Kong 入门简介

一、Kong安装

1.创建网络

sudo docker network create kong-net

2.创建数据库(采用postgres)

sudo docker run -d --name kong-database \
--network=kong-net \
-p 5432:5432 \
-e "POSTGRES_USER=kong" \
-e "POSTGRES_DB=kong" \
-e "POSTGRES_PASSWORD=kong" \
postgres:9.6

3.数据库管理工具(非必须)

sudo docker run -d -p 5433:80 --name pgadmin4 \
--network=kong-net \
-e PGADMIN_DEFAULT_EMAIL=admin@123.com \
-e PGADMIN_DEFAULT_PASSWORD=123456 \
dpage/pgadmin4

4.初始化Kong数据库

sudo docker run --rm \
--network=kong-net \
-e "KONG_DATABASE=postgres" \
-e "KONG_PG_HOST=kong-database" \
-e "KONG_PG_PASSWORD=kong" \
-e "KONG_CASSANDRA_CONTACT_POINTS=kong-database" \
kong:latest kong migrations bootstrap

5.创建Kong

sudo docker run -d --name kong \
--network=kong-net \
-e "KONG_DATABASE=postgres" \
-e "KONG_PG_HOST=kong-database" \
-e "KONG_PG_PASSWORD=kong" \
-e "KONG_CASSANDRA_CONTACT_POINTS=kong-database" \
-e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
-e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
-e "KONG_PROXY_ERROR_LOG=/dev/stderr" \
-e "KONG_ADMIN_ERROR_LOG=/dev/stderr" \
-e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
-p 8000:8000 \
-p 8443:8443 \
-p 8001:8001 \
-p 8444:8444 \
kong:latest

6.初始化Konga数据库(推荐的Kong管理后台,实力允许可以进行二开!

sudo docker run --rm --network=kong-net pantsel/konga -c prepare -a postgres -u postgresql://kong:kong@kong-database:5432/konga_db

7.创建Konga

sudo docker run -p 1337:1337 \
 --network=kong-net \
 -e "DB_ADAPTER=postgres" \
 -e "DB_HOST=kong-database" \
 -e "DB_USER=kong" \
 -e "DB_PASSWORD=kong" \
 -e "DB_DATABASE=konga_db" \
 -e "KONGA_HOOK_TIMEOUT=120000" \
 -e "NODE_ENV=production" \
 --name konga \
 pantsel/konga

8.万事大吉

登录http://localhost:1337进入Konga,配置 Kong's admin API的连接,然后激活此链接,炫酷的面板,大吉大利!!!

二、服务初体验

1.添加服务

curl -i -X POST http://localhost:8001/services \
     --data name=example_service \
     --data url='http://mockbin.org'

http://mockbin.org ,点进入你就知道是干啥的了!以下验证此服务

curl -i http://localhost:8001/services/example_service

2.添加路由

curl -i -X POST http://localhost:8001/services/example_service/routes \
--data 'paths[]=/mock' \
 --data 'name=mocking'

以下验证此服务

curl -i -X GET http://localhost:8000/mock

3.添加限流

curl -i -X POST http://localhost:8001/plugins \
--data "name=rate-limiting" \
--data "config.minute=5" \
--data "config.policy=local"

以下验证此服务,每分钟只能请求5次

curl -i -X GET http://localhost:8000/mock/request

超过5次,

{
  "message":"API rate limit exceeded"
}

如下图

4.代理缓存

curl -i -X POST http://localhost:8001/plugins \
--data name=proxy-cache \
--data config.content_type="application/json" \
--data config.cache_ttl=30 \
--data config.strategy=memory

注意抓取请求头的变化(与教程有点出入,不太好使!)

curl -i -X GET http://localhost:8000/mock/request

删除缓存

curl -i -X DELETE http://localhost:8001/proxy-cache

5.身份验证

curl -X POST http://localhost:8001/routes/mocking/plugins \
--data name=key-auth

再次访问服务,HTTP/1.1 401 Unauthorized

设置使用者

curl -i -X POST -d "username=consumer&custom_id=consumer" http://localhost:8001/consumers/

创建凭据,对于此示例,将密钥设置为apikey。如果未输入任何密钥,则Kong将自动生成密钥。

curl -i -X POST http://localhost:8001/consumers/consumer/key-auth -d 'key=apikey'

返回结果如下:

{
	"created_at": 1611110699,
	"id": "6695bd72-16e6-490d-b983-c141c39b5da8",
	"tags": null,
	"ttl": null,
	"key": "apikey",
	"consumer": {
		"id": "cbdec9e6-70aa-4166-9289-e1fe5737ab6e"
	}
}

再次访问服务,返回正常

curl -i http://localhost:8000/mock/request -H 'apikey:apikey'

6.禁用插件(可选)

curl -X GET http://localhost:8001/routes/mocking/plugins/

以下是返回的数据

{
	"next": null,
	"data": [{
		"created_at": 1611109944,
		"id": "e488b6e6-6183-499c-b430-0aa676245ee5",
		"tags": null,
		"enabled": true,
		"protocols": ["grpc", "grpcs", "http", "https"],
		"name": "key-auth",
		"consumer": null,
		"service": null,
		"route": {
			"id": "ed6baf5a-5d32-4550-91d8-661fc3539e44"
		},
		"config": {
			"key_in_query": true,
			"key_names": ["apikey"],
			"key_in_header": true,
			"run_on_preflight": true,
			"anonymous": null,
			"hide_credentials": false,
			"key_in_body": false
		}
	}]
}

禁用此插件

curl -X PATCH http://localhost:8001/routes/mocking/plugins/e488b6e6-6183-499c-b430-0aa676245ee5 \
 --data "enabled=false"

7.负载均衡

配置上游服务

curl -X POST http://localhost:8001/upstreams \
 --data name=upstream

以前配置的服务指向上游

curl -X PATCH http://localhost:8001/services/example_service \
--data host='upstream'

向上游添加目标,此处玩脱了容器卡住多次也不能添加成功

curl -X POST http://localhost:8001/upstreams/upstream/targets \
--data target='mockbin.org:80'

curl -X POST http://localhost:8001/upstreams/upstream/targets \
--data target='httpbin.org:80'

浏览器中访问 http://localhost:8000/mock 进行验证

特别声明文中参考:
https://www.cnblogs.com/jerryqm/p/13030425.html

posted on 2021-01-20 15:50  不会非的猪  阅读(7394)  评论(0编辑  收藏  举报

导航