Kong系列文章
1、配置YUM仓库
sudo yum install -y wget wget https://bintray.com/kong/kong-rpm/rpm -O bintray-kong-kong-rpm.repo export major_version=`grep -oE '[0-9]+\.[0-9]+' /etc/redhat-release | cut -d "." -f1` sed -i -e 's/baseurl.*/&\/centos\/'$major_version''/ bintray-kong-kong-rpm.repo sudo mv bintray-kong-kong-rpm.repo /etc/yum.repos.d/ sudo yum install -y kong
2、安装Postgresql
yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm yum install -y postgresql11 postgresql11-server /usr/pgsql-11/bin/postgresql-11-setup initdb systemctl enable postgresql-11 systemctl start postgresql-11 # 登录psql sudo su postgres psql # 设置密码 postgres=# \password Enter new password: Enter it again: postgres=# # 创建数据库 CREATE USER kong with password 'kong'; CREATE DATABASE kong OWNER kong; grant all privileges on database kong to kong; # 修改安全配置 vim /var/lib/pgsql/11/data/pg_hba.conf # 修改最下面几行 # "local" is for Unix domain socket connections only local all all md5 # IPv4 local connections: host all all 127.0.0.1/32 md5 # IPv6 local connections: host all all ::1/128 md5 # Allow replication connections from localhost, by a user with the # replication privilege. local replication all md5 host replication all 127.0.0.1/32 ident host replication all ::1/128 ident #重启Postgresql systemctl restart postgresql-11
3、配置kong
# 这里需要提前配置kong配置文件,默认/etc/kong/kong.conf.default cp /etc/kong/kong.conf.default /etc/kong/kong.conf # 修改里面的数据库配置,写入用户、密码、数据库、端口等信息 vim /etc/kong/kong.conf [root@master /]# egrep -v "^#|^$|^[[:space:]]+#" /etc/kong/kong.conf database = postgres # Determines which of PostgreSQL or Cassandra pg_host = 127.0.0.1 # Host of the Postgres server. pg_port = 5432 # Port of the Postgres server. pg_timeout = 5000 # Defines the timeout (in ms), for connecting, pg_user = kong # Postgres user. pg_password = kong # Postgres user's password. pg_database = kong # The database name to connect to.
4、执行Migration
[root@master ~]# kong migrations bootstrap -c /etc/kong/kong.conf Bootstrapping database... migrating core on database 'kong'... core migrated up to: 000_base (executed) core migrated up to: 001_14_to_15 (executed) core migrated up to: 002_15_to_1 (executed) core migrated up to: 003_100_to_110 (executed) core migrated up to: 004_110_to_120 (executed) core migrated up to: 005_120_to_130 (executed) core migrated up to: 006_130_to_140 (executed) core migrated up to: 007_140_to_200 (executed) migrating hmac-auth on database 'kong'... hmac-auth migrated up to: 000_base_hmac_auth (executed) hmac-auth migrated up to: 001_14_to_15 (executed) hmac-auth migrated up to: 002_130_to_140 (executed) migrating oauth2 on database 'kong'... oauth2 migrated up to: 000_base_oauth2 (executed) oauth2 migrated up to: 001_14_to_15 (executed) oauth2 migrated up to: 002_15_to_10 (executed) oauth2 migrated up to: 003_130_to_140 (executed) migrating jwt on database 'kong'... jwt migrated up to: 000_base_jwt (executed) jwt migrated up to: 001_14_to_15 (executed) jwt migrated up to: 002_130_to_140 (executed) migrating basic-auth on database 'kong'... basic-auth migrated up to: 000_base_basic_auth (executed) basic-auth migrated up to: 001_14_to_15 (executed) basic-auth migrated up to: 002_130_to_140 (executed) migrating key-auth on database 'kong'... key-auth migrated up to: 000_base_key_auth (executed) key-auth migrated up to: 001_14_to_15 (executed) key-auth migrated up to: 002_130_to_140 (executed) migrating acl on database 'kong'... acl migrated up to: 000_base_acl (executed) acl migrated up to: 001_14_to_15 (executed) acl migrated up to: 002_130_to_140 (executed) migrating session on database 'kong'... session migrated up to: 000_base_session (executed) migrating response-ratelimiting on database 'kong'... response-ratelimiting migrated up to: 000_base_response_rate_limiting (executed) response-ratelimiting migrated up to: 001_14_to_15 (executed) response-ratelimiting migrated up to: 002_15_to_10 (executed) migrating rate-limiting on database 'kong'... rate-limiting migrated up to: 000_base_rate_limiting (executed) rate-limiting migrated up to: 001_14_to_15 (executed) rate-limiting migrated up to: 002_15_to_10 (executed) rate-limiting migrated up to: 003_10_to_112 (executed) 35 migrations processed 35 executed Database is up-to-date
5、启动
修改配置文件kong.conf vim /etc/kong/kong.conf database=off [root@master ~]# kong start -c /etc/kong/kong.conf Kong started [root@master ~]# kong health nginx.......running Kong is healthy at /usr/local/kong
6、测试使用
创建一个Service
如我们在术语部分的介绍,服务是上游服务的抽象,可以是一个应用,或者具体某个接口。Kong 提供了管理接口,我们可以通过请求 8001 管理接口直接创建,也可以通过安装的管理界面,实现的效果是一样的。
curl -i -X POST \
--url http://139.196.189.67:8001/services/ \ --data 'name=baidu-service' \ --data 'url=https://www.baidu.com/'
创建一个routes
创建好服务之后,我们需要创建具体的 API 路由。路由是请求的转发规则,根据 Hostname 和 PATH,将请求转发。
curl -ik -X POST \
--url http://139.196.189.67:8001/services/baidu-service/routes \ --data 'hosts[]=baidu.com' \ --data 'paths[]=/api/baidu'
访问测试
curl -k http://139.196.189.67:8000/api/baidu --header 'Host: baidu.com'
容器部署
1、部署postgresql
1.1 创建网络
docker network create kong-net
1.2 创建数据卷
docker volume create pgsql docker volume create kong konga
1.3 部署postgres:
docker run -d --name kong-database \ --network=kong-net \ -p 54432:5432 \ -e "POSTGRES_PASSWORD=pgsql" \ -v /$your_path/pgsql/data:/var/lib/postgresql/data \ -v /$your_path/pgsql/etc:/etc/postgresql \ postgres:9.6
1.4 添加数据库信息
docker exec -it kong-database bash > su postgres > psql -h localhost --password # 输入密码 # 通过一下语句创建账户和数据库 CREATE USER kong password 'kong'; CREATE DATABASE kong OWNER kong; grant all privileges on database kong to kong; CREATE USER konga password 'konga'; CREATE DATABASE konga OWNER konga; grant all privileges on database konga to konga;
2、部署kong
2.1 准备数据
docker run --rm \ --network=kong-net \ -e "KONG_DATABASE=postgres" \ -e "KONG_PG_HOST=kong-database" \ -e "KONG_PG_USER=kong" \ -e "KONG_PG_PASSWORD=kong" \ -e "KONG_CASSANDRA_CONTACT_POINTS=kong-database" \ kong:latest kong migrations bootstrap
2.2 启动kong
docker run -d --name kong \ --network=kong-net \ -e "KONG_DATABASE=postgres" \ -e "KONG_PG_HOST=kong-database" \ -e "KONG_PG_USER=kong" \ -e "KONG_PG_PASSWORD=kong" \ -e "KONG_CASSANDRA_CONTACT_POINTS=kong-database" \ -e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \ -e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \ -e "KONG_PROXY_ERROR_LOG=/dev/stderr" \ -e "KONG_ADMIN_ERROR_LOG=/dev/stderr" \ -e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \ -p 8000:8000 \ -p 8443:8443 \ -p 8001:8001 \ -p 8444:8444 \ kong:latest