kong

API Gateways – Apigee vs Kong

References:

Product Apigee Kong
Installation on AWS no easy way on AWS requires creating a template, and Google is encouring Saas solution on Google cloud Simple with cloudformation template with 2 nodes and a connection to RDS
Architecture Edge UI, Edge Management Server, Cassandra, Qpid (analytics), Zookeeper, LDAP, Postgres (analytics) OpenResty running on top of nginx
Postgres or Cassandra for database
Deloyment of solution SAAS on Google Cloud and on-premises
Supports installations ranging from 2 hosts to 12 and more for HA installations in 2 datacenters
Saas on AWS or on-premisesCan horizontally scale out by adding new nodes and connecting them to the databaseHA setup requires Cassandra as it’s able to replicate across data centersIt was very easy to install the free edition with cloudformation template.
My experience Used the SAAS version on Google Cloud
Tried rate limiting, API Key and tracing features
The enterprise edition took longer time as it requires a specific rpm for OS and DB RHEL 8.
Key authentication was very simple to activate https://docs.konghq.com/hub/kong-inc/key-auth/
Rate limiting
Hardware required Even the demo requirements for a single machine are 8 Cores, 16GB RAM and 100GB disk space Can run on 1 Core and 2 GB instance
Deployment of API proxies Deployment of API Proxies is easy through UI Requires posting to the API, there’s a UI available
in the enterprise version.
Load Balancing No need built in the Saas solution
Also requires a load balancer for on premises
Kong requires a Load Balancer to balance requests to Kong
DNS:
A record all nodes are equally treated
SRV records has weights associated with each node

Ring Balancer

Versioning Can forward depending on header Since 1.3 Kong can do it
Security/Authentication Supports JWT, OAuth 1.0, OAuth 2.0, API Key Plugins are available for Key authentication, JWT, OAuth 2.0, LDAP, CORS, Basic Auth,
OpenID, Mutual TLS, Okta, Upstream TLS, JWT Signer are available in the Enterprise Edition
API Protection Rate limiting, IP filtering,
JSON, XML threat protection
Rate limiting, Bot Detection, CORS, IP Restriction, Cleafy threat detection,
Signal Sciences, Wallarm AI Powered
Protocols supported SOAP, REST, HTTP, HTTPS REST, HTTP, HTTPS, grpc, grpcs
Easy of use Easy all the features are there and ready to use Require activating plugins but this is easy to do
Performance 14x slower than Kong according to article above
There are more hops on Apigee because the router handles incoming API traffic from Load Balancer and then sends
it to a Message Processor which forwards it to the backend system
LB -> Router -> Message Processor -> Microservice
Kong is 14x faster than Apigee
10x more scalable

LB-> nginx -> Microservice

Morel lightweight than Apigee

Rate limiting Supported out of the box Requires a plugin
Tracing requests Supported easily with UI Requires a plugin
Analytics Build in Plugin available
API Key Supported out of the box Plugin available
Maturity Owned by Google, proven, large customers Startup with 50M funding but still has some large clients such as
Expedia, Yahoo Japan, Wework