問題を報告するこのページは、まだ日本語ではご利用いただけません。翻訳中です。
旧バージョンのドキュメントを参照しています。 最新のドキュメントはこちらをご参照ください。
Kong Gateway
API gateway built for hybrid and multi-cloud, optimized for microservices and distributed architectures
Set up your Gateway in under 5 minutes with Kong Konnect:
Kong Konnect is an API lifecycle management platform that lets you build modern applications better, faster, and more securely.
How to get started
To learn more about what you can do with Kong Gateway, see Features.
Introducing Kong Gateway
Kong Gateway is a lightweight, fast, and flexible cloud-native API gateway. An API gateway is a reverse proxy that lets you manage, configure, and route requests to your APIs.
Kong Gateway runs in front of any RESTful API and can be extended through modules and plugins. It’s designed to run on decentralized architectures, including hybrid-cloud and multi-cloud deployments.
With Kong Gateway, users can:
- Leverage workflow automation and modern GitOps practices
- Decentralize applications/services and transition to microservices
- Create a thriving API developer ecosystem
- Proactively identify API-related anomalies and threats
- Secure and govern APIs/services, and improve API visibility across the entire organization.
Looking for additional help? Free training and curated content, just for you:
Extending the Kong Gateway
Kong Gateway is a Lua application running in Nginx. Kong Gateway is distributed along with OpenResty, which is a bundle of modules that extend the lua-nginx-module.
This sets the foundations for a modular architecture, where plugins can be enabled and executed at runtime. At its core, Kong Gateway implements database abstraction, routing, and plugin management. Plugins can live in separate code bases and be injected anywhere into the request lifecycle, all with a few lines of code.
Kong provides many plugins for you to use in your Gateway deployments. You can also create your own custom plugins. For more information, see the plugin development guide, the PDK reference, and the guide on creating plugins with other languages (JavaScript, Go, and Python).
Packages and modes
There are two ways to deploy Kong Gateway: Managed with Kong Konnect, and self-managed. If you’re trying out Kong Gateway for the first time, we recommend starting with Kong Konnect.
Konnect
Konnect provides the easiest way to get started with Kong Gateway. The global control plane is hosted in the cloud by Kong, and you manage the individual data plane nodes within your preferred network environment.
Konnect offers two pricing packages:
-
Plus: Our self-serve pay-as-you-go pricing model, giving you access to the Konnect platform in its entirety while offering the flexibility to only pay for the services your organization uses.
-
Enterprise: With an Enterprise subscription, you have access to the entire Kong Konnect suite and:
- 24x7x365 technical support
- Professional Services to create a purpose-built solution for your environment
For more information, visit the pricing page.
Figure 1: Diagram of Kong Gateway data planes connected to a Konnect control plane.
Requests flow from an API client into the Gateway data planes, are modified and managed by the proxy based on your control plane configuration, and are forwarded to upstream services.
Self-managed
Kong Gateway is available in two different packages: Open Source (OSS) and Enterprise.
Kong Gateway (OSS): An open-source package containing the basic API gateway functionality and open-source plugins. You can manage the open-source Gateway with Kong’s Admin API, Kong Manager Open Source, or with declarative configuration.
Kong Gateway Enterprise (available in Free or Enterprise mode): Kong’s API gateway with added functionality.
- In Free mode, this package adds Kong Manager to the basic open-source functionality.
- With an Enterprise subscription, it also includes:
You can manage Kong Gateway Enterprise in Free or Enterprise mode with Kong’s Admin API, declarative configuration, or Kong Manager.
Figure 2: Diagram of Kong Gateway key features. Kong Gateway (OSS) provides basic functionality, while Kong Gateway Enterprise builds on top of the open-source foundation with advanced proxy features.
Requests flow from an API client into the Gateway, are modified and managed by the proxy based on your Gateway configuration, and forwarded to upstream services.
Features
| オープンソース オープンソース スタート | Kong Gateway Enterprise Kong Gateway Enterprise お問い合わせ | |
|---|---|---|
| APIインフラストラクチャの近代化 | ||
| 高速、軽量、クラウドネイティブなAPIゲートウェイ | ||
|
エンドツーエンドの自動化
APIの設計と実行におけるGitOpsフローの推進
|
||
|
Kong Ingress Controller
KubernetesへのネイティブなAPIのデプロイ
|
||
|
Gateway Mocking
API ゲートウェイ上で直接 API レスポンスをモックする
|
||
|
Kong Manager: Admin GUI
Kong クラスタ、プラグイン、API、およびコンシューマーを視覚的に管理
|
||
| トラフィック管理と変換 | ||
|
基本的なトラフィック制御プラグイン
ACME証明書、基本的なレート制限、軽量キャッシュの管理
|
||
|
シンプルなデータ変換
ヘッダー、JSONデータ、クエリー文字列の追加と削除
|
||
|
gRPC Transformations
gRPC-Web と REST からのリクエストをバックエンドの gRPC サービスに変換する
|
||
|
GraphQL
GraphQL クエリを REST リクエストに変換します。GraphQL クエリのレート制限とキャッシュ。
|
||
|
リクエストの検証
Kong独自のスキーマバリデータ、またはJSON スキーマのドラフト 4、コンプライアンスバリデーターを使用してリクエストを検証します。
|
||
|
jq Transformations
リクエストまたはレスポンスの高度なJSON変換と変換のチェーン機能
|
||
|
高度なキャッシュ
レスポンスをキャッシュし、分散バックエンドを統合することで高スケールに最適化する
|
||
|
高度なレート制限
スライドウィンドウ制御によるエンタープライズグレードのレート制限
|
||
| セキュリティとガバナンス | ||
|
認証
API 認証の一般的な方法 - ベーシック認証、HMAC、JWT キー認証、制限付き OAuth 2.0、制限付き LDAP
|
||
|
高度な認証
エンタープライズグレードの API 認証 - 完全な OAuth 2.0、OpenID Connect、Vault、相互TLS(mTLS)、JWTの署名/再署名、完全なLDAP
|
||
|
ロールベースのアクセス制御 (RBAC)
組織内でのユーザーの役割に基づくゲートウェイ構成の制御
|
||
|
基本認証(ボット検出、CORS 制御、ACL)
ユーザーの行動と制御リストのルールによって API へのアクセスを制御
|
||
|
高度な認証 (OPA)
複雑な、プログラム可能な、企業全体にわたるルールによって API へのアクセスを制御
|
||
|
機密管理
機密性の高いキー、証明書、パスワードを暗号化
|
||
|
FIPS 140-2 サポート
Kong Gateway は現在、暗号化操作に FIPS 140-2 準拠の BoringCrypto を使用する FIPS モードを提供します。
|
||
|
署名付き Kong イメージ
Kong Gateway コンテナイメージは SLSA ガイドラインに従って署名され、検証可能です。
|
||
|
Kong Images Build Provenance
Kong Gateway コンテナイメージはビルドレベルの由来を生成し、SLSAガイドラインに従って検証可能です。
|
||
| オブザーバビリティ | ||
|
簡易ログ記録
基本的な API ゲートウェイログの送信 - ファイルログ記録、HTTPのログ記録、StatsD、TCPとUDPのログ記録
|
||
|
API アナリティクス
API ゲートウェイを通過するリクエストとレスポンスをネイティブに分析
|
||
|
ゲートウェイイベントフック
管理者の追加や流量制限の超過など、ゲートウェイへの変更時に自動的にログアウトするか、ウェブフックを送信する
|
||
| AI Gateway | ||
|
Multi-LLMサポート
アプリケーションコードを変更することなく、異なるAIプロバイダーとモデルを切り替えます
|
||
|
AI traffic control
Kong Gatewayを介してAIトラフィックをプロキシし、AIプラグインで管理します
|
||
|
AI prompt security
AI Prompt Decorator、AI Prompt Guard、AI Prompt Template プラグインを使用して、安全でコンプライアンスに準拠した AI プロンプトを実装
|
||
|
AI オブザーバビリティ
AI トラフィックからメトリクスを収集し、任意の Kong Gateway ログ記録プラグインを使用して、選択したログ記録プロバイダに送信
|
||
| Enterpriseサポートとサービス | ||
|
Enterpriseサポート
24/7 x 365 technical support SLAs
|
||
| セキュリティ CVEとバグフィックスのバックポート | ||
| パフォーマンスチューニングガイダンス | ||
|
カスタマーサクセスパッケージ - アドオン
専任のテクニカルアカウントマネージャーとフィールドエンジニアが価値実現までの時間を短縮
|
Kong Admin API
Kong Admin API provides a RESTful interface for administration and configuration of Gateway entities such as services, routes, plugins, consumers, and more. All of the tasks you can perform against the Gateway can be automated using the Kong Admin API.
Kong Manager
Note: If you are running Kong in traditional mode, increased traffic could lead to potential performance with Kong Proxy. Server-side sorting and filtering large quantities of entities will also cause increased CPU usage in both Kong CP and database.
Kong Manager is the graphical user interface (GUI) for Kong Gateway. It uses the Kong Admin API under the hood to administer and control Kong Gateway.
Here are some of the things you can do with Kong Manager:
- Create new routes and services
- Activate or deactivate plugins with a couple of clicks
- Group your teams, services, plugins, consumer management, and everything else exactly how you want them
- Monitor performance: visualize cluster-wide, workspace-level, or object-level health using intuitive, customizable dashboards
Kong Dev Portal
Kong Dev Portal is used to onboard new developers and to generate API documentation, create custom pages, manage API versions, and secure developer access.
Kong Vitals
Kong Vitals provides useful metrics about the health and performance of your Kong Gateway nodes, as well as metrics about the usage of your proxied APIs. You can visually monitor vital signs and pinpoint anomalies in real-time, and use visual API analytics to see exactly how your APIs and Gateway are performing and access key statistics. Kong Vitals is part of the Kong Manager UI.
Kubernetes
Kong Gateway can run natively on Kubernetes with its custom ingress controller, Helm chart, and Operator. A Kubernetes ingress controller is a proxy that exposes Kubernetes services from applications (for example, Deployments, ReplicaSets) running on a Kubernetes cluster to client applications running outside of the cluster. The intent of an ingress controller is to provide a single point of control for all incoming traffic into the Kubernetes cluster.
Kong Gateway plugins
Kong Gateway plugins provide advanced functionality to better manage your API and microservices. With turnkey capabilities to meet the most challenging use cases, Kong Gateway plugins ensure maximum control and minimizes unnecessary overhead. Enable features like authentication, rate-limiting, and transformations by enabling Kong Gateway plugins through Kong Manager or the Admin API.
Tools
Kong also provides API lifecycle management tools that you can use with Kong Gateway.
Insomnia
Insomnia enables spec-first development for all REST and GraphQL services. With Insomnia, organizations can accelerate design and test workflows using automated testing, direct Git sync, and inspection of all response types. Teams of all sizes can use Insomnia to increase development velocity, reduce deployment risk, and increase collaboration.
decK
decK helps manage Kong Gateway’s configuration in a declarative fashion. This means that a developer can define the desired state of Kong Gateway or Konnect – services, routes, plugins, and more – and let decK handle implementation without needing to execute each step manually, as you would with the Kong Admin API.
Get started with Kong Gateway
Download and install Kong Gateway. To test it out, you can choose either the open-source package, or run Kong Gateway Enterprise in free mode and also try out Kong Manager.
After installation, get started with the introductory quickstart guide.
Try in Konnect
Kong Konnect can manage Kong Gateway instances. With this setup, Kong hosts the control plane and you host your own data planes.
There are a few ways to test out the Gateway’s Enterprise features:
- Sign up for Kong Konnect.
- Check out learning labs at Kong Academy.
- If you are interested in evaluating Enterprise features locally, request a demo and a Kong representative will reach out with details to get you started.
Support policy
Kong follows a structured approach to versioning its products.
For the latest version support information for Kong Gateway Enterprise and Kong Mesh, see the version support policy.
