We're very excited to announce Kong Mesh 2.12 to the world! Kong Mesh 2.12 delivers two very important features: SPIFFE / SPIRE support, which provides enterprise-class workload identity and trust models for your mesh, as well as a consistent Kuma Resource Identifier (KRI) naming convention for resources in the Mesh. Read on to learn more!
But first, what's Kong Mesh for the uninitiated?
Building on top of the open source Kuma service mesh, Kong Mesh is all about simplicity and bringing enterprise features to our customers. Kong Mesh is built for smooth operations with platform teams in mind, providing security, observability, and traffic control for modern, distributed applications. A single mesh can seamlessly span multiple zones: multiple cloud providers, Kubernetes clusters, and traditional server (VM / bare-metal) environments, while offering zero-trust security, multiple isolated mesh support, and global/remote control planes. Konnect Mesh Manager provides a global view across all your Mesh deployments. With Kong Mesh, organizations can deploy with confidence and efficiency, managing mission-critical services reliably at high performance.
MeshIdentity defines how workloads in a mesh obtain their cryptographic identity. It separates the responsibility of issuing identities from establishing trust, enabling Kong Mesh to adopt SPIFFE-compliant practices while remaining flexible and easy to use.
With MeshIdentity, you can:
Whilst this provides SPIFFE-compliant practices, we also worked on being able to integrate with a SPIRE agent running on your Kubernetes nodes to be able to obtain their SPIFFE Verifiable Identity Documents:
If you're using SPIRE, it's classed as the Trust authority for the Mesh, and for customers that have not rolled out SPIRE in their organisations, we've also introduced the concept of MeshTrust.
This allows you to validate the workload identity back to the MeshTrust authority that you control. Currently, this is only supported on Kubernetes environments, and we're working on cross-zone identity in the next release of Kong Mesh.
To help with how you consume, aggregate, and draw value from service-to-service metrics, as well as how to define Services and their Identity, we took on the rather large effort of introducing a consistent naming convention for Mesh resources.
This has a number of benefits, including being able to inspect individual resources through the Inspect API, as well as browsing resources in Mesh Manager.
We'll continue to drive consistency across Kong Mesh resources to help with metrics and observability in the near future.
For a deeper dive into a complete list of features, updates, and changes, please refer to the CHANGELOG here.
Want to see Kong Mesh in action? Request a demo or start using Kong Mesh today.
Thank you for your continued support and trust in our product.
As of September 2025, Kong Gateway Enterprise 3.8 will enter its End Of Life (EOL) phase and will no longer be fully supported by Kong. Following this, Kong Gateway Enterprise 3.8 will enter a 12-month sunset support period, focused on helping cus
It’s been almost a year since we released our Konnect Terraform provider . In that time we’ve seen over 300,000 installs, have 1.7 times as many resources available, and have expanded the provider to include data sources to enable federated managem
If you build APIs, you’ve probably been in two kinds of conversations. One is the war room, where the team is chasing a latency spike, an outage, or a sudden drop in traffic. The other is the boardroom, where you need to show how the platform is pe
We're happy to announce the 3.5 release of Kong Ingress Controller (KIC). This release includes the graduation of combined services to General Availability, support for connection draining, as well as the start of deprecating support for some Ingre
We’re excited to announce the beta support for Mesh Manager in the Konnect Terraform Provider — a new tool that brings the power of infrastructure-as-code to Kong’s Service Mesh management platform. This provider enables engineering teams to decla
Update Includes Data Orchestration, CyberArk Support, Solace Integration, and Kafka Schema Validation We’re excited to bring you Kong Gateway Enterprise 3.11 with compelling new features to make your APIs and event streams even more powerful, includ