Kong is proud to announce the release of the latest version of Kong Mesh 2.3. In this release, Kong Mesh continues to build upon the enterprise-grade service mesh in the critical areas of, security, flexibility, and resiliency. As organizations continue to leverage APIs to deliver digital experiences they rely more heavily on the underlying infrastructure that a mesh provides.
The best applications with the best infrastructure aren't safe without a robust security pattern. To ensure Kong Mesh is up to the highest levels of security, version 2.3 uses the latest Envoy proxy version 1.26.
As a further enhancement to the zero-trust framework Kong Mesh deploys, it now also employs least-privilege security defaults in Kubernetes by removing all unnecessary privileges and configuration options in the container.
Whether starting application development from Kubernetes and extending to legacy infrastructure or starting the other way around, ensuring that a secure communication channel exists between the various services is paramount to a robust application.
As Andrey Dubnik, architect at Maersk, mentioned when submitting this feature request on [GitHub](https://github.com/kumahq/kuma/issues/6132)GitHub, "TLS (for Gateway Listeners) enable[s] … [us] to publish the certificate on a mesh gateway without having to configure the TLS on the gateway explicitly."
Workloads can live anywhere globally, sometimes with plenty of bandwidth and other times in constrained or high latency edge deployments.
Kong Mesh 2.3 implements [delta configuration changes](https://github.com/kumahq/kuma/pull/6278)delta configuration changes between the zones sending only what has changed in the configuration updates to the global control plane, thereby reducing the bandwidth overhead. This feature is currently experimental in Kong Mesh 2.3 — and can be enabled by adding the following to the zone plane configuration and restarting the mesh.
KUMA_EXPERIMENTAL_KDS_DELTA_ENABLED=trueKong Mesh 2.3 further enhances the flexibility of the platform by allowing more fine-grained control of how the mesh is installed. This feature maintains the defaults for installations. However, we added the ability to disable options for power users that require more flexibility, such as in a GitOps workflow. Please view [the documentation](https://github.com/kumahq/kuma/blob/master/docs/madr/decisions/025-disable-default-policies.md)the documentation for usage.
Kong Mesh 2.3 brings experimental support for GAMMA (*Gateway API for Mesh Management and Administration) *resources. Kong Mesh has long supported Gateway API with a built-in gateway for ingress traffic. With GAMMA support users can specify how to route and modify in-mesh traffic using the well-known HTTPRoute resource thereby maintaining compatibility and portability across meshes.
For Kubernetes environments, Kong Mesh introduced a host of performance fixes that enable organizations to build and scale at a faster pace. These enhancements are critical for organizations with large Kubernetes clusters that are deploying hundreds and hundreds of services from within the clusters.
As applications in microservices grow, their dependencies become more complex. After all, that's why a service mesh is critical when building microservices at scale. However, those dependencies need to be managed to start and stop at the proper times. Kong Mesh 2.3 introduces better container ordering to ensure predictable behavior in different scenarios.
Kong Mesh 2.3 is a robust release, and this announcement only covers the highlights. You can read more about all the changes at [](https://docs.konghq.com/mesh/changelog/)[https://docs.konghq.com/mesh/changelog/](https://docs.konghq.com/mesh/changelog/)https://docs.konghq.com/mesh/changelog/. And stay tuned for an upcoming video from [Vik Gamov](https://www.linkedin.com/in/vikgamov)Vik Gamov and a blog from [Marcin Skalski](https://www.linkedin.com/in/skalskimarcin/)Marcin Skalski on implementing the global rate-limiting improvements.
The first release of Kong Mesh for 2024 (version 2.6) brings many new features that ease day 0 for new starters of service mesh reinforcing our goal of making a simple yet powerful product! In this blog, we'll break down these new features and provi
[](https://konghq.com/blog/product-releases/kong-mesh-2-6)
In the ever-evolving landscape of digital business operations, staying ahead of the curve requires constant adaptation and innovation. Kong Mesh 2.4 contains several enhancements to help your organization's infrastructure be more efficient. In this
[](https://konghq.com/blog/product-releases/kong-mesh-2-4)
The widespread adoption of Kafka and event streaming platforms is evident across several enterprises, where they serve as the backbone of critical operations, ranging from financial transactions to AI inference pipelines. However, in the domains of
[](https://konghq.com/blog/product-releases/kong-event-gateway-1-1)
Kong Mesh 2.13 delivers full support for Mesh Identity for Kubernetes and Universal mode. Plus, it's been designated as a Long Term Support release, with support for a total of 2 years. But first, what's Kong Mesh for the uninitiated? Built on top
[](https://konghq.com/blog/product-releases/kong-mesh-2-13)
Why are Microservices Security Risks? Traditional security was simple. One perimeter. Few entry points. Clear boundaries. Microservices shattered this model. Now organizations manage hundreds of independent services. The average number of API calls
[](https://konghq.com/blog/engineering/10-ways-microservices-create-new-security-challenges)
Two of the main tenets of Zero Trust are encryption between services and managing the connections each service is allowed to use. Achieving this generally falls to running a service mesh in a Kubernetes cluster. Refactoring applications to run prope
[](https://konghq.com/blog/engineering/zero-trust-on-vms-with-universal-mesh)With microservices architectures being adopted more and more widely, organizations need to adapt their testing strategy in order to capitalize on the advantages of a loosely coupled system. The shift towards microservices is closely related to bot
[](https://konghq.com/blog/learning-center/microservices-testing-guide)