APIM
Kong Gateway
Kong Mesh 구성요소
안전한 플랫폼 운영을 위해 구축된 엔터프라이즈급 서비스 지원이 제공됩니다.
Zero-Trust
Mutual TLS
Built-in CA + External
Certificate Rotation
Build Provenance
FIPS Compliance
Signed Kong Mesh images
Auditing MeshAccessLog
Management
Auditing MeshAccessLog
kumactl
kubectl / CRDs
Mesh UI
RBAC
Observability & Tracing
Prometheus
Loki
Grafana
Jaeger
DataDog
Zipkin
Open Telemetry
Traffic Shaping
HTTP Route
TCP Route
Timeout
Retry
Global Rate Limit
Rate Limit
Deployment Options
Universal (Linux)
Kubernetes
Single Zone
Multi Zone
Multi Mesh
Mesh Discovery
Load Balancing
Locality Aware
Round Robin
Least Request
Hash Maglev/Ring
Access Control
Traffic Permission
OPA Policies
DNS
Hostname Generator
Mesh DNS resolver
Service Health
Active Health Check
Service Probes
Circuit Breaker
Fault Injection
Kong Mesh 아키텍처
Kong Mesh의 핵심기능
서비스 메시가 필요한 이유는 서비스 간 안정적 연결, 제로 트러스트 보안, 그리고 글로벌 트래픽 가시성을 통해 애플리케이션의 신뢰성과 운영 효율성을 극대화하기 위해서입니다.
Ensure Service Connectivity, Discovery and Traffic Reliability
Intelligently route traffic across any platform and any cloud to meet expectations and SLAs
Achieve Zero-Trust Security
Deliver security from the ground up on day-0 with end-to-end encryption, permission, and AuthN/AuthZ policies
Gain Global Traffic Observability
Operationalize applications through insight to running conditions. Observe global connectivity, tracing, and logging
서비스 메시가 트래픽, 보안, 관측, 회복력을 자동화하여 각 팀의 부담을 줄이고, 애플리케이션은 본연의 비즈니스 로직에 집중할 수 있게 해줍니다.
Platform Engineering
Observability
Network Operations
Traffic Control
Security Operations Center(SOC)
Security
Site Reliability Engineering(SRE)
Resilience
Kong Mesh의 특징
Kong Mesh는 온프레미스와 여러 클라우드 간 서비스를 하나의 메시로 연결해 보안·트래픽·관리를 중앙에서 제어할 수 있게 해줍니다.
Zones with Kong Mesh
Service Mesh Control Plane
Kong Mesh 엔터프라이즈
Kong Mesh는 멀티테넌시, 유연한 환경 지원, 멀티존 연결을 통해 엔터프라이즈급 서비스 메시를 쉽게 구축하고 운영할 수 있게 해줍니다.
Kong Mesh
The Enterprise-Grade Service Mesh
Multi-tenant by default,
Easy to deploy and scale
Out of the box multi-tenancy with RBAC and flexible interaction pattern that puts user experience first
Universal (K8s + VMs),
Attribute-Based Policies & More
Run across any workload domain - Kubernetes, Virtual Machine, or Container
Built-in Multi Zone
Connectivity
Simplified multi-zone deployments enabling secure, observable, connectivity across the globe, cloud regions and cloud providers
+
+
Kong Mesh
Trusted to power the most mission critical applications.
Universal Service Mesh
Works across VMs, bare-metal, and Kubernetes containers
Multi-Zone with Zone CP Authentication
Each mesh spans zones in different networks/clouds/regions. Global DNS.
Multi-Mesh in a Single Mesh Cluster
Multiple isolated meshes and horizontally scaling Control Planes
Simplified configuration via CRDs or YAML
Low-level Envoy constructs fully abstracted. Fully supports IaC.
Unified Management in Konnect
Manage Mesh and API gateways together in Konnect
Enterprise-Grade Support & SLA
Up to 30 Minute SLA. In-house envoy contributors.
Concrete Zero Trust implementation
Complete with monitoring and UI for platform and security teams.
Zero-Downtime Certificate Authority Rotation
Transition CA certificates without interruption
FIPS-Compliant Encryption and Build Provenance
For additional assurance in federal and highly secure applications