// the find
Kong/kong
🦍 The API and AI Gateway
Kong is an API gateway built on OpenResty (nginx + LuaJIT), with a plugin system that handles auth, rate limiting, routing, and traffic transformation. It has been a production workhorse for microservices teams for nearly a decade and recently added LLM routing and MCP traffic governance as the AI gateway angle. Teams running it on Kubernetes get a first-class ingress controller; teams that don't still get solid DB-less declarative config.
The plugin architecture is genuinely well-designed — plugins attach at specific phases (access, header_filter, body_filter, log) and the execution order is predictable. The DB-less mode with declarative YAML is the right answer for GitOps workflows and makes Kong stateless at the data plane. Hybrid mode (separate control plane and data plane) is a real architectural feature, not marketing — it lets you isolate config management from traffic handling, which matters at scale. The Bazel build system with cross-compilation support and reproducible dependency pinning suggests the engineering team takes build correctness seriously, not just runtime behavior.
Lua is the first-class plugin language, and that's a real tax on any team that doesn't already know it — OpenResty's Lua environment is its own dialect with cosockets and shared dictionaries that behave differently from standard Lua, and debugging it is unpleasant. The community/enterprise feature split is aggressive: RBAC, Vault secrets, and meaningful analytics are all paywalled, so you hit that ceiling faster than the docs imply. The AI gateway additions (LLM routing, MCP governance) are architecturally just more plugins on the same nginx proxy — useful, but there's no deeper LLM-awareness here, so if your LLM traffic patterns don't fit the request/response model Kong was built for, you'll fight it. The build/openresty/patches directory currently contains 18 nginx CVE patches maintained by the Kong team directly — that's a significant security-patching surface that you're implicitly depending on them to keep current.