3 Kong features that make it easier to extend Kong

Transcript

1. None

2. 3 Kong features that make it easier to extend Kong

3. 3 Senior Engineer Vincent Behar https://twitter.com/vbehar Twitter French video game

   company Ubisoft https://hachyderm.io/@vbehar Mastodon ABOUT ME @vbehar Slack Kong Community https://github.com/vbehar GitHub

4. 4 Building a Control Plane on top of Kong’s Control

   Plane 3 Kong features that make it easier to extend Kong • Context • DecK – as a Go library • Dry Run mode • Event Hooks

5. 5 API Gateway for an Internal Developer Platform - KubeCon

   Talk on youtube CONTEXT Internal Developer Platform • Multiple services / teams • Managed Kubernetes clusters • MongoDB • Unified experience • JSON REST APIs • OpenAPI API Gateway • Single entry point • Gateway admins • Enforce rules (security) • Service developers • Self-service • OpenAPI integration • Kong knowledge?

6. 6 CONTEXT Gateway Admin Service Developers Self-service Enforce security Sync

   Automatic ingestion

7. 7 Control Plane on top of Kong’s Control Plane CONTEXT

   Kubernetes Operator • ✅ Self-service • ✅ Self-healing • Kong’s Kubernetes Ingress Controller? • ❌ OpenAPI integration • ❌ Enforcing our own rules Implementation • Workspaces (admins) • Services (developers) • Routes (OpenAPI) • Plugins

8. 8 CONTEXT Gateway Admin Service Developers Plugins configs

9. 9 Workspace & Service USAGE

10. 10 3 features that makes it easier to extend Kong

    WHY KONG? • DecK – as a Go library • Dry Run mode • Event Hooks

11. 11 As a Go library DECK Challenges • Source of

    truth « outside » Kong • Kubernetes API • Declarative Config Management • Reconciliation with Kong API • Creations • Updates • Deletions DecK • CLI tool to sync state with Kong API • Written in Go • Load, merge & sync state • JSON/YAML support • Embed as a Go lib • ✅ Integration • ✅ Parsable output

12. 12 USING DECK Dev Generate desired state Get current state

    DecK Merge both states Sync new state with Kong Render final state JSON diff JSON / YAML Final state

13. 13 Safe & early feedback DRY RUN MODE Why? •

    Test config changes • Very early feedback • Safe operations • State never persisted on disk Flow • Client • Kubernetes API Server • Admission webhook • Kubernetes Operator • DecK Sync • Dry-run Flag • Kong • Validations, …

14. 14 With Kubernetes USING DRY RUN MODE • Server-side apply

    • Server-side dry-run • Mutating admission webhook

15. 15 Avoid configuration drift EVENT HOOKS Event Hooks? • Kong

    Enterprise feature • Notify our operator for each change • HTTP Webhook • Avoid configuration drift • Force people to use the operator Using Event Hooks • Tag every entity • Filter on the tag • To trigger the reconciliation • Kubernetes internal queue • Kong 2.x • Needs to be restarted before…

16. 16 CONCLUSION Putting it all together • DecK • Easy

    reconciliation • JSON/YAML output • Dry Run Mode • Safe operations • Event Hooks • Avoid config drift User Experience • ✅ Self-service • ✅ Self-healing • ✅ Safe

17. Thank you. Questions?