Coverage Matrix

Chkk Curated Release Notesv1.2.0 to latest
Private RegistrySupported
Custom Built ImagesSupported
Safety, Health, and Readiness Checksv1.3.0 to latest
Supported PackagesHelm, Kustomize, Kube
EOL InformationAvailable
Version Incompatibility InformationAvailable
Upgrade TemplatesIn-Place, Blue-Green
PreverificationAvailable

Kong Gateway OSS Overview

Kong Gateway OSS is an open-source, cloud-native API gateway offering centralized control for service traffic, authentication, rate limiting, and request transformations. Its plugin-based architecture enables platform teams to enforce consistent API policies without modifying upstream applications. Kong supports DB-backed or DB-less (declarative) deployments, providing flexibility for both simple and complex environments. Integrated natively with Kubernetes via an official ingress controller, Kong ensures scalable and robust traffic management across multi-cloud setups. Its hybrid deployment mode further facilitates geographically distributed or multi-cluster architectures.

Chkk Coverage

Curated Release Notes

Chkk reviews official Kong Gateway OSS release notes, highlighting key changes like new features, deprecated configurations, and critical bug fixes. Engineers receive tailored summaries emphasizing operational impacts, such as the removal of Cassandra DB support in Kong 3.4 or introduction of Kong Manager OSS GUI. By clearly outlining necessary configuration adjustments, Chkk ensures teams proactively address potential breaking changes. These curated notes help platform teams maintain uninterrupted service during upgrades, avoiding common pitfalls.

Preflight & Postflight Checks

Chkk conducts thorough preflight validations, checking Kong configurations, database compatibility, and deprecated parameters to confirm upgrade readiness. These checks highlight issues such as outdated database connections or removed configuration fields before upgrades are executed. Post-upgrade, Chkk confirms successful rollout by verifying pod health, migrations status, and operational consistency in configured routes and plugins. This comprehensive approach ensures early detection and rapid remediation of upgrade-related anomalies.

Version Recommendations

Chkk proactively tracks Kong Gateway OSS support timelines, alerting engineers to upcoming EOL dates or critical security patches. Recommendations balance stability with feature updates, suggesting the most suitable Kong versions based on your Kubernetes and database dependencies. Chkk clearly communicates reasoning behind each version suggestion, such as approaching end-of-life deadlines or essential security updates. Customized policies are supported for teams managing forks or vendor-specific Kong editions.

Upgrade Templates

Chkk provides detailed, Kong-specific Upgrade Templates for both in-place and blue-green deployments, aligning with official best practices. Templates guide teams through essential database migrations, schema updates, and configuration management steps with clearly defined rollback points. Blue-green upgrade guidance includes parallel cluster deployment strategies, incremental traffic shifting, and validation procedures. Integrating seamlessly with GitOps or CI/CD pipelines, these templates reduce operational risk and simplify Kong upgrades.

Preverification

Chkk’s preverification process creates a controlled upgrade simulation mirroring your Kong production environment, including databases, declarative configs, and custom plugins. This simulated upgrade uncovers potential issues such as plugin incompatibilities, configuration parsing errors, or resource utilization spikes. Identifying these problems beforehand allows proactive adjustments, significantly reducing upgrade risks in production. Preverification ensures upgrade reliability, enabling confident, issue-free rollouts.

Supported Packages

Chkk supports Kong Gateway OSS across Helm charts, Kustomize, Kubernetes manifests, and other deployment methods. It respects custom images, private registries, and vendor-specific builds, adapting upgrade recommendations to your existing setup seamlessly. Engineers can leverage existing GitOps workflows without modification, as Chkk suggests precise configuration changes directly within your established management tools. This compatibility ensures consistent operational practices during Kong version transitions.

Common Operational Considerations

  • Backup and Migration Planning: Always perform backups before running database migrations, as Kong’s migration steps are irreversible. Maintain declarative configuration snapshots in DB-less setups to enable rapid rollback if necessary.
  • Breaking Changes & Deprecations: Regularly review Kong’s documented breaking changes between releases to identify configuration fields or plugins requiring updates. Proactively update or remove deprecated settings to avoid post-upgrade failures.
  • Admin API Security: Restrict Admin API exposure to internal networks with appropriate firewall rules or Kubernetes NetworkPolicies. Enable RBAC to prevent unauthorized configuration modifications that can compromise cluster integrity.
  • Performance and Resource Tuning: Monitor and tune Kong’s resource settings such as Nginx worker processes, buffer sizes, and connection limits based on traffic patterns. Proper resource allocation prevents performance bottlenecks and unexpected pod terminations.
  • Hybrid Mode Synchronization: Always upgrade control plane nodes first in hybrid mode deployments, ensuring data planes never run newer versions than the control plane. Maintain consistent custom plugin versions across control and data planes to prevent synchronization issues.
  • Observability and Logging Overhead: Configure logging plugins for asynchronous or buffered output to minimize performance impact during high traffic. Monitor key metrics like HTTP status codes, latency, and resource usage to quickly detect and address operational anomalies.

Additional Resources