kong 网关配置指引

简介: kong 网关配置指引

您将向Kong添加一个API。为此,您首先需要添加一个Service;这就是Kong用来指定它管理的上游API和微服务的名称。

出于本指南的目的,我们将创建一个指向Mockbin API的服务。Mockbin是一个“echo”类型的公共网站,它将返回请求的请求作为响应返回给请求者。这有助于了解Kong如何代理您的API请求。

在开始向Service发出请求之前,您需要为其添加一个Route。Route指定请求在到达Kong后如何(以及是否)发送到其服务。一个Service可以有多个Route.

在配置完Service和Route以后,就可以通过Kong使用他们发送请求。

Kong在:8001端口上公开了RESTful Admin API。 Kong的配置,包括添加的Service和Route,是通过对该API发送请求进行的。
route-and-service.png

1.使用Admin API添加您的服务

  • 执行以下cURL请求,将你的第一个Service(指向Mockbin API)添加到Kong:
$ curl -i -X POST \
  --url http://localhost:8001/services/ \
  --data 'name=example-service' \
  --data 'url=http://mockbin.org'
example-service这是我们的服务名 不是example_service

In our example, the request body contained two strings:

  • name: The name of the service
  • url : An argument that populates the host, port, and path attributes of the service

如果请求成功 ,你会收到 http的201 响应,类似如下:

HTTP/1.1 201 Created
Date: Fri, 11 Nov 2022 03:38:45 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Access-Control-Allow-Origin: http://localhost:8002
X-Kong-Admin-Request-ID: 3xk6T3V665Z8cwHo5ov0Oqi08dkS58TG
vary: Origin
Access-Control-Allow-Credentials: true
vary: Origin
Content-Length: 376
X-Kong-Admin-Latency: 14
Server: kong/3.0.1.0-enterprise-edition

{
  "host": "mockbin.org",
  "name": "example-service",
  "enabled": true,
  "connect_timeout": 60000,
  "read_timeout": 60000,
  "retries": 5,
  "protocol": "http",
  "path": null,
  "port": 80,
  "tags": null,
  "client_certificate": null,
  "tls_verify": null,
  "created_at": 1661346938,
  "updated_at": 1661346938,
  "tls_verify_depth": null,
  "id": "3b2be74e-335b-4f25-9f08-6c41b4720315",
  "write_timeout": 60000,
  "ca_certificates": null
}
  • 查看服务是否添加成功

但你创建了一个服务,kong gateway会给这个服务赋予一个唯一id,如上图“3b2be74e-335b-4f25-9f08-6c41b4720315”,id和name可以被用来identify the service in subsequent requests. This is the service URL and takes the form of /services/{service name or id}

curl -X GET http://localhost:8001/services/example_service

返回如下信息说明添加成功:

{"tls_verify":null,"client_certificate":null,"tls_verify_depth":null,"tags":null,"ca_certificates":null,"path":null,"read_timeout":60000,"protocol":"http","name":"example-service","id":"44a70e67-070e-483d-a824-ff1ed907a049","created_at":1668137925,"retries":5,"updated_at":1668137925,"enabled":true,"write_timeout":60000,"connect_timeout":60000,"host":"mockbin.org","port":80}
  • 列出添加的服务
curl -X GET http://localhost:8001/services

返回如下:

{"next":null,"data":[{"tls_verify":null,"client_certificate":null,"tls_verify_depth":null,"tags":null,"ca_certificates":null,"path":null,"read_timeout":60000,"protocol":"http","name":"example-service","id":"44a70e67-070e-483d-a824-ff1ed907a049","created_at":1668137925,"retries":5,"updated_at":1668137925,"enabled":true,"write_timeout":60000,"connect_timeout":60000,"host":"mockbin.org","port":80}]}

2.路由管理

  • 创建路由

    路由定义了如何通过kong gateway代理一个请求,你可以通过POST一个专门的服务URL创建一个路由。

    我们从创建一个路由使用/mock路径来转发example-service:

    curl -i -X POST http://localhost:8001/services/example-service/routes \
      --data 'paths[]=/mock' \
      --data name=example-route

    如果上面的路由被成功创建返回如下:http的201响应码

    HTTP/1.1 201 Created
    Date: Fri, 11 Nov 2022 08:29:23 GMT
    Content-Type: application/json; charset=utf-8
    Connection: keep-alive
    Access-Control-Allow-Origin: http://localhost:8002
    X-Kong-Admin-Request-ID: 8G90A8IGPUF4vKESaYmAeh5Unsyny4pl
    vary: Origin
    Access-Control-Allow-Credentials: true
    Content-Length: 485
    X-Kong-Admin-Latency: 14
    Server: kong/3.0.1.0-enterprise-edition
    
    {"paths":["/mock"],"methods":null,"regex_priority":0,"destinations":null,"service":{"id":"44a70e67-070e-483d-a824-ff1ed907a049"},"path_handling":"v0","protocols":["http","https"],"request_buffering":true,"response_buffering":true,"id":"6ec8a1dd-f187-416b-8f50-9b9001fbb0a8","created_at":1668155363,"preserve_host":false,"tags":null,"strip_path":true,"sources":null,"snis":null,"updated_at":1668155363,"name":"example-route","hosts":null,"headers":null,"https_redirect_status_code":426}
  • 查看route 路由配置

    和上面的service一样,kong赋予了route唯一的id,可以通过如下格式查看配置/routes/{route name or id},通过如下格式查看刚才添加的路由:

    curl -X GET http://localhost:8001/services/example-service/routes/example-route

    返回的信息包含了刚才添加的路由配置:

    {"message":"Not found"}root@ly-huawei:~# curl -X GET http://localhost:8001/services/example-service/routes/example-route
    {"paths":["/mock"],"methods":null,"regex_priority":0,"destinations":null,"service":{"id":"44a70e67-070e-483d-a824-ff1ed907a049"},"path_handling":"v0","protocols":["http","https"],"request_buffering":true,"response_buffering":true,"id":"6ec8a1dd-f187-416b-8f50-9b9001fbb0a8","created_at":1668155363,"preserve_host":false,"tags":null,"strip_path":true,"sources":null,"snis":null,"updated_at":1668155363,"name":"example-route","hosts":null,"headers":null,"https_redirect_status_code":426}root@ly-huawei:~# curl -X GET http://localhost:8001/services/example-service/routes/
    {"next":null,"data":[{"paths":["/mock"],"methods":null,"regex_priority":0,"destinations":null,"service":{"id":"44a70e67-070e-483d-a824-ff1ed907a049"},"path_handling":"v0","protocols":["http","https"],"request_buffering":true,"response_buffering":true,"id":"6ec8a1dd-f187-416b-8f50-9b9001fbb0a8","created_at":1668155363,"preserve_host":false,"tags":null,"strip_path":true,"sources":null,"snis":null,"updated_at":1668155363,"name":"example-route","hosts":null,"headers":null,"https_redirect_status_code":426}]}
  • 修改路由配置

    和服务一样,route也可以通过发送一个PATCH请求进行动态更新。比如通过如下命令修改配置的tag为“tutorial”,虽然我上面由于懒没有写service的修改,大家自己看官网吧。

    curl --request PATCH \
      --url localhost:8001/services/example-service/routes/example-route \
      --data tags="tutorial"
  • 列出所有的路由配置

    curl http://localhost:8001/routes

    成功返回http的200状态码

    {"next":null,"data":[{"paths":["/mock"],"methods":null,"regex_priority":0,"destinations":null,"service":{"id":"44a70e67-070e-483d-a824-ff1ed907a049"},"path_handling":"v0","protocols":["http","https"],"request_buffering":true,"response_buffering":true,"id":"6ec8a1dd-f187-416b-8f50-9b9001fbb0a8","created_at":1668155363,"preserve_host":false,"tags":["tutorial"],"strip_path":true,"sources":null,"snis":null,"updated_at":1668157098,"name":"example-route","hosts":null,"headers":null,"https_redirect_status_code":426}]}

3.测试上面添加的代理是否成功

Kong 就是一个API Gateway,它将客户端的请求通过路由转发到恰当的上层应用,例如你可以通过http://localhost:8000/mock访问https://mockbin.org/

  1. 8001是kong的管理端口,8000是客户端连接端口
  2. Mockbin 提供了 /requests用来响应客户端的请求。

    curl -X GET http://localhost:8000/mock/requests

    你会得到如下响应:

    {
      "startedDateTime": "2022-11-11T09:25:39.897Z",
      "clientIPAddress": "172.19.0.1",
      "method": "GET",
      "url": "http://localhost/requests",
      "httpVersion": "HTTP/1.1",
      "cookies": {},
      "headers": {
        "host": "mockbin.org",
        "connection": "close",
        "accept-encoding": "gzip",
        "x-forwarded-for": "172.19.0.1,121.36.55.115, 172.70.210.180",
        "cf-ray": "7685fb5b9efd7b19-LAX",
        "x-forwarded-proto": "http",
        "cf-visitor": "{\"scheme\":\"http\"}",
        "x-forwarded-host": "localhost",
        "x-forwarded-port": "80",
        "x-forwarded-path": "/mock/requests",
        "x-forwarded-prefix": "/mock",
        "user-agent": "curl/7.68.0",
        "accept": "*/*",
        "cf-connecting-ip": "121.36.55.115",
        "cdn-loop": "cloudflare",
        "x-request-id": "951f7f44-b1c3-47a6-8d67-57a645fc948f",
        "via": "1.1 vegur",
        "connect-time": "0",
        "x-request-start": "1668158739890",
        "total-route-time": "0"
      },
      "queryString": {},
      "postData": {
        "mimeType": "application/octet-stream",
        "text": "",
        "params": []
      },
      "headersSize": 591,
      "bodySize": 0
    }

**网上的中文教程都是生搬硬套过来的,根本没有实践过,~~~~,还是看官网吧

相关文章
|
8月前
|
负载均衡 应用服务中间件 API
Nginx、Kong、Apisix、Gateway网关比较
Nginx、Kong、Apisix、Gateway网关比较
1508 1
Nginx、Kong、Apisix、Gateway网关比较
|
8月前
|
存储 Cloud Native API
oss云网关配置
配置阿里云OSS与云网关实现灵活数据传输和访问控制。步骤包括开通OSS服务,创建Bucket,获取访问凭证,可选配置CORS和生命周期规则。云网关配置涉及阿里云云原生网关的代理规则设定或使用云存储网关集成OSS访问,具体配置需参照产品文档,因产品更新可能会有变动。
172 1
|
8月前
|
Prometheus 网络协议 JavaScript
api 网关 kong 数据库记录请求响应报文
Kong的tcp-log-with-body插件是一个高效的工具,它能够转发Kong处理的请求和响应。这个插件非常适用于需要详细记录API请求和响应信息的情景,尤其是在调试和排查问题时。
219 0
api 网关 kong 数据库记录请求响应报文
|
8月前
|
Linux
Linux网关路由配置
Linux网关路由配置
70 0
|
5天前
|
编解码 运维 Kubernetes
政采云业务网关实践:使用 Higress 统一替代 APISIX/Kong/Istio Ingress
政采云基础架构团队技术专家朱海峰介绍了业务网关项目的背景和解决方案。
|
2月前
|
监控 网络协议 数据安全/隐私保护
vos3000外呼系统如何检查落地网关配置正常,路由分析
使用VOS3000外呼系统时,确保呼叫畅通的关键在于检查落地网关配置和进行路由分析。具体步骤包括:登录管理界面,检查网关状态和配置,配置外呼规则,测试拨打电话,以及分析日志和报告。通过这些步骤,可以确保系统稳定运行,提高外呼成功率和通话质量。
|
5月前
|
安全 前端开发 Java
微服务网关及其配置
微服务网关及其配置
140 4
|
6月前
|
负载均衡 应用服务中间件 API
深入理解 Nginx 与 Kong 的配置与实践
在微服务架构中,Nginx 用于配置负载均衡,如示例所示,定义上游`pay-service`包含不同权重的服务节点。Kong API 网关则通过service和route进行服务管理和路由,与Nginx的upstream和location类似。通过Kong的命令行接口,可以创建upstream、target、service和route,实现对后端服务的负载均衡和请求管理。Nginx和Kong协同工作,提供高效、灵活的API管理和流量控制。
191 1
深入理解 Nginx 与 Kong 的配置与实践
|
5月前
|
存储 容器
【Azure 事件中心】为应用程序网关(Application Gateway with WAF) 配置诊断日志,发送到事件中心
【Azure 事件中心】为应用程序网关(Application Gateway with WAF) 配置诊断日志,发送到事件中心
|
5月前
|
微服务 应用服务中间件
微服务跨域(通过网关配置进行跨域)
在单体架构中,我们通常通过SpringMVC配置类实现CORS跨域支持,设置允许的来源、请求头、方法及凭证等。然而,在微服务架构下,因浏览器首先访问网关再进行服务路由,需在网关配置跨域。对于无SpringMVC环境的网关(如使用Gateway组件),我们可在YAML文件中配置`spring.cloud.gateway.globalcors`属性,以实现全局跨域支持。
111 0