Kong Clustering

Introduction

Kong is a popular open-source API gateway that helps you manage, secure, and observe your APIs. As your API traffic grows, running Kong on a single node might not be sufficient to handle the load or provide the necessary reliability. This is where Kong clustering comes in.

Kong clustering allows you to deploy multiple Kong instances that work together as a unified system, providing high availability, improved performance, and horizontal scalability for your API management infrastructure.

In this guide, we'll explore how Kong clustering works, how to set it up, and best practices for managing a Kong cluster in production environments.

What is Kong Clustering?

Kong clustering refers to running multiple Kong instances that share configuration data to operate as a cohesive unit. This allows for:

High Availability: If one Kong node fails, others can continue processing API requests
Horizontal Scalability: Add more Kong nodes to handle increased API traffic
Load Distribution: Spread API requests across multiple nodes for improved performance

Let's understand the core components that make clustering possible:

The Role of Kong's Database

Kong can operate in two modes:

DB mode: Kong nodes connect to a shared database (PostgreSQL or Cassandra)
DB-less mode: Kong nodes use local configuration files

For clustering in DB mode, all Kong nodes connect to the same database, which acts as the source of truth for configuration data:

Setting Up Kong Clustering

Let's walk through the process of setting up a basic Kong cluster in DB mode:

Prerequisites

Multiple servers/VMs to host Kong nodes
PostgreSQL or Cassandra database
Load balancer (like Nginx, HAProxy, or a cloud load balancer)

Step 1: Set Up the Shared Database

First, we need to set up a PostgreSQL database that all Kong nodes will connect to:

bash
# Create Kong database and user in PostgreSQL
$ psql -U postgres
postgres=# CREATE USER kong WITH PASSWORD 'kong_password';
postgres=# CREATE DATABASE kong OWNER kong;
postgres=# \q

# Run Kong migrations
$ kong migrations bootstrap -c /etc/kong/kong.conf

Step 2: Configure Kong Nodes

On each server that will run a Kong node, create a configuration file with the database connection details:

bash
# /etc/kong/kong.conf
database = postgres
pg_host = your_database_host
pg_port = 5432
pg_user = kong
pg_password = kong_password
pg_database = kong

Ensure each node has a unique identifier:

bash
# Add to kong.conf
cluster_listen = 0.0.0.0:8005
cluster_advertise = public_ip:8005

Step 3: Start Kong on Each Node

On each server, start Kong with the configuration file:

bash
$ kong start -c /etc/kong/kong.conf

Step 4: Configure Load Balancing

Set up a load balancer in front of your Kong nodes. Here's a simple Nginx configuration example:

nginx
upstream kong_upstream {
    server kong_node1:8000;
    server kong_node2:8000;
    server kong_node3:8000;
}

server {
    listen 80;
    
    location / {
        proxy_pass http://kong_upstream;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

Practical Example: Deploying a Kong Cluster with Docker Compose

Let's see how we can easily set up a Kong cluster using Docker Compose for development and testing:

yaml
# docker-compose.yml
version: '3'

services:
  kong-db:
    image: postgres:13
    environment:
      POSTGRES_USER: kong
      POSTGRES_DB: kong
      POSTGRES_PASSWORD: kong_password
    ports:
      - "5432:5432"
    healthcheck:
      test: ["CMD", "pg_isready", "-U", "kong"]
      interval: 10s
      timeout: 5s
      retries: 5

  kong-migrations:
    image: kong:latest
    depends_on:
      - kong-db
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-db
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: kong_password
    command: kong migrations bootstrap

  kong-node1:
    image: kong:latest
    depends_on:
      - kong-db
      - kong-migrations
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-db
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: kong_password
      KONG_PROXY_ACCESS_LOG: /dev/stdout
      KONG_ADMIN_ACCESS_LOG: /dev/stdout
      KONG_PROXY_ERROR_LOG: /dev/stderr
      KONG_ADMIN_ERROR_LOG: /dev/stderr
      KONG_ADMIN_LISTEN: 0.0.0.0:8001
    ports:
      - "8000:8000"
      - "8001:8001"

  kong-node2:
    image: kong:latest
    depends_on:
      - kong-db
      - kong-migrations
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-db
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: kong_password
      KONG_PROXY_ACCESS_LOG: /dev/stdout
      KONG_ADMIN_ACCESS_LOG: /dev/stdout
      KONG_PROXY_ERROR_LOG: /dev/stderr
      KONG_ADMIN_ERROR_LOG: /dev/stderr
      KONG_ADMIN_LISTEN: 0.0.0.0:8001
    ports:
      - "8002:8000"
      - "8003:8001"

Start the cluster with:

bash
$ docker-compose up -d

Now you have a simple Kong cluster with two nodes sharing the same configuration database.

Advanced Kong Clustering Concepts

Control Plane / Data Plane Separation

In larger deployments, Kong supports a control plane / data plane architecture:

In this model:

Control Plane: Manages configuration through Admin API
Data Plane: Handles actual API traffic

To configure this separation, use:

bash
# Control Plane node configuration
cluster_role = control_plane
cluster_cert = /path/to/cluster.crt
cluster_cert_key = /path/to/cluster.key

# Data Plane node configuration
cluster_role = data_plane
cluster_control_plane = control_plane_address:8005
cluster_cert = /path/to/cluster.crt
cluster_cert_key = /path/to/cluster.key

Hybrid Mode

Kong Enterprise offers a Hybrid Mode deployment, which extends the control plane / data plane separation for multi-datacenter configurations.

Cache Consistency

Kong nodes maintain caches of entities like Services, Routes, and Plugins. When a change is made through the Admin API, Kong ensures eventual consistency across nodes through:

Database polling (in DB mode)
Cluster events (in Hybrid mode)

Monitoring Kong Clusters

To ensure your Kong cluster is healthy, monitor these key metrics:

Node Status: Check that all nodes are running
Request Latency: Track response times across nodes
Error Rates: Monitor HTTP errors and Kong-specific errors
Database Connectivity: Ensure all nodes can reach the database

Kong exposes a status endpoint that can be used for health checks:

bash
$ curl -i http://kong_node:8001/status

Best Practices for Kong Clusters

Use Production-Grade Databases: For PostgreSQL, consider using managed services or high-availability setups.
Implement Database Redundancy: Consider database replication to prevent a single point of failure.
Deploy in Multiple Availability Zones: If using cloud providers, spread Kong nodes across zones.
Graceful Scaling: When adding or removing nodes, do so gradually to avoid disruption.
Consistent Configuration: Use configuration management tools to ensure consistency.
Regular Backups: Back up your Kong database regularly.
Upgrade Strategy: Plan for rolling upgrades to minimize downtime.

Troubleshooting Common Issues

Node Not Joining Cluster

If a node isn't joining the cluster properly:

Check network connectivity between nodes
Verify database connection settings
Ensure cluster listen and advertise addresses are correct
Check for firewall rules blocking cluster communication

Configuration Inconsistency

If you notice different behavior between nodes:

Verify all nodes are connected to the same database
Check for cached configurations with kong reload
Confirm all nodes are running the same Kong version

Summary

Kong clustering provides a robust solution for scaling your API gateway infrastructure. By running multiple Kong nodes that share configuration, you can achieve high availability, improved performance, and horizontal scalability.

Key points to remember:

Kong nodes in a cluster share configuration through a common database
Clustering supports both traditional shared-database and control/data plane architectures
Proper load balancing is essential for distributing traffic across nodes
Monitoring and maintenance practices ensure cluster health and reliability

Further Learning

To deepen your knowledge of Kong clustering, consider these exercises:

Exercise: Set up a three-node Kong cluster using Docker Compose.
Exercise: Configure Kong with a highly available PostgreSQL database.
Exercise: Implement health checks and failover strategies for your Kong cluster.
Exercise: Practice scaling your Kong cluster up and down without service interruption.

Additional Resources

Kong Documentation on Clustering
Kong High Availability Reference Architecture
Kong Enterprise Documentation for Hybrid Mode
Kong Community Forum for troubleshooting and discussions

If you spot any mistakes on this website, please let me know at [email protected]. I’d greatly appreciate your feedback! :)

Introduction​

What is Kong Clustering?​

The Role of Kong's Database​

Setting Up Kong Clustering​

Prerequisites​

Step 1: Set Up the Shared Database​

Step 2: Configure Kong Nodes​

Step 3: Start Kong on Each Node​

Step 4: Configure Load Balancing​

Practical Example: Deploying a Kong Cluster with Docker Compose​

Advanced Kong Clustering Concepts​

Control Plane / Data Plane Separation​

Hybrid Mode​

Cache Consistency​

Monitoring Kong Clusters​

Best Practices for Kong Clusters​

Troubleshooting Common Issues​

Node Not Joining Cluster​

Configuration Inconsistency​

Summary​

Further Learning​

Additional Resources​