安装

# db-less模式
docker run -d --name kong888 -e "KONG_DATABASE=off" \
     -e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
     -e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
     -e "KONG_PROXY_ERROR_LOG=/dev/stderr" \
     -e "KONG_ADMIN_ERROR_LOG=/dev/stderr" \
     -e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
     -p 8000:8000 \
     -p 8443:8443 \
     -p 8001:8001 \
     -p 8444:8444 kong:1.1.2-centos
# 测试     
curl -i http://localhost:8001/
curl http://localhost:8001/metrics
curl http://localhost:8001/status |jq
docker exec -it kong888 kong reload

# 端口说明
:8000 on which Kong listens for incoming HTTP traffic from your clients, and forwards it to your upstream services.
:8443 on which Kong listens for incoming HTTPS traffic. This port has a similar behavior as the :8000 port, except that it expects HTTPS traffic only. This port can be disabled via the configuration file.
:8001 on which the Admin API used to configure Kong listens.
:8444 on which the Admin API listens for HTTPS traffic.
# 配置文件
/usr/local/kong/nginx-kong-stream.conf
/usr/local/kong/nginx-kong.conf
/usr/local/kong/nginx.conf

测试

Admin API

curl -X POST http://192.168.33.26:8001/upstreams --data "name=hello"
curl -X POST http://192.168.33.26:8001/upstreams/hello/targets --data "target=localhost:3000" --data "weight=100"
curl -X POST http://192.168.33.26:8001/upstreams/hello/targets --data "target=localhost:3001" --data "weight=100"
curl -X POST http://192.168.33.26:8001/services --data "name=hello" --data "host=hello"
curl -X POST http://192.168.33.26:8001/routes --data "paths[]=/" --data "service.id=8695cc65-16c1-43b1-95a1-5d30d0a50409"

# 插件
curl -X POST http://localhost:8001/services/hello/plugins --data "name=rate-limiting" --data "config.second=50"
curl -X POST http://localhost:8001/services/login/plugins --data "name=jwt"

# 同理,插件也可以安装在 route 之上
curl -X POST http://localhost:8001/routes/{routeId}/plugins --data "name=rate-limiting" --data "config.second=50"
curl -X POST http://localhost:8001/routes/{routeId}/plugins --data "name=jwt"


{"name":"operation unsupported","message":"cannot create 'upstreams' entities when not using a database","code":12}

DB-less and Declarative Configuration

docker exec -it kong888 /bin/bash
kong config -c kong.conf init
cat kong.yml
# ------------------------------------------------------------------------------
# This is an example file to get you started with using
# declarative configuration in Kong.
# ------------------------------------------------------------------------------

# Metadata fields start with an underscore (_)
# Fields that do not start with an underscore represent Kong entities and attributes

# _format_version is mandatory,
# it specifies the minimum version of Kong that supports the format

_format_version: "1.1"

# Each Kong entity (core entity or custom entity introduced by a plugin)
# can be listed in the top-level as an array of objects:

upstreams:
- name: hello
  targets:
  - target: 192.168.33.26:30741
    weight: 100
  - target: 192.168.33.27:30741
    weight: 100


services:
- name: example-service
#  url: http://example.com
  host: hello
#  routes:
#  - name: example-route
#    paths:
#    - /


routes:
- name: another-route
  service: example-service
  hosts: ["hello.com"]
#  paths:
#  - /


# services:
# - name: example-service
#   url: http://example.com
#   # Entities can store tags as metadata
#   tags:
#   - example
#   # Entities that have a foreign-key relationship can be nested:
#   routes:
#   - name: example-route
#     paths:
#     - /
#   plugins:
#   - name: key-auth
# - name: another-service
#   url: https://example.org

# routes:
# - name: another-route
#   # Relationships can also be specified between top-level entities,
#   # either by name or by id
#   service: example-service
#   hosts: ["hello.com"]

# consumers:
# - username: example-user
#   # Custom entities from plugin can also be specified
#   # If they specify a foreign-key relationshp, they can also be nested
#   keyauth_credentials:
#   - key: my-key
#   plugins:
#   - name: rate-limiting
#     _comment: "these are default rate-limits for user example-user"
#     config:
#       policy: local
#       second: 5
#       hour: 10000

# When an entity has multiple foreign-key relationships
# (e.g. a plugin matching on both consumer and service)
# it must be specified as a top-level entity, and not through
# nesting.

# plugins:
# - name: rate-limiting
#   consumer: example-user
#   service: another-service
#   _comment: "example-user is extra limited when using another-service"
#   config:
#     hour: 2
#   # tags are for your organization only and have no meaning for Kong:
#   tags:
#   - extra_limits
#   - my_tag
curl  -X POST -F "config=@kong.yml" --url http://192.168.33.26:8001/config

{
  "services": {
    "3749d4d5-2d37-410a-aaa8-2dba315f34ac": {
      "host": "hello",
      "created_at": 1561446130,
      "connect_timeout": 60000,
      "id": "3749d4d5-2d37-410a-aaa8-2dba315f34ac",
      "protocol": "http",
      "name": "example-service",
      "read_timeout": 60000,
      "port": 80,
      "updated_at": 1561446130,
      "write_timeout": 60000,
      "retries": 5
    }
  },
  "routes": {
    "b7fb6999-3803-4480-bb2d-731e5f9e0874": {
      "service": {
        "id": "3749d4d5-2d37-410a-aaa8-2dba315f34ac"
      },
      "created_at": 1561446130,
      "id": "b7fb6999-3803-4480-bb2d-731e5f9e0874",
      "hosts": [
        "hello.com"
      ],
      "name": "another-route",
      "strip_path": true,
      "preserve_host": false,
      "regex_priority": 0,
      "updated_at": 1561446130,
      "protocols": [
        "http",
        "https"
      ]
    }
  },
  "targets": {
    "35c40828-f4e7-40a6-b740-88e7b8d3ba4d": {
      "created_at": 1561446130.703,
      "upstream": {
        "id": "45ceaabf-975b-4ec2-a5c0-6ff6783e34d6"
      },
      "id": "35c40828-f4e7-40a6-b740-88e7b8d3ba4d",
      "target": "192.168.33.26:30741",
      "weight": 100
    },
    "27475efd-437f-4e0d-b48f-2e5e0817e87f": {
      "created_at": 1561446130.703,
      "upstream": {
        "id": "45ceaabf-975b-4ec2-a5c0-6ff6783e34d6"
      },
      "id": "27475efd-437f-4e0d-b48f-2e5e0817e87f",
      "target": "192.168.33.27:30741",
      "weight": 100
    }
  },
  "upstreams": {
    "45ceaabf-975b-4ec2-a5c0-6ff6783e34d6": {
      "created_at": 1561446130,
      "hash_on": "none",
      "id": "45ceaabf-975b-4ec2-a5c0-6ff6783e34d6",
      "name": "hello",
      "healthchecks": {
        "active": {
          "https_verify_certificate": true,
          "http_path": "/",
          "timeout": 1,
          "concurrency": 10,
          "healthy": {
            "http_statuses": [
              200,
              302
            ],
            "interval": 0,
            "successes": 0
          },
          "unhealthy": {
            "http_statuses": [
              429,
              404,
              500,
              501,
              502,
              503,
              504,
              505
            ],
            "tcp_failures": 0,
            "timeouts": 0,
            "http_failures": 0,
            "interval": 0
          },
          "type": "http"
        },
        "passive": {
          "unhealthy": {
            "http_failures": 0,
            "http_statuses": [
              429,
              500,
              503
            ],
            "tcp_failures": 0,
            "timeouts": 0
          },
          "type": "http",
          "healthy": {
            "http_statuses": [
              200,
              201,
              202,
              203,
              204,
              205,
              206,
              207,
              208,
              226,
              300,
              301,
              302,
              303,
              304,
              305,
              306,
              307,
              308
            ],
            "successes": 0
          }
        }
      },
      "hash_on_cookie_path": "/",
      "hash_fallback": "none",
      "slots": 10000
    }
  }
}

curl -H "host:hello.com" http://192.168.33.26:8000
Hostname: who333
IP: 127.0.0.1
IP: 172.20.1.22
GET / HTTP/1.1
Host: 192.168.33.26:30741
User-Agent: curl/7.58.0
Accept: */*
Connection: keep-alive
X-Forwarded-For: 192.168.33.1
X-Forwarded-Host: hello.com
X-Forwarded-Port: 8000
X-Forwarded-Proto: http
X-Real-Ip: 192.168.33.1

dashboard

kong-dashboard

# https://github.com/PGBI/kong-dashboard
docker run --rm -p 27071:8080 pgbi/kong-dashboard start --kong-url http://192.168.33.26:8001

konga

docker run -d --name konga -p 21337:1337 -e "DB_ADAPTER=postgres" \
             -e "DB_HOST=192.168.33.26" \
             -e "DB_PORT=30007" \
             -e "DB_USER=postgres" \
             -e "DB_PASSWORD=postgres" \
             -e "DB_DATABASE=konga" \
             -e "NODE_ENV=development" \
             pantsel/konga
docker stop konga && docker rm konga             

集群

参考