Blog
  • AI Gateway
  • AI Security
  • AIOps
  • API Security
  • API Gateway
    • API Management
    • API Development
    • API Design
    • Automation
    • Service Mesh
    • Insomnia
  1. Home
  2. Blog
  3. Product Releases
  4. Announcing Kong Operator 2.0
Product Releases
October 1, 2025
3 min read

Announcing Kong Operator 2.0

Justin Davies
Product Manager, Mesh and Kubernetes, Kong

We're very excited to announce Kong Operator 2.0! Kong Operator is an evolution of Kong Ingress Controller (KIC) and Kong Gateway Operator into a single Kubernetes offering to simplify deployment, management, configuration, and upgrades of your Kong Gateway instances on Kubernetes.

Simplified controller configuration

When using the Kong Ingress Controller, a significant amount of effort was needed to apply configuration to the controller by setting environment variables. The new ControlPlane resource greatly simplifies this and allows you to set configuration once at the Control Plane level using native Kubernetes resources. For example, if you wanted to enable Combine HTTP Routes in KIC, you would need to set the environment variable:

But in KO 2.0, this is set at the Controller level as a configuration in the Control Plane spec:

Having this configuration in one central CRD with other options like watchNamespaces greatly simplifies configuration, linting, and validation of your Kong Gateways.

Reduced role-based configuration

A significant advantage for customers stems from Kong Operator's direct embedding of Kong Ingress Controller (KIC) instances within its own process. This architectural shift removes the requirement for the operator to request cluster-wide privileges each time a new KIC deployment is created. Previously, every ControlPlane reconciler needed permissions to create, update, or delete ClusterRoles, ClusterRoleBindings, and ServiceAccounts.

Now, KIC instances inherit their permissions from the service account linked to Kong Operator. This offers customers two key benefits:

  • Reduced complexity: The proliferation of RBAC objects created per deployment is eliminated. Everything is streamlined under a single, predictable service account.
  • Improved security posture: By removing the need for repeated creation of highly privileged resources, the overall attack surface is reduced. Customers can be confident that KIC instances operate strictly within the boundaries of the operator’s role definitions.

Saying goodbye to TCPIngress and UDPIngress

As the Kubernetes ecosystem has evolved, so has Kong Operator. TCPIngress and UDPIngress custom resources are officially deprecated, and they've been removed in Kong Operator 2.0.

These resources were introduced to fill gaps in the early days of the Kubernetes Ingress API, providing much-needed flexibility for routing TCP and UDP traffic. But with the rise and broad adoption of the Gateway API, those gaps are now closed. The Gateway API delivers a richer, standardized way to configure networking across clusters, making TCPIngress and UDPIngress both redundant and a source of potential confusion.

By retiring these older resources, we’re streamlining the experience and encouraging customers to embrace the Gateway API as the modern, future-proof path forward. This means clearer configurations, stronger ecosystem alignment, and less fragmentation for everyone.

Kong Konnect and Gateway API

While this is a significant change for the better for our Kubernetes customers, we know there is more to do. When using Konnect and KIC, your Gateway is marked as Read Only. This is because the configuration control is in Kubernetes configuration. With Kong Operator 2.1, we will be bringing support for the Kubernetes Gateway API to Konnect control planes. This unlocks the entire Kong API ecosystem to our customers, including Dev Portal, Service Catalog, and Debuggability, while giving you Gateway API support — the best of both worlds!

Meet us at API Summit 2025

Mattia Lavacca and I will be talking about building a first-class Kubernetes experience in Konnect at API Summit 2025. Don't have your tickets yet? Register for API Summit now!

Power your APIs with Kong Gateway

Learn MoreGet a Demo
Topics:Kubernetes
|
Kubernetes Operator
|
Kong Ingress Controller
|
API Gateway
Powering the API world

Increase developer productivity, security, and performance at scale with the unified platform for API management, AI gateways, service mesh, and ingress controller.

Sign up for Kong newsletter

Platform
Kong KonnectKong GatewayKong AI GatewayKong InsomniaDeveloper PortalGateway ManagerCloud GatewayGet a Demo
Explore More
Open Banking API SolutionsAPI Governance SolutionsIstio API Gateway IntegrationKubernetes API ManagementAPI Gateway: Build vs BuyKong vs PostmanKong vs MuleSoftKong vs Apigee
Documentation
Kong Konnect DocsKong Gateway DocsKong Mesh DocsKong AI GatewayKong Insomnia DocsKong Plugin Hub
Open Source
Kong GatewayKumaInsomniaKong Community
Company
About KongCustomersCareersPressEventsContactPricing
  • Terms•
  • Privacy•
  • Trust and Compliance
  • © Kong Inc. 2025