Home / Companies / Kong / Blog / August 2019

August 2019 Summaries

3 posts from Kong

Filter
Month: Year:
Post Summaries Back to Blog
Kong's 1.3 release introduces native support for managing and proxying gRPC services, enhancing its ability to uniformly handle both REST and gRPC services with the same plugins. gRPC, a remote procedure call framework developed by Google, offers benefits over traditional REST APIs, such as bi-directional streaming and efficient binary encoding. The blog provides a tutorial on setting up Kong to proxy gRPC services, covering two scenarios: a single route matching all gRPC methods and individual routes for specific methods, which allows for more flexible use of plugins. It discusses using tools like gRPCurl and grpcbin for testing and highlights Kong's compatibility with logging and observability plugins, such as File Log and Zipkin. The article also hints at future developments for gRPC support, including native handling of Protobuf data for enhanced plugin compatibility.
Aug 30, 2019 864 words in the original blog post.
Kong 1.3 introduces several new features and improvements, including native support for gRPC proxying, upstream mutual TLS authentication, and enhancements such as the open-source release of the Sessions Plugin and fixes for NGINX vulnerabilities. The update aims to provide better control, security, and performance for microservices architectures, offering capabilities like A/B testing, automatic retries, and circuit breaking for gRPC services. The release also includes an upgraded version of OpenResty, which contributes to a 10% increase in performance, and enhanced routing capabilities that allow matching routes by any request header and implementing least-connections load balancing. Other notable additions are the ability to export database configurations to YAML files for easier backup and version control, as well as improvements in handling upstream keepalive connections to reduce errors. The Kong team encourages users to explore the new features, consult detailed documentation, and participate in community discussions to optimize the use of Kong 1.3.
Aug 21, 2019 1,033 words in the original blog post.
Cloud security, particularly concerning AWS services like S3, involves a complex interplay of strategies aimed at preventing data breaches, which often occur due to compromised credentials and unmonitored extraction of data. AWS provides robust security features, including physical security, DDoS protection, and compliance with standards like PCI and HIPAA, but companies must effectively manage their portion of the shared responsibility model to prevent breaches. This involves implementing multi-factor authentication, limiting account permissions, and using automated tools like AWS Lambda to monitor and respond to suspicious activities. Encryption plays a critical role in safeguarding data, ensuring that even if data is accessed, it remains unusable without the proper decryption keys. Organizations must employ a layered security approach, combining technical controls with administrative policies to mitigate vulnerabilities, emphasizing that while attackers only need one point of entry, defenders must protect all potential vulnerabilities.
Aug 07, 2019 1,704 words in the original blog post.