Overview

    • Konnect (hosted control plane)
    • Traditional (database)
    • DB-less and declarative

    Each mode has benefits and limitations, so it is important to consider them carefully when deciding which mode to use to install Kong Gateway in production.

    The following sections briefly describe each mode.

    Konnect is the fastest way to get started when using Kong Gateway. It allows you to deploy your own data planes (DP) to handle customer traffic without needing to deploy your own control plane (CP) or database.

    Konnect is a hybrid mode deployment, where Kong host the control plane for you. This means that you get all of the benefits of a hybrid mode deployment without needing to run multiple nodes yourself.

    Configuration changes can be made using the Konnect UI and configuration wizards, or applied in an automated way using .

    As with hybrid mode, your data planes will continue to process traffic even if the control plane is offline. In addition, you no longer need to worry about securing the control plane because Kong Gateway does it for you.

    Get started with Konnect for free today.

    Starting with Kong Gateway 2.1, Kong Gateway can be deployed in hybrid mode, which separates the control plane from the data plane.

    In this mode, Kong Gateway nodes in a cluster are split into two roles: control plane (CP), where configuration is managed and the Admin API is served from, and data plane (DP), which serves traffic for the proxy. Many DP nodes are connected to a single CP node. Instead of accessing the database contents directly like in the traditional deployment method, the DP nodes maintain connection with CP nodes, and receive the latest configuration in real-time.

    Hybrid mode deployments have the following benefits:

    • Users can deploy groups of data planes in different data centers, geographies, or zones without needing a local clustered database for each DP group.
    • The availability of the database does not affect the availability of the data planes. If a control plane is offline, data planes will run using their last known configuration.
    • Drastically reduces the amount of traffic to and from the database, since only CP nodes need a direct connection to the database.

    In traditional mode, Kong Gateway requires a database to store configured entities such as routes, services, and plugins. Kong Gateway supports both PostgreSQL 10+ and Cassandra 3.11.x as its data store.

    Running Kong Gateway in traditional mode is the simplest way to get started with Kong, and it is the only deployment topology that supports plugins that require a database, like rate-limiting with the cluster strategy, or OAuth2. However, there are some downsides too.

    In addition, if you’re running Kong Enterprise with Kong Manager, request throughput may be reduced on nodes running Kong Manager due to expensive calculations being run to render analytics data and graphs.

    You can use the or declarative configuration files (decK) to configure the Kong Gateway in traditional mode.

    Starting with Kong Gateway 1.1, you can enable DB-less mode to reduce complexity of and create more flexible deployment patterns. In this mode, configured entities such as routes, services and plugins are stored in-memory on the node.

    When running in DB-less mode, configuration is provided to Kong Gateway using a second file. This file contains your configuration in YAML or JSON format using Kong’s declarative configuration syntax.

    DB-less mode is also used by the Kong Ingress Controller, where the Kubernetes API server uses Kong’s endpoint to update the running configuration in memory any time a change is made.

    The combination of DB-less mode and declarative configuration has a number of benefits:

    • Reduced number of dependencies: no need to manage a database installation if the entire setup for your use-case fits in memory.
    • Your configuration is always in a known state. There is no intermediate state between creating a service and a route using the Admin API.
    • It is a good fit for automation in CI/CD scenarios. Configuration for entities can be kept in a single source of truth managed via a Git repository.
    • The is read only.
    • Any plugin that stores information in the database, like rate limiting (cluster mode), do not fully function.