SlideShare ist ein Scribd-Unternehmen logo

Introduction to Kong API Gateway

Yohann Ciurlik
Yohann Ciurlik

Introduction to Kong, an open-source cloud-native, fast, scalable, and distributed API Gateway.

Technologie
1 von 24
Downloaden Sie, um offline zu lesen
KONG An API Gateway Yohann Ciurlik Date : October 17th 2017 Version : 1.1
Introduction
3 Introduction Quick overview • Open-source cloud-native, fast, scalable, and distributed Microservice Abstraction Layer • Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015 by Mashape. • Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations. • Licensing model : – Enterprise Edition (EE) – Community Edition (CE)
4 Introduction What is Kong ? • Kong is an API gateway : it’s a form of middleware between computing clients and your API-based applications. • Kong easily and consistently extends the features of your APIs. Some of the popular features deployed through Kong include : – authentication, – security, – traffic control, – serverless, – analytics & monitoring, – request/response transformations – and logging.
5 Introduction Why use Kong ? • Kong is : – Radically Extensible – Blazingly Fast – Open Source – Platform Agnostic – Cloud Native – RESTful
Community Edition (CE)
7 Community Edition (CE) Focus on Community Edition (CE) • Available on Github – Actual version : 0.11.0 – Apache v2 licensing – 3500 commits, 12,5 k*, 1400 forks • No UI & Analytics on CE (!!!) – OS community UI : • Konga • Kongdash, • Kong Dashboard (desktop) – Analytics : • ELK • Runscope, Datadog, …
8 Community Edition (CE) A lot of open source plugins • Authentication – Basic – Key – HMAC – OAUth 2 – LDAP – JWT • Security – ACL – CORS – Dynamics SSL – IP Restriction – Bot Detection • Traffic control – Rate Limiting – Response Rate Limiting – Request Size Limiting – Request termination • Analytics & Monitoring – Galileo – Datadog – Runscope • Transformations – Request Transformer – Response Transformer – Correlation ID • Serverless – AWS Lambda – OpenWhisk • Logging – TCP – UDP – HTTP – File – Syslog – StatsD – Loggly
Enterprise Edition (EE)
10 Enterprise Edition (EE) Benefits • Admin GUI • Dev Portal • API Analytics • More scalability • More security • 24/7 support • More information on https://konghq.com/kong-enterprise-edition/
11 Enterprise Edition (EE) Dev portal & admin GUI in EE https://gelato.io/ Markdown explorer Automatic API Explorer Import OpenAPI/Swaggr Developer Registration
12 Enterprise Edition (EE) Kong Analytics platform in EE https://getgalileo.io/ Realtime Logging Diff comparaison
Architecture overview
14 Architecture overview Based on OpenResty (Nginx & LUA scripting)
15 Architecture overview Native scalability
16 Architecture overview How to install and start Kong … • Distributions – Docker, Vargrant, Pre-built packages – Homebrew, AWS, Azure, Heroku, CloudFormation • Start in 1 min :
17 Architecture overview How to administrate and configure Kong ? • Postman is your best friend for all configuration tasks – Information routes – API – Consumer – Plugin – Certificate – SNI – Upstream – Targets • Also a CLI Tool that allows you to start, stop, and manage your Kong instances.
18 Architecture overview Extend it with your own plugin • Using LUA Scripting – simple-plugin – ├── handler.lua – └── schema.lua • Build the plugin and install it on the server • More information on https://getkong.org/docs/0.11.x/plugin-development/ • Then configure it on your API :
Going further with Kong
20 Going further with Kong Proof of Concept • Expose end-user API with an access : http://docker:8000/person/2016-4987649-53 • Add JWT and upstream Basic Auth plugin • Add JWT authentication : • Check personId correlation between JWT and URI parameter (see plugin code) • Which consumes EIS Thalys API with Basic Authentication https://api.spawnrider.net/api/Person/2016-4987649- 53?personIdType=user&levelOfDetails=full • My demo docker is available on Docker Hub
21 Going further with Kong Benefits and concerns • Benefits – Easy to install, configure and use – Based on reliable products (Nginx, Cassandra, …) – Not an ESB-based technical stack – Well documented • Concerns – No OOTB Administration UI, Developer portal and Analytics platform – Too technical for “non-tech” end-user / administrator
22 Going further with Kong Online materials • Documentation – https://getkong.org/ – https://getkong.org/plugins/ – https://getkong.org/docs/ • Videos & Webinars : – Mashap Youtube Channel – API & Microservices Management with Kong (Webinar) – Microservices Orchestration with Kong, Galileo & Gelato (Webinar)
23 Contact Yohann Ciurlik Managing Solution Architect Digital Customer eXperience (DCX) Capgemini France yohann.ciurlik@Capgemini.com Also on Twitter or LinkedIn
Introduction to Kong API Gateway

Empfohlen

Kong
KongKong
Kong
Troublemaker Khunpech
 
Microservices & API Gateways
Microservices & API Gateways Microservices & API Gateways
Microservices & API Gateways
Kong Inc.
 
Kong API
Kong APIKong API
Kong API
Patrick Pierson
 
Apigee Products Overview
Apigee Products OverviewApigee Products Overview
Apigee Products Overview
Apigee | Google Cloud
 
Kong API Gateway
Kong API Gateway Kong API Gateway
Kong API Gateway
Chris Mague
 
Apigee Demo: API Platform Overview
Apigee Demo: API Platform OverviewApigee Demo: API Platform Overview
Apigee Demo: API Platform Overview
Apigee | Google Cloud
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gateway
ChengHui Weng
 
API
APIAPI
API
Masters Academy
 

Empfohlen

Kong
KongKong
Kong
Troublemaker Khunpech
 
Microservices & API Gateways
Microservices & API Gateways Microservices & API Gateways
Microservices & API Gateways
Kong Inc.
 
Kong API
Kong APIKong API
Kong API
Patrick Pierson
 
Apigee Products Overview
Apigee Products OverviewApigee Products Overview
Apigee Products Overview
Apigee | Google Cloud
 
Kong API Gateway
Kong API Gateway Kong API Gateway
Kong API Gateway
Chris Mague
 
Apigee Demo: API Platform Overview
Apigee Demo: API Platform OverviewApigee Demo: API Platform Overview
Apigee Demo: API Platform Overview
Apigee | Google Cloud
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gateway
ChengHui Weng
 
API
APIAPI
API
Masters Academy
 
Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservices
Kunal Hire
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak
Abhishek Koserwal
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
Prabath Siriwardena
 
Identity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibilityIdentity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibility
Ryan Dawson
 
API Security Lifecycle
API Security LifecycleAPI Security Lifecycle
API Security Lifecycle
Apigee | Google Cloud
 
Container Security
Container SecurityContainer Security
Container Security
Amazon Web Services
 
REST API Design & Development
REST API Design & DevelopmentREST API Design & Development
REST API Design & Development
Ashok Pundit
 
Policy Enforcement on Kubernetes with Open Policy Agent
Policy Enforcement on Kubernetes with Open Policy AgentPolicy Enforcement on Kubernetes with Open Policy Agent
Policy Enforcement on Kubernetes with Open Policy Agent
VMware Tanzu
 
Openshift Container Platform
Openshift Container PlatformOpenshift Container Platform
Openshift Container Platform
DLT Solutions
 
Zuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne PlatformZuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne Platform
Mikey Cohen - Hiring Amazing Engineers
 
EKS Workshop
EKS Workshop EKS Workshop
EKS Workshop
AWS Germany
 
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
Angel Alberici
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with Kong
Nebulaworks
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures
Sonatype
 
How to Achieve Agile API Security
How to Achieve Agile API SecurityHow to Achieve Agile API Security
How to Achieve Agile API Security
Apigee | Google Cloud
 
KONG-APIGateway.pptx
KONG-APIGateway.pptxKONG-APIGateway.pptx
KONG-APIGateway.pptx
Agusto Sipahutar
 
Open shift 4 infra deep dive
Open shift 4 infra deep diveOpen shift 4 infra deep dive
Open shift 4 infra deep dive
Winton Winton
 
Microservices, DevOps & SRE
Microservices, DevOps & SREMicroservices, DevOps & SRE
Microservices, DevOps & SRE
Araf Karsh Hamid
 
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsZero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
Araf Karsh Hamid
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API Management
Apigee | Google Cloud
 
Azure app service to create web and mobile apps
Azure app service to create web and mobile appsAzure app service to create web and mobile apps
Azure app service to create web and mobile apps
Ken Cenerelli
 
IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014
Christopher Ferris
 

Weitere ähnliche Inhalte

Was ist angesagt?

Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservices
Kunal Hire
 
Zuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne PlatformZuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne Platform
Mikey Cohen - Hiring Amazing Engineers
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with Kong
Nebulaworks
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API Management
Apigee | Google Cloud
 

Was ist angesagt? (20)

Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservices
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
Identity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibilityIdentity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibility
 
API Security Lifecycle
API Security LifecycleAPI Security Lifecycle
API Security Lifecycle
 
Container Security
Container SecurityContainer Security
Container Security
 
REST API Design & Development
REST API Design & DevelopmentREST API Design & Development
REST API Design & Development
 
Policy Enforcement on Kubernetes with Open Policy Agent
Policy Enforcement on Kubernetes with Open Policy AgentPolicy Enforcement on Kubernetes with Open Policy Agent
Policy Enforcement on Kubernetes with Open Policy Agent
 
Openshift Container Platform
Openshift Container PlatformOpenshift Container Platform
Openshift Container Platform
 
Zuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne PlatformZuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne Platform
 
EKS Workshop
EKS Workshop EKS Workshop
EKS Workshop
 
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with Kong
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures
 
How to Achieve Agile API Security
How to Achieve Agile API SecurityHow to Achieve Agile API Security
How to Achieve Agile API Security
 
KONG-APIGateway.pptx
KONG-APIGateway.pptxKONG-APIGateway.pptx
KONG-APIGateway.pptx
 
Open shift 4 infra deep dive
Open shift 4 infra deep diveOpen shift 4 infra deep dive
Open shift 4 infra deep dive
 
Microservices, DevOps & SRE
Microservices, DevOps & SREMicroservices, DevOps & SRE
Microservices, DevOps & SRE
 
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsZero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API Management
 

Ähnlich wie Introduction to Kong API Gateway

API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
Christian Posta
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
WSO2
 

Ähnlich wie Introduction to Kong API Gateway (20)

Azure app service to create web and mobile apps
Azure app service to create web and mobile appsAzure app service to create web and mobile apps
Azure app service to create web and mobile apps
 
IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017
 
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptxIBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
 
APIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementAPIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & Management
 
Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-
 
API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
 
Building Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco APIBuilding Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco API
 
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM BluemixDeploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
 
What's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for BusinessWhat's new in App Engine and intro to App Engine for Business
What's new in App Engine and intro to App Engine for Business
 
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsKube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
 
M meijer api management - tech-days 2015
M meijer api management - tech-days 2015M meijer api management - tech-days 2015
M meijer api management - tech-days 2015
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event StreamPractical Data Mesh: Building Decentralized Data Architectures with Event Stream
Practical Data Mesh: Building Decentralized Data Architectures with Event Stream
 
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
Practical Data Mesh: Building Decentralized Data Architectures with Event Str...
 
Net Devops Overview
Net Devops OverviewNet Devops Overview
Net Devops Overview
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
 
OSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixOSGi on Google Android using Apache Felix
OSGi on Google Android using Apache Felix
 
OCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes LaunchOCP Datacomm RedHat - Kubernetes Launch
OCP Datacomm RedHat - Kubernetes Launch
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management
 
Structure and Opinions - Software Deployments with Cloud Foundry
Structure and Opinions - Software Deployments with Cloud FoundryStructure and Opinions - Software Deployments with Cloud Foundry
Structure and Opinions - Software Deployments with Cloud Foundry
 

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Kürzlich hochgeladen (20)

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Introduction to Kong API Gateway

  • 1. KONG An API Gateway Yohann Ciurlik Date : October 17th 2017 Version : 1.1
  • 3. 3 Introduction Quick overview • Open-source cloud-native, fast, scalable, and distributed Microservice Abstraction Layer • Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015 by Mashape. • Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations. • Licensing model : – Enterprise Edition (EE) – Community Edition (CE)
  • 4. 4 Introduction What is Kong ? • Kong is an API gateway : it’s a form of middleware between computing clients and your API-based applications. • Kong easily and consistently extends the features of your APIs. Some of the popular features deployed through Kong include : – authentication, – security, – traffic control, – serverless, – analytics & monitoring, – request/response transformations – and logging.
  • 5. 5 Introduction Why use Kong ? • Kong is : – Radically Extensible – Blazingly Fast – Open Source – Platform Agnostic – Cloud Native – RESTful
  • 7. 7 Community Edition (CE) Focus on Community Edition (CE) • Available on Github – Actual version : 0.11.0 – Apache v2 licensing – 3500 commits, 12,5 k*, 1400 forks • No UI & Analytics on CE (!!!) – OS community UI : • Konga • Kongdash, • Kong Dashboard (desktop) – Analytics : • ELK • Runscope, Datadog, …
  • 8. 8 Community Edition (CE) A lot of open source plugins • Authentication – Basic – Key – HMAC – OAUth 2 – LDAP – JWT • Security – ACL – CORS – Dynamics SSL – IP Restriction – Bot Detection • Traffic control – Rate Limiting – Response Rate Limiting – Request Size Limiting – Request termination • Analytics & Monitoring – Galileo – Datadog – Runscope • Transformations – Request Transformer – Response Transformer – Correlation ID • Serverless – AWS Lambda – OpenWhisk • Logging – TCP – UDP – HTTP – File – Syslog – StatsD – Loggly
  • 10. 10 Enterprise Edition (EE) Benefits • Admin GUI • Dev Portal • API Analytics • More scalability • More security • 24/7 support • More information on https://konghq.com/kong-enterprise-edition/
  • 11. 11 Enterprise Edition (EE) Dev portal & admin GUI in EE https://gelato.io/ Markdown explorer Automatic API Explorer Import OpenAPI/Swaggr Developer Registration
  • 12. 12 Enterprise Edition (EE) Kong Analytics platform in EE https://getgalileo.io/ Realtime Logging Diff comparaison
  • 14. 14 Architecture overview Based on OpenResty (Nginx & LUA scripting)
  • 16. 16 Architecture overview How to install and start Kong … • Distributions – Docker, Vargrant, Pre-built packages – Homebrew, AWS, Azure, Heroku, CloudFormation • Start in 1 min :
  • 17. 17 Architecture overview How to administrate and configure Kong ? • Postman is your best friend for all configuration tasks – Information routes – API – Consumer – Plugin – Certificate – SNI – Upstream – Targets • Also a CLI Tool that allows you to start, stop, and manage your Kong instances.
  • 18. 18 Architecture overview Extend it with your own plugin • Using LUA Scripting – simple-plugin – ├── handler.lua – └── schema.lua • Build the plugin and install it on the server • More information on https://getkong.org/docs/0.11.x/plugin-development/ • Then configure it on your API :
  • 20. 20 Going further with Kong Proof of Concept • Expose end-user API with an access : http://docker:8000/person/2016-4987649-53 • Add JWT and upstream Basic Auth plugin • Add JWT authentication : • Check personId correlation between JWT and URI parameter (see plugin code) • Which consumes EIS Thalys API with Basic Authentication https://api.spawnrider.net/api/Person/2016-4987649- 53?personIdType=user&levelOfDetails=full • My demo docker is available on Docker Hub
  • 21. 21 Going further with Kong Benefits and concerns • Benefits – Easy to install, configure and use – Based on reliable products (Nginx, Cassandra, …) – Not an ESB-based technical stack – Well documented • Concerns – No OOTB Administration UI, Developer portal and Analytics platform – Too technical for “non-tech” end-user / administrator
  • 22. 22 Going further with Kong Online materials • Documentation – https://getkong.org/ – https://getkong.org/plugins/ – https://getkong.org/docs/ • Videos & Webinars : – Mashap Youtube Channel – API & Microservices Management with Kong (Webinar) – Microservices Orchestration with Kong, Galileo & Gelato (Webinar)
  • 23. 23 Contact Yohann Ciurlik Managing Solution Architect Digital Customer eXperience (DCX) Capgemini France yohann.ciurlik@Capgemini.com Also on Twitter or LinkedIn