Money Asset Lifestyle

  • June 4, 2025
  • David Quaid

Kong Pulls the Plug on FreeOpen Source Support, Users Left Scrambling

What Did Kong Do?

Starting with version 3.10, Kong stopped publishing prebuilt Docker images for Kong OSS (Open Source Software). This change was not widely announced and caught many users by surprise during routine upgrades. Previously, teams could simply update the version tag in their Helm charts or manifests and pull the latest prebuilt image from Docker Hub. With the 3.10 release, users must now build the Kong OSS image from source themselves, which introduces significant operational overhead. This includes:

  • Building, patching, and testing the image from source
  • Hardening and maintaining the custom image
  • Ensuring ongoing security and compliance (e.g., CVE patching)
  • Managing the full lifecycle of the image in production environments
  • No official Docker images, changelog warnings, or clear communications accompanied the change, leading to silent failures for teams expecting a routine upgrade

How Does This Affect Users?

This shift has several major impacts:

  • Increased Operational Burden: Teams must now maintain their own Docker build pipelines for Kong OSS, including security patching and compliance checks, which were previously handled by Kong.
  • Upgrade Risks: Without prebuilt images, upgrades are riskier and more time-consuming, potentially exposing organizations to unpatched vulnerabilities if they stay on older versions (like 3.9).
  • Production Stability: Teams may freeze upgrades to avoid production incidents, but this leaves them without security patches, CVE fixes, or upstream support.
  • Migration Pressure: Many organizations are now considering or actively migrating away from Kong OSS to alternatives like Traefik, Apache APISIX, or Envoy, depending on their needs for CRD support, plugin flexibility, or raw performance.

What Is Tetrate Doing to Help?

Tetrate has responded to this situation by providing a community-supported, prebuilt Kong OSS Docker image. Their offering aims to fill the gap left by Kong’s decision and help the open-source community continue using Kong OSS without the operational overhead of building from source. Key points about Tetrate’s solution:

  • Prebuilt Images: Tetrate builds and verifies Docker images for Kong OSS, making them available for public use.
  • Security and Compliance: Images are scanned for vulnerabilities, and Tetrate commits to updating them with security patches and CVE fixes.
  • Documentation and Transparency: Tetrate provides clear documentation and changelogs, helping teams plan upgrades and maintain compliance.

Share

Related Posts

The Essential Cybersecurity Tools for 2025: A CISO’s Deep Dive

Table of Contents CyberSaint: Mastering Cyber Risk Quantification

Kong Pulls the Plug on FreeOpen Source Support, Users Left Scrambling

What Did Kong Do? Starting with version 3.10,

Top SaaS, Tech, and Financial Tools for Startups in 2025

Launching a startup in 2025 means leveraging the

hero-image

Financial Independence And Retire Early- FIRE

FIRE stands for Financial Independence, Retire Early. It

Self Administered Pensions in Ireland

Unlike conventional pension schemes where investment decisions are

Self Administered Pensions

The Power of Networking: How OpenCoffee Transformed My SEO Success

When it comes to building a successful career

All Rights Reserved 2024.

Proudly powered by WordPress | Theme: Allure News by Candid Themes.