【微服务】部署Api网关Kong - Go语言中文社区

【微服务】部署Api网关Kong

为什么80%的码农都做不了架构师?>>>   hot3.png

Kong 是在客户端和(微)服务间转发 API 通信的 API 网关,通过插件扩展功能。持久化支持Postgresql和Cassandra。鉴于做测试,使用搭建简便的Postgresql作为DB存储。

IP分配

192.168.0.181:CentOS7 部署Kong服务; 192.168.0.184:CentOS7 部署postgresql 10;

部署postgresql

首先在192.168.0.184上部署postgresql,命令如下:

 yum install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-1.noarch.rpm
 yum install postgresql10
 yum install postgresql10-server


 /usr/pgsql-10/bin/postgresql-10-setup initdb
 systemctl enable postgresql-10
 systemctl start postgresql-10

安装完毕后进入db创建用户;

#首先进入postgres用户
su postgres

#进入sql命令行
/usr/pgsql-10/bin/psql

#创建用户和库
CREATE USER kong; CREATE DATABASE kong OWNER kong;

#修改用户kong的密码
ALTER USER kong WITH PASSWORD 'kong';

安装kong

接下来在192.168.0.181上安装kong,首先下载对应CentOS7的rpm文件:kong-community-edition-0.11.2.el7.noarch.rpm

yum install epel-release
yum install kong-community-edition-0.11.2.*.noarch.rpm --nogpgcheck

然后修改配置文件,默认在/etc/kong/kong.conf.default

database = postgres
pg_host = 192.168.0.184
pg_port = 5432
pg_user = kong
pg_password = kong
pg_database = kong

然后重命名为kong.conf

再初始化db

kong migrations up -c /etc/kong/kong.conf

启动:

kong start -c /etc/kong/kong.conf

kong开放4个端口,分别用途如下:

  • 8000: 监听HTTP请求,向后端服务进行转发;
  • 8443: 监听HTTPS请求,同8000;
  • 8001: 用户管理api访问端口;
  • 8444: 监听HTTPS用于管理api端口;

停止和reload命令:

kong stop
kong reload

Kong管理接口

状态相关接口

查看kong信息
GET http://192.168.0.181:8001/
  • available_on_server: 查看开启的插件列表
  • enabled_in_cluster:查看集群中开启插件的信息
{
    "version": "0.11.2", 
    "plugins": {
        "enabled_in_cluster": [ ], 
        "available_on_server": {
            "response-transformer": true, 
            "correlation-id": true, 
            "statsd": true, 
            "jwt": true, 
            "cors": true, 
            "basic-auth": true, 
            "key-auth": true, 
            "ldap-auth": true, 
            "oauth2": true, 
            "http-log": true, 
            "ip-restriction": true, 
            "hmac-auth": true, 
            "request-size-limiting": true, 
            "datadog": true, 
            "tcp-log": true, 
            "request-transformer": true, 
            "file-log": true, 
            "acl": true, 
            "bot-detection": true, 
            "loggly": true, 
            "galileo": true, 
            "syslog": true, 
            "udp-log": true, 
            "response-ratelimiting": true, 
            "aws-lambda": true, 
            "runscope": true, 
            "rate-limiting": true, 
            "request-termination": true
        }
    }, 
    "tagline": "Welcome to kong", 
    "configuration": {
        "error_default_type": "text/plain", 
        "admin_listen": "0.0.0.0:8001", 
        "lua_ssl_verify_depth": 1, 
        "trusted_ips": { }, 
        "prefix": "/usr/local/kong", 
        "nginx_conf": "/usr/local/kong/nginx.conf", 
        "cassandra_username": "kong", 
        "proxy_ip": "0.0.0.0", 
        "ssl_cert_key": "/usr/local/kong/ssl/kong-default.key", 
        "admin_ssl_cert_key": "/usr/local/kong/ssl/admin-kong-default.key", 
        "dns_resolver": { }, 
        "pg_user": "kong", 
        "mem_cache_size": "128m", 
        "server_tokens": true, 
        "proxy_ssl_port": 8443, 
        "admin_ip": "0.0.0.0", 
        "custom_plugins": { }, 
        "pg_host": "192.168.0.184", 
        "nginx_acc_logs": "/usr/local/kong/logs/access.log", 
        "proxy_listen": "0.0.0.0:8000", 
        "client_ssl_cert_default": "/usr/local/kong/ssl/kong-default.crt", 
        "cassandra_ssl": false, 
        "dns_no_sync": false, 
        "db_update_propagation": 0, 
        "nginx_err_logs": "/usr/local/kong/logs/error.log", 
        "cassandra_port": 9042, 
        "dns_order": [
            "LAST", 
            "SRV", 
            "A", 
            "CNAME"
        ], 
        "admin_ssl_ip": "0.0.0.0", 
        "dns_stale_ttl": 4, 
        "nginx_optimizations": true, 
        "proxy_ssl_ip": "0.0.0.0", 
        "database": "postgres", 
        "ssl": true, 
        "pg_database": "kong", 
        "nginx_worker_processes": "auto", 
        "admin_ssl_port": 8444, 
        "lua_package_cpath": "", 
        "admin_port": 8001, 
        "nginx_pid": "/usr/local/kong/pids/nginx.pid", 
        "upstream_keepalive": 60, 
        "proxy_access_log": "logs/access.log", 
        "ssl_ciphers": "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256", 
        "ssl_cert_csr_default": "/usr/local/kong/ssl/kong-default.csr", 
        "admin_access_log": "logs/admin_access.log", 
        "dns_error_ttl": 1, 
        "client_ssl_cert_csr_default": "/usr/local/kong/ssl/kong-default.csr", 
        "pg_password": "******", 
        "client_ssl": false, 
        "cassandra_contact_points": [
            "127.0.0.1"
        ], 
        "admin_ssl_cert_csr_default": "/usr/local/kong/ssl/admin-kong-default.csr", 
        "lua_socket_pool_size": 30, 
        "real_ip_header": "X-Real-IP", 
        "ssl_cipher_suite": "modern", 
        "cassandra_consistency": "ONE", 
        "http2": false, 
        "proxy_listen_ssl": "0.0.0.0:8443", 
        "client_max_body_size": "0", 
        "admin_error_log": "logs/error.log", 
        "pg_ssl_verify": false, 
        "dns_not_found_ttl": 30, 
        "pg_ssl": false, 
        "proxy_error_log": "logs/error.log", 
        "proxy_port": 8000, 
        "cassandra_repl_strategy": "SimpleStrategy", 
        "latency_tokens": true, 
        "admin_listen_ssl": "0.0.0.0:8444", 
        "admin_ssl_cert": "/usr/local/kong/ssl/admin-kong-default.crt", 
        "admin_http2": false, 
        "nginx_kong_conf": "/usr/local/kong/nginx-kong.conf", 
        "cassandra_schema_consensus_timeout": 10000, 
        "dns_hostsfile": "/etc/hosts", 
        "log_level": "notice", 
        "cassandra_timeout": 5000, 
        "ssl_cert": "/usr/local/kong/ssl/kong-default.crt", 
        "admin_ssl": true, 
        "admin_ssl_cert_key_default": "/usr/local/kong/ssl/admin-kong-default.key", 
        "cassandra_ssl_verify": false, 
        "db_cache_ttl": 3600, 
        "cassandra_lb_policy": "RoundRobin", 
        "real_ip_recursive": "off", 
        "cassandra_repl_factor": 1, 
        "client_ssl_cert_key_default": "/usr/local/kong/ssl/kong-default.key", 
        "nginx_daemon": "on", 
        "anonymous_reports": true, 
        "kong_env": "/usr/local/kong/.kong_env", 
        "cassandra_data_centers": [
            "dc1:2", 
            "dc2:3"
        ], 
        "pg_port": 5432, 
        "plugins": {
            "response-transformer": true, 
            "correlation-id": true, 
            "statsd": true, 
            "jwt": true, 
            "cors": true, 
            "basic-auth": true, 
            "key-auth": true, 
            "ldap-auth": true, 
            "request-termination": true, 
            "http-log": true, 
            "rate-limiting": true, 
            "hmac-auth": true, 
            "runscope": true, 
            "datadog": true, 
            "tcp-log": true, 
            "aws-lambda": true, 
            "response-ratelimiting": true, 
            "bot-detection": true, 
            "request-size-limiting": true, 
            "syslog": true, 
            "galileo": true, 
            "loggly": true, 
            "udp-log": true, 
            "file-log": true, 
            "request-transformer": true, 
            "acl": true, 
            "ip-restriction": true, 
            "oauth2": true
        }, 
        "client_body_buffer_size": "8k", 
        "nginx_admin_acc_logs": "/usr/local/kong/logs/admin_access.log", 
        "admin_ssl_cert_default": "/usr/local/kong/ssl/admin-kong-default.crt", 
        "db_update_frequency": 5, 
        "cassandra_keyspace": "kong", 
        "ssl_cert_default": "/usr/local/kong/ssl/kong-default.crt", 
        "ssl_cert_key_default": "/usr/local/kong/ssl/kong-default.key", 
        "lua_package_path": "./?.lua;./?/init.lua;"
    }, 
    "lua_version": "LuaJIT 2.1.0-beta2", 
    "prng_seeds": {
        "pid: 15093": 961939718379
    }, 
    "timers": {
        "pending": 5, 
        "running": 0
    }, 
    "hostname": "tree81"
}
获取kong状态
GET http://192.168.0.181:8001/status

{
    "database": {
        "reachable": true #数据库的连接状态
    },
    "server": {
        "connections_writing": 1, #正在响应的请求数
        "total_requests": 8,  #总请求数
        "connections_handled": 7, #处理连接总数
        "connections_accepted": 7, #客户端连接总数
        "connections_reading": 0, #正在读取请求头的连接数
        "connections_active": 1, #活动连接数,含等待
        "connections_waiting": 0 #正在等待请求的连接数
    }
}

转载于:https://my.oschina.net/tree/blog/1602289

版权声明:本文来源CSDN,感谢博主原创文章,遵循 CC 4.0 by-sa 版权协议,转载请附上原文出处链接和本声明。
原文链接:https://blog.csdn.net/weixin_33778778/article/details/91620461
站方申明:本站部分内容来自社区用户分享,若涉及侵权,请联系站方删除。
  • 发表于 2020-03-07 09:45:48
  • 阅读 ( 1688 )
  • 分类:

你可能感兴趣的文章

精选的优质文章

0 条评论

请先 登录 后评论

官方社群

GO教程

推荐文章

猜你喜欢

随便看看

来源51CTO

如果觉得我的文章对您有用,请随意打赏。你的支持将鼓励我继续创作!