Today’s the day you’ve all been waiting for: Kong Gateway Operator OSS is here. You can read the code and see what a production-grade Kubernetes operator looks like. Authored by multiple Gateway API contributors, Kong Gateway Operator is the de-facto reference for Gateway API implementers on Kubernetes.
Kong Gateway Operator (KGO) 1.2 brings six new features plus a brand new Helm chart that allows you to deploy KGO using tools that you already know and love.
In addition to open sourcing KGO, we’re making Kong Gateway Operator Enterprise available for the first time. Enterprise Kong Gateway customers can use KGO Enterprise at no additional cost, and benefit from automated day 2 operations such as automatic certificate rotation.
Keep reading to learn more about each of the features.
Managed Gateways is a feature that ensures that your gateway instances are always aligned with your intended configuration, leading to more reliable and consistent API management across your Kubernetes clusters.
Kong Gateway Operator 1.0 went GA at API Summit 2023. This release allowed you to work with DataPlane objects directly to deploy Kong Gateway within your clusters. The DataPlane resource is a Kong-specific custom resource definition (CRD), and we wanted to stay as close to the Gateway API as possible.
KGO 1.2 makes our Gateway API support for deploying and managing physical gateways generally available. Configure your gateways using the Gateway resource and Kong Gateway Operator will automatically update any running Kong Gateway instances to match your configuration.
As a concrete example, imagine that you add a new TCP listener to a Gateway resource. Using unmanaged gateways (KIC without KGO) or KGO < 1.2 you’d also have to edit the PodTemplateSpec for your Kong Gateway data planes to configure the stream_listen environment variable. Thanks to the Managed Gateways GA release, this is all taken care of by the kubernetes operator. Configure your Gateway, and KGO will take care of the rest.
In the state of machine identity report, 77% of people shared that their organization has had at least two certificate-based outages in the last two years. Proactive rotation of certificates can prevent costly outages, maintain trust with end-users, and ensure compliance with security standards, thereby safeguarding your business reputation and continuity.
Kong Gateway Operator now provides automation capabilities for certificate rotation thus making this costly operation now much simpler. With deep CertManager integration, KGO can ensure that the certificates used to secure communication between the control plane/data plane are always up to date, ensuring that new configuration is loaded immediately.
The number of people calling your API goes up and down over time. If usage increases, you might not have enough Kong Gateway instances running to handle the load. If usage decreases, you might be spending more money than you need to in order to handle the traffic. Keeping track of utilization manually is a full-time job. By automating scaling decisions, businesses can focus on innovation and growth, knowing their API infrastructure can adapt to changing demands seamlessly.
Fortunately, Kubernetes has a solution. HorizontalPodAutoscaling (HPA) is a core Kubernetes feature for scaling workloads up and down based on performance metrics. If your pods are running at 90%+ utilization, Kubernetes can automatically schedule new pods to help distribute the load across more machines. Then when utilization drops, Kubernetes will shut down the pods that it no longer needs, which saves you money. You will always have the perfect amount of instances to match your current load.
Kong Gateway Operator 1.2 allows you to define autoscaling policies for your Kong Gateway instances. You can define scale up and scale down policies, ensuring that you have just the right number of Kong Gateway instances needed to process your live traffic.
Kubernetes provides CPU and memory-based scaling for free. That’s only part of the story though. Your Kubernetes teams are interested in machine metrics such as CPU, but your users are interested in latency. They don’t care if the Kubernetes pod is at 1% CPU utilization or 99% utilization. If their request is taking 500ms to respond, that’s an issue for them.
Using Kong Gateway’s ability to monitor upstream latency, Kong Gateway Operator makes these metrics available to the Kubernetes HPA system. You can now make decisions about autoscaling based on workload latency in addition to core metrics such as CPU and memory usage. This focus on user experience can enhance customer satisfaction, reduce churn, and position your business as a reliable provider of digital services.
According to the Nielsen Normal Group, the usage of generative AI in business improves performance by 66%. This is an incredible improvement in employee productivity, but it comes with its own challenges. There are no guard rails for many of the AI providers today. There’s no governance around how employees are using the tool, or what information they’re providing to a third-party provider.
Kong's AI Gateway feature addresses the growing need for AI governance in businesses. By integrating AI capabilities with the Kong Gateway Operator, businesses can regulate AI usage, ensuring compliance and security while leveraging AI to enhance productivity and innovation.
Getting started with Kong AI Gateway on Kubernetes has never been easier thanks to the Kong Gateway Operator.
AIGateway CRD with your AI provider credentialsKong Gateway Operator will respond to the AIGateway CRD and deploy a new Kong Gateway instance and preconfigure it with all the required routes and plugins for you to get started.
Managing Kong with Kubernetes resources is great when everything is going well. However, once you step off the happy path you suddenly needed to understand both Kubernetes and Kong in order to interpret the observability data available. The Prometheus metrics published by Kong are a great example of needing to learn how Kubernetes resources are converted to Kong entities in order to interpret the data.
With the Kong Gateway Operator 1.2 release, this pain point disappears. Kong Gateway Operator makes the standard Kong Prometheus metrics available, with Kubernetes resource names added as labels.
Your Kubernetes team no longer needs to learn how Kubernetes resources are translated into Kong entities to build their observability dashboards. They can build filters and aggregations based on the Kubernetes resources that they’re already familiar with.
Want to learn more about Kong Gateway Operator? Get started for free here and see the full list of features, fixes, and updates in the CHANGELOG.
As of September 2025, Kong Gateway Enterprise 3.8 will enter its End Of Life (EOL) phase and will no longer be fully supported by Kong. Following this, Kong Gateway Enterprise 3.8 will enter a 12-month sunset support period, focused on helping cus
We're very excited to announce Kong Mesh 2.12 to the world! Kong Mesh 2.12 delivers two very important features: SPIFFE / SPIRE support, which provides enterprise-class workload identity and trust models for your mesh, as well as a consistent Kuma R
It’s been almost a year since we released our Konnect Terraform provider . In that time we’ve seen over 300,000 installs, have 1.7 times as many resources available, and have expanded the provider to include data sources to enable federated managem
We're happy to announce the 3.5 release of Kong Ingress Controller (KIC). This release includes the graduation of combined services to General Availability, support for connection draining, as well as the start of deprecating support for some Ingre
Update Includes Data Orchestration, CyberArk Support, Solace Integration, and Kafka Schema Validation We’re excited to bring you Kong Gateway Enterprise 3.11 with compelling new features to make your APIs and event streams even more powerful, includ
In this article, which is based on my talk at VueConf Toronto 2023, we'll explore how to harness the power of Vue.js and micro frontends to create scalable, modular architectures that prioritize the developer experience. We'll unveil practical strate
When we released the beta version of Service Catalog last September, it was in service of a greater API discovery vision we had for Kong Konnect as an API platform. In March of this year, we moved closer to fulfilling that vision when we announced