways offers native support for AWS Transit Gateway, which allows you to run our API infrastructure as securely as if it were running in your own account. With AWS Transit Gateway, you can connect your Amazon Virtual Private Clouds (VPCs) and on-prem networks through a central hub. In Kong Konnect, you can configure as many Transit Gateways attachments as needed, and even reuse existing transit gateway attachments across a region that is being used by different Dedicated Cloud Gateway clusters.
With private networking, you can securely link Dedicated Cloud Gateways with your clouds.
You can further improve security by implementing mTLS across the API traffic, and L7 credential injection that can be validated by the receiving applications. And of course, firewall rules as well.
Smart Global DNS
When starting a Dedicated Cloud Gateway cluster, you can choose to make the APIs available for public consumption on the internet — for edge and mobile applications — or to make them available only internally without any public internet interface — exclusively for internal API traffic. As a matter of fact, you could have many clusters, each one of them with different API access settings.
You can choose different API access settings for a Dedicated Cloud Cluster.
Then, when provisioning a cluster, each region will be load balanced automatically and you can choose to either consume each region individually with a dedicated DNS address for each, or you can also choose to consume all regions by leveraging our smart global DNS capability.
With Smart Global DNS, we’ll automatically provision a DNS address that can communicate with all the clouds and regions where you’ve deployed Dedicated Cloud Gateways and choose the best region to use for each API request based on real-time performance and latency affinity. This means that implementing multi-cloud and multi-region connectivity with Kong Konnect is as easy as sending requests to the Smart Global DNS, while at the same time being able to automatically accelerate your API experiences by letting Kong Konnect choose the fastest region to use at any given time.
Native support for Kong Gateway and automatic upgrades
With Dedicated Cloud Gateways, we can leverage the entire Kong Gateway ecosystem, including all plugins, custom plugins, and all existing automation.
This also means that migrating to Dedicated Cloud Gateways from a self-managed version of Kong Gateway is also seamless and easy: the same configuration that you are running today can be easily imported into Dedicated Cloud Gateways.
Upgrades across different Kong Gateway versions are also easy and done in 1-click: Kong Konnect automatically provisions new infrastructure and slowly moves traffic over while automatically monitoring the API traffic for any errors. Upgrades can be manually configured by selecting a new Kong version to upgrade to, and different clusters can run on different supported versions of Kong Gateway. Rollbacks are also automated.
We built the easiest way to run modern API infrastructure in the world, and we’re giving out access to Dedicated Cloud Gateways for evaluations in preparation for the GA announcement in early 2024, which we plan to ship with support for other cloud vendors and more regions.
Get started today
We’re offering Dedicated Cloud Gateways in tech preview to organizations that want to start evaluating this capability today, and plan a smooth transition to modern managed API infrastructure at GA when it will be generally available to every customer.