Each Kong plugin adds cumulative latency (1-10ms per plugin), causing total request latency to balloon unexpectedly as plugins stack. Six plugins can add 15-20ms to every request, multiplying impact at scale.
Kong rapidly creates and destroys upstream connections when keepalive isn't working properly, causing CPU spikes and connection exhaustion. Default keepalive of 1000 connections × 20 upstreams = 20,000 open connections, overwhelming backend services.
Kong resolves upstream hostnames for every request by default, adding 20-100ms latency per request. This DNS lookup overhead becomes a severe bottleneck at high request rates.
Kong's default mem_cache_size of 128MB is insufficient for production, causing excessive database queries for configuration lookups. Real deployments with 10,000+ routes and complex regex patterns require significantly more memory than documented.
Kong's Prometheus plugin is a memory hog consuming +500MB per worker and adding 2ms latency per request. It periodically scans all entities, causing CPU spikes that can peg CPU at 100%.
Kong returns 502 Bad Gateway errors even when backend services are healthy, caused by connection limits, DNS failures, network timeouts, or health check misconfigurations marking upstreams as down incorrectly.
Kong's Active Tracing (now Konnect Debugger) provides OpenTelemetry-compatible traces showing exact plugin execution time, phase durations, and upstream latency breakdown—revealing bottlenecks invisible to external APM tools.
Kong's readiness endpoint doesn't immediately respond 200 OK after startup because it takes time to load configuration and build data structures. Load balancers using this probe may prematurely route traffic to unready nodes.
Overly broad route regex patterns (like catching any path starting with 'p') can hijack requests intended for other routes. Kong processes routes in priority order, so catch-all patterns must be carefully ordered to avoid stealing traffic.
