Kong Mesh 2.6: More Flexibility, Usability, and Security

February 1, 2024

3 min read

Charly Molter

Senior Engineering Manager, KIC, Kong

The first release of Kong Mesh for 2024 (version 2.6) brings many new features that ease day 0 for new starters of service mesh reinforcing our goal of making a simple yet powerful product!

In this blog, we'll break down these new features and provide tailored use cases to illustrate how Kong Mesh 2.6 can elevate your service mesh experience. We'll focus on three main categories: flexibility, usability, and security.

Flexibility: Easier migration from single zone to multi-zone

Kong Mesh has a unique way to achieve multi-zone connectivity: federation. A global control plane provides a single pane of glass to observe and control your traffic.

Up until now, users needed to decide whether they’d go single zone or multi-zone. In 2.6.x we removed the standalone mode, and you can start a zone without having a global control plane. You can later add a global control plane and start your multi-zone story.

For existing users of standalone, this change is completely transparent; we’ll transparently convert your standalone cluster into a zone cluster without a global when upgrading.

This also means that if you’re using standalone you can now use Kong Konnect and leverage features that are unique to our SaaS offering.

Usability: MeshMetric policy

MeshMetric completes our observability story for targetRef policies along with MeshTrace and MeshAccessLog . You can now configure how metrics are exposed in a very granular manner. We even support exporting metrics using OTLP so that Kong Mesh can completely embrace open telemetry for each of the three types of observability data.

Here’s an example of such a policy:

Usability: Use only targetRef policies

TargetRef policies have been a year-long effort, and we’re excited to announce that these are now default. If you’re not familiar with this Gateway API-inspired way to define policy matching, check out this blog on flexible policy match or our upcoming webinar Getting Started with TargetRef Policies on Kong Mesh.

New users will not have to deal with the older versions of policies, which should make it simpler and more straight-forward to get started.

Security: Apply policies directly in your zone

Up until now, when using a multi-zone deployment to change/add policies it was required to connect to the global control-plane.

Some users prefer to have the global control plane read-only for users other than mesh administrators. With this new feature, it’s now possible to have service owners manage their policies directly from their zones and lock down the global control plane to only administrators.

This has the added benefit of being able to use our SaaS offering Kong Konnect but still relying on policies managed in Kubernetes through for example gitOps and integrating it in your Argo pipeline.

Conclusion

Kong Mesh 2.6 offers a powerful toolset tailored to your organization's objectives. Whether you need resource efficiency, reliability, cost optimization, compliance, or enhanced security, Kong Mesh has the features to address your specific use cases.

Take advantage of these innovations to take your organization to the next level. With Kong Mesh 2.6, you can achieve a service mesh environment that aligns perfectly with your unique requirements and objectives.

Want to see Kong Mesh in action? Request a demo or download Kong Mesh today.

Topics:Service Mesh

API Management

API Security

The API Platform for AI.