See what makes Kong the fastest, most-adopted API gateway
Check out the latest Kong feature releases and updates
Single platform for SaaS end-to-end connectivity
Enterprise service mesh based on Kuma and Envoy
Collaborative API design platform
How to Scale High-Performance APIs and Microservices
Call for speakers & sponsors, Kong API Summit 2023!
4 MIN READ
Today, we are excited to announce the release of Kong 1.3! Our engineering team and awesome community has contributed numerous features and improvements to this release. Based on the success of the 1.2 release, Kong 1.3 is the first version of Kong that natively supports gRPC proxying, upstream mutual TLS authentication, along with a bunch of new features and performance improvements.
Read on below to understand more about Kong 1.3’s new features, improvements and fixes, and how you can take advantage of those exciting changes. Please also take a few minutes to read our Changelog as well as the Upgrade Path for more details.
We have observed increasing numbers of users shifting towards Microservices architecture and heard users expressing their interests in native gRPC proxying support. Kong 1.3 answers this by supporting gRPC proxying natively, bringing more control and visibility to a gRPC enabled infrastructure.
protocol
grpc
grpcs
Kong has long supported TLS connection to the upstream services. In 1.3, we added the support for Kong to present a specific certificate while handshaking with upstream for increased security.
Service
client_certificate
Certificate
In Kong 1.3, we have open sourced the Sessions Plugin (previously only available in Kong Enterprise) for all users to use. Combined with other authentication plugins, it allows Kong to remember browser users that have previously authenticated. You can read the detailed documentations here.
Kong 1.3 ships with fixes to the NGINX HTTP/2 module (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516). We also released Kong 1.0.4, 1.1.3, 1.2.2 to patch the vulnerabilities in older versions of Kong in case upgrade to 1.3 can not happen immediately.
The version of OpenResty has been bumped to the latest OpenResty release – 1.15.8.1 which is based on Nginx 1.15.8. This release of OpenResty brought better behavior while closing upstream keepalive connections, ARM64 architecture support and LuaJIT GC64 mode. The most noticeable change is that Kong now runs ~10% faster in the baseline proxy benchmarks with key authentication thanks to the LuaJIT compiler generating more native code and OpenResty storing request context data more efficiently.
Host
kong config db_export
error.log
reuseport
deferred
bind
Kong 1.3 also contains improvements regarding new entities for storing CA Certificates (certificates without a private key), Admin API interface and more PDK functions. We also fixed a lot of bugs along the way. Because of the amount of new features in this release, we can not go over all of them in this blog post and instead encourage you to read the full Changelog here.
We also added a new section to the kong.conf template to better explain the capabilities of injected NGINX directives. For users who have customized templates for adding just a few NGINX directives, we recommend switching over to use the injected NGINX directives instead for better upgradability.
kong.conf
As always, the documentation for Kong 1.3 is available here. Additionally, as mentioned above, we will be discussing the key features in 1.3 in subsequent posts and on community calls, so stay tuned!
Thank you to our community of users, contributors, and core maintainers for your continuing support of Kong’s open source platform.
Please give Kong 1.3 a try, and be sure to let us know what you think!
As usual, feel free to ask any question on Kong Nation, our Community forum. Learning from your feedback will allow us to better understand the mission-critical use-cases and keep improving Kong.
Happy Konging!
Share Post
Download Kong 1.3
Install Kong