kong
文章目录
安装
# db-less模式
docker run -d --name kong888 -e "KONG_DATABASE=off" \
-e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
-e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
-e "KONG_PROXY_ERROR_LOG=/dev/stderr" \
-e "KONG_ADMIN_ERROR_LOG=/dev/stderr" \
-e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
-p 8000:8000 \
-p 8443:8443 \
-p 8001:8001 \
-p 8444:8444 kong:1.1.2-centos
# 测试
curl -i http://localhost:8001/
curl http://localhost:8001/metrics
curl http://localhost:8001/status |jq
docker exec -it kong888 kong reload
# 端口说明
:8000 on which Kong listens for incoming HTTP traffic from your clients, and forwards it to your upstream services.
:8443 on which Kong listens for incoming HTTPS traffic. This port has a similar behavior as the :8000 port, except that it expects HTTPS traffic only. This port can be disabled via the configuration file.
:8001 on which the Admin API used to configure Kong listens.
:8444 on which the Admin API listens for HTTPS traffic.
# 配置文件
/usr/local/kong/nginx-kong-stream.conf
/usr/local/kong/nginx-kong.conf
/usr/local/kong/nginx.conf
测试
Admin API
curl -X POST http://192.168.33.26:8001/upstreams --data "name=hello"
curl -X POST http://192.168.33.26:8001/upstreams/hello/targets --data "target=localhost:3000" --data "weight=100"
curl -X POST http://192.168.33.26:8001/upstreams/hello/targets --data "target=localhost:3001" --data "weight=100"
curl -X POST http://192.168.33.26:8001/services --data "name=hello" --data "host=hello"
curl -X POST http://192.168.33.26:8001/routes --data "paths[]=/" --data "service.id=8695cc65-16c1-43b1-95a1-5d30d0a50409"
# 插件
curl -X POST http://localhost:8001/services/hello/plugins --data "name=rate-limiting" --data "config.second=50"
curl -X POST http://localhost:8001/services/login/plugins --data "name=jwt"
# 同理,插件也可以安装在 route 之上
curl -X POST http://localhost:8001/routes/{routeId}/plugins --data "name=rate-limiting" --data "config.second=50"
curl -X POST http://localhost:8001/routes/{routeId}/plugins --data "name=jwt"
{"name":"operation unsupported","message":"cannot create 'upstreams' entities when not using a database","code":12}
DB-less and Declarative Configuration
docker exec -it kong888 /bin/bash
kong config -c kong.conf init
cat kong.yml
# ------------------------------------------------------------------------------
# This is an example file to get you started with using
# declarative configuration in Kong.
# ------------------------------------------------------------------------------
# Metadata fields start with an underscore (_)
# Fields that do not start with an underscore represent Kong entities and attributes
# _format_version is mandatory,
# it specifies the minimum version of Kong that supports the format
_format_version: "1.1"
# Each Kong entity (core entity or custom entity introduced by a plugin)
# can be listed in the top-level as an array of objects:
upstreams:
- name: hello
targets:
- target: 192.168.33.26:30741
weight: 100
- target: 192.168.33.27:30741
weight: 100
services:
- name: example-service
# url: http://example.com
host: hello
# routes:
# - name: example-route
# paths:
# - /
routes:
- name: another-route
service: example-service
hosts: ["hello.com"]
# paths:
# - /
# services:
# - name: example-service
# url: http://example.com
# # Entities can store tags as metadata
# tags:
# - example
# # Entities that have a foreign-key relationship can be nested:
# routes:
# - name: example-route
# paths:
# - /
# plugins:
# - name: key-auth
# - name: another-service
# url: https://example.org
# routes:
# - name: another-route
# # Relationships can also be specified between top-level entities,
# # either by name or by id
# service: example-service
# hosts: ["hello.com"]
# consumers:
# - username: example-user
# # Custom entities from plugin can also be specified
# # If they specify a foreign-key relationshp, they can also be nested
# keyauth_credentials:
# - key: my-key
# plugins:
# - name: rate-limiting
# _comment: "these are default rate-limits for user example-user"
# config:
# policy: local
# second: 5
# hour: 10000
# When an entity has multiple foreign-key relationships
# (e.g. a plugin matching on both consumer and service)
# it must be specified as a top-level entity, and not through
# nesting.
# plugins:
# - name: rate-limiting
# consumer: example-user
# service: another-service
# _comment: "example-user is extra limited when using another-service"
# config:
# hour: 2
# # tags are for your organization only and have no meaning for Kong:
# tags:
# - extra_limits
# - my_tag
curl -X POST -F "config=@kong.yml" --url http://192.168.33.26:8001/config
{
"services": {
"3749d4d5-2d37-410a-aaa8-2dba315f34ac": {
"host": "hello",
"created_at": 1561446130,
"connect_timeout": 60000,
"id": "3749d4d5-2d37-410a-aaa8-2dba315f34ac",
"protocol": "http",
"name": "example-service",
"read_timeout": 60000,
"port": 80,
"updated_at": 1561446130,
"write_timeout": 60000,
"retries": 5
}
},
"routes": {
"b7fb6999-3803-4480-bb2d-731e5f9e0874": {
"service": {
"id": "3749d4d5-2d37-410a-aaa8-2dba315f34ac"
},
"created_at": 1561446130,
"id": "b7fb6999-3803-4480-bb2d-731e5f9e0874",
"hosts": [
"hello.com"
],
"name": "another-route",
"strip_path": true,
"preserve_host": false,
"regex_priority": 0,
"updated_at": 1561446130,
"protocols": [
"http",
"https"
]
}
},
"targets": {
"35c40828-f4e7-40a6-b740-88e7b8d3ba4d": {
"created_at": 1561446130.703,
"upstream": {
"id": "45ceaabf-975b-4ec2-a5c0-6ff6783e34d6"
},
"id": "35c40828-f4e7-40a6-b740-88e7b8d3ba4d",
"target": "192.168.33.26:30741",
"weight": 100
},
"27475efd-437f-4e0d-b48f-2e5e0817e87f": {
"created_at": 1561446130.703,
"upstream": {
"id": "45ceaabf-975b-4ec2-a5c0-6ff6783e34d6"
},
"id": "27475efd-437f-4e0d-b48f-2e5e0817e87f",
"target": "192.168.33.27:30741",
"weight": 100
}
},
"upstreams": {
"45ceaabf-975b-4ec2-a5c0-6ff6783e34d6": {
"created_at": 1561446130,
"hash_on": "none",
"id": "45ceaabf-975b-4ec2-a5c0-6ff6783e34d6",
"name": "hello",
"healthchecks": {
"active": {
"https_verify_certificate": true,
"http_path": "/",
"timeout": 1,
"concurrency": 10,
"healthy": {
"http_statuses": [
200,
302
],
"interval": 0,
"successes": 0
},
"unhealthy": {
"http_statuses": [
429,
404,
500,
501,
502,
503,
504,
505
],
"tcp_failures": 0,
"timeouts": 0,
"http_failures": 0,
"interval": 0
},
"type": "http"
},
"passive": {
"unhealthy": {
"http_failures": 0,
"http_statuses": [
429,
500,
503
],
"tcp_failures": 0,
"timeouts": 0
},
"type": "http",
"healthy": {
"http_statuses": [
200,
201,
202,
203,
204,
205,
206,
207,
208,
226,
300,
301,
302,
303,
304,
305,
306,
307,
308
],
"successes": 0
}
}
},
"hash_on_cookie_path": "/",
"hash_fallback": "none",
"slots": 10000
}
}
}
curl -H "host:hello.com" http://192.168.33.26:8000
Hostname: who333
IP: 127.0.0.1
IP: 172.20.1.22
GET / HTTP/1.1
Host: 192.168.33.26:30741
User-Agent: curl/7.58.0
Accept: */*
Connection: keep-alive
X-Forwarded-For: 192.168.33.1
X-Forwarded-Host: hello.com
X-Forwarded-Port: 8000
X-Forwarded-Proto: http
X-Real-Ip: 192.168.33.1
dashboard
kong-dashboard
# https://github.com/PGBI/kong-dashboard
docker run --rm -p 27071:8080 pgbi/kong-dashboard start --kong-url http://192.168.33.26:8001
konga
docker run -d --name konga -p 21337:1337 -e "DB_ADAPTER=postgres" \
-e "DB_HOST=192.168.33.26" \
-e "DB_PORT=30007" \
-e "DB_USER=postgres" \
-e "DB_PASSWORD=postgres" \
-e "DB_DATABASE=konga" \
-e "NODE_ENV=development" \
pantsel/konga
docker stop konga && docker rm konga
集群
参考
- 全部的插件
- DB-less and Declarative Configuration
- API网关Kong学习笔记(二十六):Kong 1.1引入db-less模式,无数据库部署
- Kong 1.1 Released!
- Admin API for DB-less Mode
- 初识 Kong 之负载均衡
- 使用 Nginx 实现灰度发布
- 蓝绿部署、金丝雀发布(灰度发布)、A/B测试的准确定义
- A/B testing + Canary releasing
- Blue-green Deployments, A/B Testing, and Canary Releases
- How To Target Your Users with Nginx Analytics and A/B Testing
- nginx map配置根据请求头不同分配流量到不同后端服务
- nginx使用map配置AB测试环境
- Nginx map 使用详解
- kong插件应用(熔断 限流,黑白名单,认证(basic,key,jwt,hmac,),授权,加密,zipkin链路跟踪,日志, prometheus可视化, 爬虫控制插件)
上次更新 2019-04-16
原始文档 查看本文 Markdown 版本 »