Implementing Kong Gateway for Our Application

Neutrinos Platform
1

Implementing Kong Gateway for Our Application

:japanese_symbol_for_beginner: Introduction – What is Kong Gateway?

Kong Gateway is an open-source, cloud-native, high-performance API gateway designed to secure, manage, and route API traffic at scale. It acts as a powerful middleware layer between your consumers and backend services.

  • :small_blue_diamond: Centralized Authentication

  • :small_blue_diamond: Smart Traffic Routing & Load Balancing

  • :small_blue_diamond: Rate Limiting & Throttling

  • :small_blue_diamond: Observability & Analytics

  • :small_blue_diamond: Plugin-based Extensibility

Being open source, Kong offers flexibility, transparency, and a strong ecosystem—making it ideal for modern microservice architectures.

This post explains how I installed Kong using Helm, created a gateway for our service, added a consumer, and configured authentication plugins—so other tech leads can easily replicate the setup.

Official Documentation: https://developer.konghq.com/

:one: Installing Kong Gateway (Using Helm on Kubernetes)

Example Helm Installation Commands:
helm repo add kong https://charts.konghq.com
helm repo update
helm install kong kong/kong -n kong --create-namespace

For our environment, I used Helm to deploy Kong Gateway into our Kubernetes cluster. Helm ensures clean, versioned, and maintainable deployments.

:wrench: Why Helm?

  • Here are the advantages of using Helm:

  • • Smooth installation and upgrades
    • Versioned, declarative deployments
    • Easy rollback if needed
    • Seamless Kubernetes integration

  • Easy rollback if needed

  • Seamless K8s integration

:link: Official Installation Guide

:backhand_index_pointing_right: Kong Gateway – Helm Installation Documentation:
https://docs.konghq.com/gateway/latest/install/kubernetes/

To expose our backend API through Kong, I logged into Kong Manager and created a new Gateway Service using our application’s upstream URL.

  • Next, I created a Route with the appropriate path and HTTP methods to define how requests should reach the service.

  • Installed the Kong chart to our Kubernetes namespace

  • Verified the deployment and ensured Kong Manager was accessible

Once the installation was complete, I proceeded to configure the gateway routing and security layers.

:two: Creating a Gateway for the API in Kong Manager

To expose our backend API through Kong:

  • Consumers represent the clients or applications that access the gateway. I created a new consumer and then added credentials such as Basic Auth (username/password) or OAuth 2.0 (Client ID/Secret).

  • Created a New Gateway Service for my Application.
    Using you application domain URL you can create a Gateway for our application.

  • Created a Route with the appropriate path and HTTP methods.

This established a fully managed gateway layer for incoming requests.

:three: Creating a Consumer

Consumers represent the clients or applications that will use the gateway.

Steps I Followed

  • Navigated to Consumers

  • Created a new consumer for our application

Next, create credentials in the same consumer to allow authentication. Ex basic authentication – username/password or oauth2.0 – client Id and client secret.

  • This allowed attachment of authentication credentials

Each API request can now be mapped to a recognized client.

:four: Adding Authentication Plugins (OAuth 2.0 & Basic Auth)

To secure the API, I configured both authentication mechanisms:

:check_mark: OAuth 2.0 Plugin

  • Enabled OAuth 2.0 on the service

  • Generated a Client ID & Secret for the consumer

  • Enforced token-based authentication

:check_mark: Basic Auth Plugin

  • Applied Basic Auth to the service

  • Created username/password credentials

  • Useful for legacy or internal systems

After implementing the setup, the results were:

• Our API is securely exposed behind Kong
• Consumers are authenticated and traceable
• OAuth 2.0 & Basic Auth provide flexible integration options
• The configuration is clean, scalable, and reusable across teams

  • Our API is securely exposed behind Kong

  • Consumers are authenticated and traceable

  • OAuth 2.0 & Basic Auth provide flexibility for various integrations

  • The configuration is clean, scalable, and reusable for other services

If anyone needs help or wants to automate this via Kong Admin API, feel free to reach out—I’m happy to support. I’m still exploring other features like Rate limiting and Analytics in Kong🚀.

Kong_Gateway_Updated.pdf (635.6 KB)

4 Likes
2

@doomedCode @Gowtham_Balram This is what was done for ADNIC as an alternate to Nginx.

3 Likes