Is Kong or KrakenD faster for API proxying?

KrakenD is slightly faster than Kong in pure proxy benchmarks (~18,000 RPS vs ~16,000 RPS) due to its stateless Go architecture and zero database dependency. However, Apache APISIX outperforms both at 23,000 QPS per core with 0.2ms latency, combining NGINX-level performance with dynamic configuration through etcd.

Can KrakenD aggregate multiple backend API responses?

Yes — API aggregation is KrakenD's standout feature. It can merge responses from multiple backends into a single client response, filter fields, and reshape data through declarative JSON configuration. This backend-for-frontend (BFF) pattern is not natively supported by Kong, though Apache APISIX handles it through serverless function plugins and request transformation.

Which has lower operational complexity: Kong, KrakenD, or Apache APISIX?

KrakenD has the lowest operational complexity — a single binary with no runtime database dependency. Apache APISIX is a close second, requiring only etcd (lightweight key-value store) instead of PostgreSQL or Cassandra. Kong has the highest operational complexity due to its PostgreSQL/Cassandra dependency for clustering.

How does pricing compare between Kong, KrakenD, and API7 Enterprise?

Kong Enterprise starts at ~$50K+/year with per-service pricing. KrakenD Enterprise uses transparent per-node pricing not tied to traffic. API7 Enterprise uses CPU-core-based pricing that is typically the most cost-effective option, with all 100+ Apache APISIX plugins included without enterprise paywalls.

New

Announcing AISIX: The AI-Native AI Gateway for LLMs and AI AgentsLearn More

Learn More

API gateway comparison

Kong vs. KrakenD

Q: Does KrakenD support runtime plugins like Kong?

No. KrakenD uses a compiled middleware approach — all functionality is built into the binary or configured via JSON. Custom logic requires Lua scripting, CEL expressions, or recompiling with Go plugins. Kong supports runtime Lua plugins, and Apache APISIX supports runtime plugins in Lua, Go, Wasm, Python, JavaScript, and Java.

Kong and KrakenD take fundamentally different approaches to API gateway design. Kong is a plugin-rich, NGINX-based gateway with a database-backed control plane and extensive enterprise features. KrakenD is a stateless, Go-based API aggregator optimized for low-latency response composition with zero runtime database dependency. This comparison covers raw performance, plugin extensibility, API aggregation, deployment complexity, and total cost of ownership — plus how Apache APISIX delivers the best of both worlds.

Try API7 for Free Book a Demo

Comparison

Kong

KrakenD

API7 Enterprise

Architecture

NGINX/OpenResty (Lua) + PostgreSQL or Cassandra for configuration storage

Go single binary — stateless, no runtime database; configuration loaded at startup

NGINX/OpenResty + etcd — stateless data plane with millisecond configuration sync, no database bottleneck

Performance (QPS)

~16,000 RPS per node with ~3.5ms p99 latency; database-backed clustering adds operational overhead

High throughput (~18,000 RPS) with very low latency due to Go efficiency and zero database dependency

Ultra-high — 23,000 QPS per core, 0.2ms latency; highest throughput among open-source API gateways

API Aggregation

No native backend aggregation; each client request maps to one upstream call

Native backend-for-frontend (BFF) — merges multiple backend responses into a single client response

Request/response transformation plugins and serverless function triggers for response composition

Plugin Ecosystem

100+ plugins available; many advanced plugins (OIDC, OPA, mTLS, rate limiting) locked behind Enterprise

Limited — built-in middleware only; no runtime plugin loading; custom logic requires recompiling or Lua/CEL scripting

100+ fully open-source plugins — auth, traffic, observability, AI — with no enterprise paywall

Deployment Models

Kubernetes, VM, Docker, bare-metal; DB-less mode available but limits clustering and admin API

Docker, Kubernetes; extremely lightweight single binary; no database infrastructure needed

On-prem, multi-cloud, hybrid, edge, Kubernetes-native with Ingress Controller and Gateway API

Security & Auth

JWT, OAuth2, API keys, ACLs, mTLS (Enterprise); Kong Konnect for cloud management

JWT validation, OAuth2, API keys, bot detection; security features via configuration

JWT, OIDC, OAuth2, mTLS, FIPS 140-2, fine-grained RBAC and IAM — all included

Developer Portal

Kong Dev Portal (Enterprise) for API documentation and self-service onboarding

API7 Portal with documentation, monetization, and self-service subscription

Observability

Prometheus, Datadog, Zipkin, OpenTelemetry, Splunk — all via plugins

OpenTelemetry, Jaeger, Zipkin, Prometheus, InfluxDB — all via configuration

OpenTelemetry, Prometheus, Grafana, Datadog, SkyWalking — all open-source integrations

Protocol Support

HTTP/1.1, HTTP/2, gRPC, TCP, UDP, WebSocket, GraphQL

HTTP/1.1, HTTP/2, gRPC, WebSocket; no native TCP/UDP proxy

HTTP/1.1, HTTP/2, HTTP/3, gRPC, TCP, UDP, WebSocket, MQTT, Dubbo, and custom protocols

Configuration Model

Database-backed (PostgreSQL/Cassandra) with admin API; DB-less mode uses declarative YAML

Declarative JSON/YAML loaded at startup; changes require service restart or hot-reload

etcd-backed with millisecond propagation; zero-downtime hot reload; admin API + declarative mode

Pricing Model

Free OSS tier; Enterprise at ~$50K+/year with per-service pricing

Free Community Edition; Enterprise with transparent per-node pricing, not tied to traffic

CPU-core based subscription; fraction of Kong Enterprise cost

Vendor Lock-in

Controlled by Kong Inc.; Enterprise features proprietary; potential licensing changes

Open-source (Apache 2.0 Community); Enterprise is proprietary; limited plugin ecosystem reduces flexibility

None — built on Apache APISIX, Apache 2.0 licensed, governed by Apache Software Foundation

What to consider most when choosing the API gateway

1. Architecture Philosophy

Kong follows a traditional API gateway architecture: NGINX handles request proxying, Lua plugins add functionality, and PostgreSQL or Cassandra stores configuration. This design supports rich plugin extensibility and a full-featured admin API, but the database dependency adds operational complexity — backup strategies, scaling considerations, and potential single points of failure.

KrakenD takes a radically different approach. It is a stateless single binary with zero runtime database dependency. Configuration is loaded from a JSON file at startup. This makes KrakenD extremely lightweight and easy to deploy, but it sacrifices runtime plugin loading and dynamic configuration updates. Every configuration change requires a restart or hot-reload cycle.

Apache APISIX combines the best aspects of both. Like Kong, it runs on NGINX/OpenResty with full plugin extensibility. Like KrakenD, its data plane is stateless — etcd stores configuration externally, and each APISIX node loads configuration through etcd watch with millisecond propagation. No PostgreSQL, no Cassandra, no restart needed for configuration changes.

2. Performance Benchmarks

Kong handles approximately 16,000 requests per second per node with 3.5ms p99 latency. Its NGINX foundation provides solid baseline performance, but each plugin in the request chain adds latency. Kong's database-backed configuration can introduce additional overhead during cluster synchronization.

KrakenD achieves approximately 18,000 RPS with very low latency, benefiting from Go's efficient concurrency model and the absence of runtime database calls. Its stateless architecture eliminates synchronization overhead. However, KrakenD's performance advantage narrows when complex middleware chains are configured, as it lacks the NGINX event loop optimizations.

Apache APISIX reaches 23,000 QPS per core with 0.2ms average latency — outperforming both Kong and KrakenD. In published benchmarks, APISIX consistently delivers the highest throughput among open-source API gateways. Its NGINX event loop handles concurrent connections efficiently, while etcd watch ensures configuration changes propagate instantly without performance degradation.

3. Plugin Extensibility vs Simplicity

Kong's plugin ecosystem is its greatest strength. With 100+ available plugins covering authentication, traffic control, observability, and transformation, Kong can handle almost any API gateway use case. The trade-off: many advanced plugins (OIDC, OPA, mTLS, advanced rate limiting) require an Enterprise license starting at $50K+/year.

KrakenD takes the opposite approach — simplicity over extensibility. Built-in middleware covers common use cases (JWT validation, rate limiting, CORS, response manipulation), but there is no runtime plugin system. Custom logic requires Lua scripting, CEL expressions, or recompiling with Go plugins. This makes KrakenD predictable and fast but limits flexibility for complex API management scenarios.

Apache APISIX provides 100+ plugins that are all open-source with no enterprise paywall. Custom plugins can be written in Lua, Go, Wasm, Python, JavaScript, or Java — loaded at runtime without gateway restart. This gives APISIX Kong-level extensibility with KrakenD-level operational simplicity (no database, stateless nodes).

4. API Aggregation and BFF Patterns

Kong is a pure reverse proxy — each client request maps to one upstream service call. If a client needs data from multiple backends, the client must make separate requests or you must build a custom aggregation layer. Kong does not natively support backend-for-frontend patterns.

KrakenD's standout feature is native API aggregation. It can merge responses from multiple backend services into a single client response, filter unnecessary fields, and reshape data — all through configuration. This makes KrakenD excellent for mobile and single-page applications that need to minimize network round-trips.

Apache APISIX handles response composition through its serverless function plugins and request/response transformation capabilities. While not as declarative as KrakenD's native aggregation, APISIX's approach is more flexible — supporting custom Lua logic, Wasm functions, and external service calls within the request pipeline. For teams that need both high-performance proxying and response composition, API7 Enterprise provides the complete solution.

5. When to Choose Each Solution

Choose Kong if you need a mature API gateway ecosystem with extensive third-party integrations, are willing to pay for Enterprise features, and want a large community and established support network. Kong is strongest for organizations that prioritize plugin availability over raw performance.

Choose KrakenD if your primary need is API aggregation and backend-for-frontend patterns, you want zero database dependency, and your use case is well-served by built-in middleware without custom plugin requirements. KrakenD excels at reducing mobile/SPA network round-trips through declarative response composition.

Choose Apache APISIX / API7 Enterprise if you need the highest performance, full plugin extensibility without enterprise paywalls, dynamic configuration without restarts, and multi-protocol support. APISIX delivers Kong-level functionality with KrakenD-level operational simplicity — at a fraction of the cost. Contact API7 for a technical evaluation.

Frequently Asked Questions

Ready to get started?

For more information about full API lifecycle management, please contact us to Meet with our API Experts.