阿里云ECS上安装kong API网关

CT
172 阅读3分钟

核心还是参考kong官网的文档,放个链接如下:

kong docker run

Install Kong Gateway with a database

Set up a Kong Gateway container with a PostgreSQL database to store Kong configuration.

**Prepare the database

  1. Create a custom Docker network to allow the containers to discover and communicate with each other:

     docker network create kong-net

    **

    You can name this network anything you want. We use kong-net as an example throughout this guide.

  2. Start a PostgreSQL container:

     docker run -d --name kong-database \
  --network=kong-net \
  -p 5432:5432 \
  -e "POSTGRES_USER=kong" \
  -e "POSTGRES_DB=kong" \
  -e "POSTGRES_PASSWORD=kongpass" \
  postgres:13

image.png

image.png

**

-   `POSTGRES_USER` and `POSTGRES_DB`: Set these values to `kong`. This is the default value that Kong Gateway expects.
-   `POSTGRES_PASSWORD`: Set the database password to any string.

In this example, the Postgres container named `kong-database` can communicate with any containers on the `kong-net` network.

  1. Prepare the Kong database:

    docker run --rm --network=kong-net \
 -e "KONG_DATABASE=postgres" \
 -e "KONG_PG_HOST=kong-database" \
 -e "KONG_PG_PASSWORD=kongpass" \
kong:3.6.1 kong migrations bootstrap

    **

    Where:

    • KONG_DATABASE: Specifies the type of database that Kong is using.
    • KONG_PG_HOST: The name of the Postgres Docker container that is communicating over the kong-net network, from the previous step.
    • KONG_PG_PASSWORD: The password that you set when bringing up the Postgres container in the previous step.
    • KONG_PASSWORD (Enterprise only): The default password for the admin super user for Kong Gateway.
    • {IMAGE-NAME:TAG} kong migrations bootstrap: In order, this is the Kong Gateway container name and tag, followed by the command to Kong to prepare the Postgres database.

**

image.png

Start Kong Gateway

Important:  The settings below are intended for non-production use only, as they override the default admin_listen setting to listen for requests from any source. Do not use these settings in environments directly exposed to the internet.

If you need to expose the admin_listen port to the internet in a production environment, secure it with authentication.

  1. (Optional) If you have an Enterprise license for Kong Gateway, export the license key to a variable:

    The license data must contain straight quotes to be considered valid JSON (' and ", not  or ).

    Note:  The following license is only an example. You must use the following format, but provide your own content.

     export KONG_LICENSE_DATA='{"license":{"payload":{"admin_seats":"1","customer":"Example Company, Inc","dataplanes":"1","license_creation_date":"2017-07-20","license_expiration_date":"2017-07-20","license_key":"00141000017ODj3AAG_a1V41000004wT0OEAU","product_subscription":"Konnect Enterprise","support_plan":"None"},"signature":"6985968131533a967fcc721244a979948b1066967f1e9cd65dbd8eeabe060fc32d894a2945f5e4a03c1cd2198c74e058ac63d28b045c2f1fcec95877bd790e1b","version":"1"}}'

    **

  2. Run the following command to start a container with Kong Gateway:

    docker run -d --name kong-gateway \
 --network=kong-net \
 -e "KONG_DATABASE=postgres" \
 -e "KONG_PG_HOST=kong-database" \
 -e "KONG_PG_USER=kong" \
 -e "KONG_PG_PASSWORD=kongpass" \
 -e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
 -e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
 -e "KONG_PROXY_ERROR_LOG=/dev/stderr" \
 -e "KONG_ADMIN_ERROR_LOG=/dev/stderr" \
 -e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
 -e "KONG_ADMIN_GUI_URL=http://localhost:8002" \
 -p 8000:8000 \
 -p 8443:8443 \
 -p 127.0.0.1:8001:8001 \
 -p 127.0.0.1:8002:8002 \
 -p 127.0.0.1:8444:8444 \
 kong:3.6.1

    **

    Where:

    • --name and --network: The name of the container to create, and the Docker network it communicates on.
    • KONG_DATABASE: Specifies the type of database that Kong is using.
    • KONG_PG_HOST: The name of the Postgres Docker container that is communicating over the kong-net network.
    • KONG_PG_USER and KONG_PG_PASSWORD: The Postgres username and password. Kong Gateway needs the login information to store configuration data in the KONG_PG_HOST database.
    • All _LOG parameters: set filepaths for the logs to output to, or use the values in the example to print messages and errors to stdout and stderr.
    • KONG_ADMIN_LISTEN: The port that the Kong Admin API listens on for requests.
    • KONG_ADMIN_GUI_URL: The URL for accessing Kong Manager, preceded by a protocol (for example, http://).
    • KONG_LICENSE_DATA: (Enterprise only) If you have a license file and have saved it as an environment variable, this parameter pulls the license from your environment.

image.png

  1. Verify your installation:

    Access the /services endpoint using the Admin API:

     curl -i -X GET --url http://localhost:8001/services

    **

    You should receive a 200 status code.

image.png

  1. Verify that Kong Manager is running by accessing it using the URL specified in KONG_ADMIN_GUI_URL:

     http://localhost:8002

    **

**Get started with Kong Gateway

Now that you have a running Gateway instance, Kong provides a series of getting started guides to help you set up and enhance your first Service.

In particular, right after installation you might want to:

**Clean up containers

If you’re done testing Kong Gateway and no longer need the containers, you can clean them up using the following commands:

docker kill kong-gateway
docker kill kong-database
docker container rm kong-gateway
docker container rm kong-database
docker network rm kong-net

**

**

avatar
文章
阅读
粉丝