安装API网关Kong
什么是 Kong
Kong 是在客户端和(微)服务间转发API通信的API网关。 下图是使用 Kong 前后的技术架构对比:
在 Centos 上安装 Kong
官方文档:https://konghq.com/install/#kong-community
Kong 支持安装在多个平台上,本文以 Centos为例。
下载软件包
Centos6:https://bintray.com/kong/kong-rpm/download_file?file_path=centos/6/kong-1.3.0.el6.amd64.rpm Centos7:https://bintray.com/kong/kong-rpm/download_file?file_path=centos/7/kong-1.3.0.el7.amd64.rpm
安装
sudo yum install kong-1.3.0.*.noarch.rpm --nogpgcheck
配置 Kong
无数据库模式
无论有没有数据库,Kong 都可以运行。
/etc/kong/kong.conf 中配置数据库:
database = off
选择一个文件夹,生成配置:
kong config init
会在当前目录下生成 kong.yml 文件。
有数据库模式
使用有数据库模式时,可以方便的配合 Konga 管理 Service。 Kong 支持 PostgreSQL 9.5+ 和 Cassandra 3.x.x 作为其数据存储。
我们使用 PostgreSQL。
/etc/kong/kong.conf 中配置数据库:
database = postgres
pg_host = 127.0.0.1
pg_port = 5432
pg_timeout = 5000
pg_user = kong
pg_password =
pg_database = kong
执行数据库迁移:
kong migrations bootstrap [-c /path/to/kong.conf]
输出:
Bootstrapping database...
migrating core on database 'kong'...
core migrated up to: 000_base (executed)
core migrated up to: 003_100_to_110 (executed)
core migrated up to: 004_110_to_120 (executed)
core migrated up to: 005_120_to_130 (executed)
core migrated up to: 006_130_to_140 (executed)
core migrated up to: 007_140_to_150 (executed)
core migrated up to: 008_150_to_200 (executed)
core migrated up to: 009_200_to_210 (executed)
core migrated up to: 010_210_to_211 (executed)
core migrated up to: 011_212_to_213 (executed)
core migrated up to: 012_213_to_220 (executed)
core migrated up to: 013_220_to_230 (executed)
migrating rate-limiting on database 'kong'...
rate-limiting migrated up to: 000_base_rate_limiting (executed)
rate-limiting migrated up to: 003_10_to_112 (executed)
rate-limiting migrated up to: 004_200_to_210 (executed)
migrating hmac-auth on database 'kong'...
hmac-auth migrated up to: 000_base_hmac_auth (executed)
hmac-auth migrated up to: 002_130_to_140 (executed)
hmac-auth migrated up to: 003_200_to_210 (executed)
migrating oauth2 on database 'kong'...
oauth2 migrated up to: 000_base_oauth2 (executed)
oauth2 migrated up to: 003_130_to_140 (executed)
oauth2 migrated up to: 004_200_to_210 (executed)
oauth2 migrated up to: 005_210_to_211 (executed)
migrating ip-restriction on database 'kong'...
ip-restriction migrated up to: 001_200_to_210 (executed)
migrating jwt on database 'kong'...
jwt migrated up to: 000_base_jwt (executed)
jwt migrated up to: 002_130_to_140 (executed)
jwt migrated up to: 003_200_to_210 (executed)
migrating basic-auth on database 'kong'...
basic-auth migrated up to: 000_base_basic_auth (executed)
basic-auth migrated up to: 002_130_to_140 (executed)
basic-auth migrated up to: 003_200_to_210 (executed)
migrating key-auth on database 'kong'...
key-auth migrated up to: 000_base_key_auth (executed)
key-auth migrated up to: 002_130_to_140 (executed)
key-auth migrated up to: 003_200_to_210 (executed)
migrating session on database 'kong'...
session migrated up to: 000_base_session (executed)
session migrated up to: 001_add_ttl_index (executed)
migrating acl on database 'kong'...
acl migrated up to: 000_base_acl (executed)
acl migrated up to: 002_130_to_140 (executed)
acl migrated up to: 003_200_to_210 (executed)
acl migrated up to: 004_212_to_213 (executed)
migrating response-ratelimiting on database 'kong'...
response-ratelimiting migrated up to: 000_base_response_rate_limiting (executed)
migrating bot-detection on database 'kong'...
bot-detection migrated up to: 001_200_to_210 (executed)
migrating acme on database 'kong'...
acme migrated up to: 000_base_acme (executed)
41 migrations processed
41 executed
Database is up-to-date
启动 Kong
生成一份配置文件:
cp /etc/kong/kong.conf.default /etc/kong/kong.conf
启动:
kong start -c /etc/kong/kong.conf
检测是否正常运行
curl -i http://localhost:8001/
正常情况下的输出:
HTTP/1.1 200 OK
Date: Thu, 18 Mar 2021 03:34:10 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 10596
X-Kong-Admin-Latency: 3
Server: kong/2.3.3
{"plugins":{"enabled_in_cluster":[],"available_on_server":{"grpc-web":true,"correlation-id":true,"pre-function":true,"cors":true,"rate-limiting":true,"loggly":true,"hmac-auth":true,"zipkin":true,"request-size-limiting":true,"azure-functions":true,"request-transformer":true,"oauth2":true,"response-transformer":true,"ip-restriction":true,"statsd":true,"jwt":true,"proxy-cache":true,"basic-auth":true,"key-auth":true,"http-log":true,"session":true,"datadog":true,"tcp-log":true,"prometheus":true,"post-function":true,"ldap-auth":true,"acl":true,"grpc-gateway":true,"file-log":true,"syslog":true,"udp-log":true,"response-ratelimiting":true,"aws-lambda":true,"bot-detection":true,"acme":true,"request-termination":true}},"tagline":"Welcome to kong","configuration":{"pluginserver......
这段 json 是 Kong 的运行状态数据。