Monitoring Overview
API gateways isolate your applications from the outside world and provide critical path protection for your upstream services. Understanding the state of your API gateway system is critical to providing reliable API-based systems.
There are many monitoring and alerting systems available, and Kong Gateway integrates with multiple solutions:
- Prometheus is an open-source systems monitoring and alerting toolkit. Prometheus provides a multi-dimensional time series data model and query language. The Monitoring with Prometheus guide shows how to install and configure the Kong Gateway Prometheus plugin.
- Datadog is a popular cloud based infrastructure and application monitoring service. See the Collect Metrics with Datadog guide for information on integrating Kong Gateway with Datadog. You can also integrate the Datadog plugin with Kong Gateway for additional insights.
- StatsD is a lightweight network daemon that listens for application metrics on UDP or TCP and sends aggregated values to one or more backend services. Kong Gateway directly supports StatsD with the StatsD plugin. Monitoring with StatsD provides a step-by-step guide to enabling StatsD.
- Use the built-in Node Readiness endpoint for monitoring when Kong Gateway is ready to accept requests.
Closely related to monitoring is tracing. See the Kong Gateway Tracing Reference for details about instrumenting your API gateway.
What is health checking?
Health checking is an activity performed by infrastructure components (that is, load balancers) to monitor the health of a Kong Gateway node. This helps determine if a Kong Gateway node is operational and ready to process incoming requests. You can learn more about health checks (also known as “probes”) in the Readiness Check guide.
Best practices
While every environment is unique and can have its own set of circumstances, we encourage you to follow these general recommendations:
- Enable the
status_listen
configuration parameter. - Always health check Kong Gateway and track the health in monitoring dashboards such as Datadog, Grafana, AppDynamics, and so on.
- Configure the load balancer or other components immediately fronting Kong Gateway to use the readiness probe.
- In the case of Kubernetes, configure both liveness and readiness probes for Kong Gateway, ensuring a load balancer uses the correct Kubernetes endpoints to forward traffic to Kong Gateway pods.
Don’t expect the Kong Gateway readiness endpoint to respond with a
200 OK
immediately after startup, as it always takes a short time for Kong Gateway to load the first configuration and build all the necessary data structures before it can successfully proxy traffic. - Set up alerting based on responses to the health checks to be proactive in case of an incident.
- Don’t use the
kong health
CLI command to validate the overall health of the Kong Gateway, as this command only ensures that the Kong process is running and doesn’t ensure the ability or validity of the configuration. - Ensure that all nodes in a cluster are monitored. For example, checking only one data plane node in a cluster can’t offer reliable insight into the health of other data plane nodes in the same cluster.