尝试使用Docker来运行Kong和Konga,并添加API
Kong 是一个开源的微服务API网关平台。
可以在Docker上启动。
孔/docker-kong
我会准备一个类似以下的 docker-compose.yml 文件。
version: '3.7'
volumes:
kong_data: {}
networks:
kong-net:
external: false
services:
kong-migrations:
image: "${KONG_DOCKER_TAG:-kong:latest}"
command: kong migrations bootstrap
depends_on:
- db
environment:
KONG_DATABASE: postgres
KONG_PG_DATABASE: ${KONG_PG_DATABASE:-kong}
KONG_PG_HOST: db
KONG_PG_USER: ${KONG_PG_USER:-kong}
KONG_PG_PASSWORD_FILE: /run/secrets/kong_postgres_password
secrets:
- kong_postgres_password
networks:
- kong-net
restart: on-failure
deploy:
restart_policy:
condition: on-failure
kong-migrations-up:
image: "${KONG_DOCKER_TAG:-kong:latest}"
command: kong migrations up && kong migrations finish
depends_on:
- db
environment:
KONG_DATABASE: postgres
KONG_PG_DATABASE: ${KONG_PG_DATABASE:-kong}
KONG_PG_HOST: db
KONG_PG_USER: ${KONG_PG_USER:-kong}
KONG_PG_PASSWORD_FILE: /run/secrets/kong_postgres_password
secrets:
- kong_postgres_password
networks:
- kong-net
restart: on-failure
deploy:
restart_policy:
condition: on-failure
kong:
image: "${KONG_DOCKER_TAG:-kong:latest}"
user: "${KONG_USER:-kong}"
depends_on:
- db
environment:
KONG_ADMIN_ACCESS_LOG: /dev/stdout
KONG_ADMIN_ERROR_LOG: /dev/stderr
KONG_PROXY_LISTEN: "${KONG_PROXY_LISTEN:-0.0.0.0:8000}"
KONG_ADMIN_LISTEN: "${KONG_ADMIN_LISTEN:-0.0.0.0:8001}"
KONG_CASSANDRA_CONTACT_POINTS: db
KONG_DATABASE: postgres
KONG_PG_DATABASE: ${KONG_PG_DATABASE:-kong}
KONG_PG_HOST: db
KONG_PG_USER: ${KONG_PG_USER:-kong}
KONG_PROXY_ACCESS_LOG: /dev/stdout
KONG_PROXY_ERROR_LOG: /dev/stderr
KONG_PG_PASSWORD_FILE: /run/secrets/kong_postgres_password
secrets:
- kong_postgres_password
networks:
- kong-net
ports:
- "8000:8000/tcp"
- "127.0.0.1:8001:8001/tcp"
- "8443:8443/tcp"
- "127.0.0.1:8444:8444/tcp"
healthcheck:
test: ["CMD", "kong", "health"]
interval: 10s
timeout: 10s
retries: 10
restart: on-failure
deploy:
restart_policy:
condition: on-failure
db:
image: postgres:9.5
environment:
POSTGRES_DB: ${KONG_PG_DATABASE:-kong}
POSTGRES_USER: ${KONG_PG_USER:-kong}
POSTGRES_PASSWORD_FILE: /run/secrets/kong_postgres_password
secrets:
- kong_postgres_password
healthcheck:
test: ["CMD", "pg_isready", "-U", "${KONG_PG_USER:-kong}"]
interval: 30s
timeout: 30s
retries: 3
restart: on-failure
deploy:
restart_policy:
condition: on-failure
stdin_open: true
tty: true
networks:
- kong-net
volumes:
- kong_data:/var/lib/postgresql/data
secrets:
kong_postgres_password:
file: ./POSTGRES_PASSWORD
在同一个目录下准备POSTGRES_PASSWORD,将其设置为PostgresSQL的密码kong(与 [GitHub repository](https://github.com/) 一致)。
当启动docker-compose,Kong将开始运行。
$ docker-compose up
下一步,我们将按照教程尝试使用 Kong。
Kong 网关 (OSS) 入门指南
服务设置
我要在 Kong 中添加第一个服务。
服务对象
$ curl -i -X POST \
--url http://localhost:8001/services/ \
--data 'name=example-service' \
--data 'url=http://mockbin.org'
## 以下、レスポンスです
HTTP/1.1 201 Created
Date: Mon, 24 May 2021 14:33:14 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 361
X-Kong-Admin-Latency: 19
Server: kong/2.4.1
{"updated_at":1621866794,"read_timeout":60000,"ca_certificates":null,"write_timeout":60000,"host":"mockbin.org","protocol":"http","tls_verify":null,"retries":5,"tls_verify_depth":null,"path":null,"client_certificate":null,"port":80,"name":"example-service","tags":null,"connect_timeout":60000,"id":"9ff4a83a-54b4-43cf-a9d6-d2439a40fd13","created_at":1621866794}%
追加的 Service 可以在 http://localhost:8001/services 查看。
添加路由
在之前创建的服务中,添加名为Route的路由设置。
一个服务可以关联多个路由。
Route 实体定义了与客户端请求匹配的规则。
路由对象
$ curl -i -X POST \
--url http://localhost:8001/services/example-service/routes \
--data 'hosts[]=example.com'
## 以下、レスポンス
HTTP/1.1 201 Created
Date: Mon, 24 May 2021 14:35:08 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 480
X-Kong-Admin-Latency: 12
Server: kong/2.4.1
{"updated_at":1621866908,"service":{"id":"9ff4a83a-54b4-43cf-a9d6-d2439a40fd13"},"tags":null,"request_buffering":true,"response_buffering":true,"https_redirect_status_code":426,"preserve_host":false,"paths":null,"methods":null,"sources":null,"destinations":null,"protocols":["http","https"],"hosts":["example.com"],"strip_path":true,"path_handling":"v0","created_at":1621866908,"regex_priority":0,"headers":null,"name":null,"id":"4b29c91b-bd88-42f5-bc5e-9a69c6d4f18a","snis":null}
fj@fjshnoMacBook-Pro: ~
最后,我们尝试通过 Kong 转发请求。
$ curl -i -X GET \
--url http://localhost:8000/ \
--header 'Host: example.com'
当发送类似的请求时,将会将请求转发到最初 Service 的 –data ‘url=http://mockbin.org’ 设置的http://mockbin.org。
如果向/apis/进行POST请求时返回”Not found”,那么
$ curl -i -X POST \
> --url http://localhost:8001/apis/ \
> --data 'name=mockbin' \
> --data 'upstream_url=http://mockbin.com/' \
> --data 'request_host=mockbin.com'
HTTP/1.1 404 Not Found
Date: Mon, 24 May 2021 14:21:19 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 23
X-Kong-Admin-Latency: 0
Server: kong/2.4.1
{"message":"Not found"}%
当使用/apis/时返回404错误是因为Kong版本更新,导致/apis的终点被废弃。
找不到:/apis
使用 Konga,更轻松地操作 Kong Admin API。
GitHub – 孔嘉
Docker Hub – 孔嘉
将 Konga 的配置添加到 docker-compose.yml 中。
如果不将网络设置为与kong相同,接下来创建连接的时候会出现错误。
konga:
image: pantsel/konga
ports:
- "1337:1337"
environment:
- "DB_ADAPTER=postgres"
- "DB_HOST=konga-db"
- "DB_USER=konga"
- "DB_PASSWORD=konga"
restart: "on-failure:3"
networks:
- kong-net
depends_on:
- konga-db
konga-db:
image: "postgres:9.6"
environment:
POSTGRES_USER: "konga"
POSTGRES_PASSWORD: "konga"
POSTGRES_DB: "konga"
networks:
- kong-net
volumes:
- ./konga_data:/var/lib/postgresql/data
启动Docker。
$ docker-compose up
在本地主机的端口1337上,打开Konga的注册页面。
当您适当地注册一个管理员用户时,您可以登录到Konga的欢迎页面。
我尝试将对http://localhost:8000/mock的请求转发到https://www.yahoo.co.jp。
打开仪表板左侧边栏的“服务”选项,点击“添加新服务”按钮来创建一个新的服务。
名称:forward-service
协议:https
主机:www.yahoo.co.jp
端口:443
在服务下创建路由。(只有创建了服务才能创建路由。)
名称:模拟
主机:本地主机
路径:/模拟
方法:GET
点击「提交更改」按钮,创建路由。
当然,当您在浏览器中敲击 http://localhost:8000/mock 时,将会显示Yahoo的界面。
Kong 可以将请求转发到后端服务器。
