Product Releases
March 20, 2024
5 min read

Introducing the World’s First OSS Production-Grade Gateway API Operator

Michael Heap
Michael Heap
Sr Director Developer Experience, Kong

Today’s the day you’ve all been waiting for: Kong Gateway Operator OSS is here. You can read the code and see what a production-grade Kubernetes operator looks like. Authored by multiple Gateway API contributors, Kong Gateway Operator is the de-facto reference for Gateway API implementers on Kubernetes.

Kong Gateway Operator (KGO) 1.2 brings six new features plus a brand new Helm chart that allows you to deploy KGO using tools that you already know and love.

In addition to open sourcing KGO, we’re making Kong Gateway Operator Enterprise available for the first time. Enterprise Kong Gateway customers can use KGO Enterprise at no additional cost, and benefit from automated day 2 operations such as automatic certificate rotation.

Keep reading to learn more about each of the features.

Managed Gateways GA (OSS)

Managed Gateways is a feature that ensures that your gateway instances are always aligned with your intended configuration, leading to more reliable and consistent API management across your Kubernetes clusters.

Kong Gateway Operator 1.0 went GA at API Summit 2023. This release allowed you to work with DataPlane objects directly to deploy Kong Gateway within your clusters. The DataPlane resource is a Kong-specific custom resource definition (CRD), and we wanted to stay as close to the Gateway API as possible.

KGO 1.2 makes our Gateway API support for deploying and managing physical gateways generally available. Configure your gateways using the Gateway resource and Kong Gateway Operator will automatically update any running Kong Gateway instances to match your configuration.

As a concrete example, imagine that you add a new TCP listener to a Gateway resource. Using unmanaged gateways (KIC without KGO) or KGO < 1.2 you’d also have to edit the PodTemplateSpec for your Kong Gateway data planes to configure the stream_listen environment variable. Thanks to the Managed Gateways GA release, this is all taken care of by the Kong Gateway operator. Configure your Gateway, and KGO will take care of the rest.

Effortless K8s Ingress Automation: Master the Kong Gateway Operator

Automatic Certificate Rotation (Enterprise)

In the state of machine identity report, 77% of people shared that their organization has had at least two certificate-based outages in the last two years. Proactive rotation of certificates can prevent costly outages, maintain trust with end-users, and ensure compliance with security standards, thereby safeguarding your business reputation and continuity.

Kong Gateway Operator now provides automation capabilities for certificate rotation thus making this costly operation now much simpler. With deep CertManager integration, KGO can ensure that the certificates used to secure communication between the control plane/data plane are always up to date, ensuring that new configuration is loaded immediately.

HPA-Based Gateway Autoscaling (OSS)

The number of people calling your API goes up and down over time. If usage increases, you might not have enough Kong Gateway instances running to handle the load. If usage decreases, you might be spending more money than you need to in order to handle the traffic. Keeping track of utilization manually is a full-time job. By automating scaling decisions, businesses can focus on innovation and growth, knowing their API infrastructure can adapt to changing demands seamlessly.

Fortunately, Kubernetes has a solution. HorizontalPodAutoscaling (HPA) is a core Kubernetes feature for scaling workloads up and down based on performance metrics. If your pods are running at 90%+ utilization, Kubernetes can automatically schedule new pods to help distribute the load across more machines. Then when utilization drops, Kubernetes will shut down the pods that it no longer needs, which saves you money. You will always have the perfect amount of instances to match your current load.

Kong Gateway Operator 1.2 allows you to define autoscaling policies for your Kong Gateway instances. You can define scale up and scale down policies, ensuring that you have just the right number of Kong Gateway instances needed to process your live traffic.

Latency-Based Workloads Autoscaling (Enterprise)

Kubernetes provides CPU and memory-based scaling for free. That’s only part of the story though. Your Kubernetes teams are interested in machine metrics such as CPU, but your users are interested in latency. They don’t care if the Kubernetes pod is at 1% CPU utilization or 99% utilization. If their request is taking 500ms to respond, that’s an issue for them.

Using Kong Gateway’s ability to monitor upstream latency, Kong Gateway Operator makes these metrics available to the Kubernetes HPA system. You can now make decisions about autoscaling based on workload latency in addition to core metrics such as CPU and memory usage. This focus on user experience can enhance customer satisfaction, reduce churn, and position your business as a reliable provider of digital services.

AI Gateway (OSS)

According to the Nielsen Normal Group, the usage of generative AI in business improves performance by 66%. This is an incredible improvement in employee productivity, but it comes with its own challenges. There are no guard rails for many of the AI providers today. There’s no governance around how employees are using the tool, or what information they’re providing to a third-party provider.

Kong's AI Gateway feature addresses the growing need for AI governance in businesses. By integrating AI capabilities with the Kong Gateway Operator, businesses can regulate AI usage, ensuring compliance and security while leveraging AI to enhance productivity and innovation. You can learn more about Kong’s AI capabilities in our dedicated AI showcase

Getting started with Kong AI Gateway on Kubernetes has never been easier thanks to the Kong Gateway Operator.

  1. Create an AIGateway CRD with your AI provider credentials
  2. There is no Step 2

Kong Gateway Operator will respond to the AIGateway CRD and deploy a new Kong Gateway instance and preconfigure it with all the required routes and plugins for you to get started.

Kubernetes Native Metrics (Enterprise)

Managing Kong with Kubernetes resources is great when everything is going well. However, once you step off the happy path you suddenly needed to understand both Kubernetes and Kong in order to interpret the observability data available. The Prometheus metrics published by Kong are a great example of needing to learn how Kubernetes resources are converted to Kong entities in order to interpret the data.

With the Kong Gateway Operator 1.2 release, this pain point disappears. Kong Gateway Operator makes the standard Kong Prometheus metrics available, with Kubernetes resource names added as labels. 

Your Kubernetes team no longer needs to learn how Kubernetes resources are translated into Kong entities to build their observability dashboards. They can build filters and aggregations based on the Kubernetes resources that they’re already familiar with.

Try Kong Gateway Operator 1.2

Want to learn more about Kong Gateway Operator? Get started for free here and see the full list of features, fixes, and updates in the CHANGELOG.

Kong Gateway Operator: Streamline K8s Ingress & Empower DevOps with Automated Management