Kong Gateway 3.4 for OSS: Bring Your Own Language with WebAssembly!

The Kong Gateway 3.4 for Open Source (OSS) release is massive for our community users. Notably, this release introduces support for WebAssembly (Wasm), bringing a new level of extensibility and customization to Kong Gateway.

Read on to learn more about the new capabilities in Kong Gateway 3.4 for OSS.

Bring your own language with WebAssembly BETA

We've been hard at work to add support for Wasm, and we're thrilled to deliver on this effort in Kong Gateway 3.4. Starting in 3.4 as a beta feature, all Kong Gateway users will be able to write Wasm filters in both Rust and Go, with zero external dependencies.

This is a massive win for customers who want to extend Kong Gateway in their preferred programming language. Over time we will add more language support for Wasm — with the ultimate goal of any developer being able to extend Kong Gateway in the language they're comfortable with. This means less specialized knowledge will be required to customize Kong Gateway capabilities over time — allowing users to get up and running faster, with the languages and tools they already know.

This demonstrates our commitment to embracing innovative technologies and our promise to make them accessible to our community. Stay tuned for an upcoming blog post on how you can get started with Wasm.

We welcome everyone to provide feedback on Kong Nation and report any issues on GitHub. Please note that for the duration of the Beta, we'll be using the docs on the repo as the reference documentation. When Wasm support is graduated to GA, we'll port them to our primary documentation site.

Don't want to use Wasm? No problem! The module is disabled by default. The Wasm module is dynamic: this means there's no additional memory dedicated to running Wasm with the module disabled.

TCP/UDP firewall rules supported in the IP Restriction plugin GA

TCP/UDP-based firewall rules represent some of the most common types of rules across the internet. The reason is simple: they can be very effective. If you're certain that an IP or CIDR space must be blocked, doing so at the TCP/UDP level is the quickest and cheapest way to do it.

Targeting lower-level protocols for deny/allow behavior means using fewer resources to reach that goal without unwrapping the packet for any higher-level information that could be harmful to your systems or target a vulnerability in a higher-level protocol.

Given the value provided by this capability, we're happy to announce that both TCP and UDP-based restrictions are now supported in the IP Restriction plugin. This is in addition to the gRPC, gRPCS, http, and https restrictions you could already define.

Next Steps

For a full list of features, fixes, and updates, please see the available CHANGELOG Kong Gateway 3.4 for OSS here. Download Kong Gateway 3.4 for open source. Or sign up for Kong Konnect for free. It's the fastest way to experience Kong Gateway 3.4.