Kong dbless-mode 配置手册

2020-02-28  本文已影响0人  印随2018

Kong dbless-mode 配置手册

版本:
v0.4

日期:
2020年02月28日

目录

[TOC]

背景

本文档针对Kong使用dbless-mode时,对配置文件(yaml格式)进行详细说明

Kong Version:2.0.1

在线文档:https://docs.konghq.com/2.0.x/db-less-and-declarative-config/

测试

  1. 安装
sudo yum install -y wget jq
wget https://bintray.com/kong/kong-rpm/rpm -O bintray-kong-kong-rpm.repo
export major_version=`grep -oE '[0-9]+\.[0-9]+' /etc/redhat-release | cut -d "." -f1`
sed -i -e 's/baseurl.*/&\/centos\/'$major_version''/ bintray-kong-kong-rpm.repo
sudo mv bintray-kong-kong-rpm.repo /etc/yum.repos.d/
sudo yum install -y kong

2.使用dbless-mode

# 配置
cp /etc/kong/kong.conf.default /etc/kong/kong.conf

# 使用db-lessmode
sed -i "/^#database/i\database = off" /etc/kong/kong.conf

# 启动
kong start

# 验证
curl http://127.0.0.1:8001 2>/dev/null | jq .configuration.database

3.创建配置文件apis.yml

cat > apis.yml <<EOF
_format_version: "1.1"
services:
 - name: httpbin-service
   url: http://httpbin.org/
   routes:
   - name: httpbin-route
     paths:
     - /
EOF

4.验证接口文件

kong config parse apis.yml

5.上传配置文件

# 重启后,接口配置不会自动加载
curl http://127.0.0.1:8001/config -F "config=@apis.yml"

# 或者在kong.conf中指定,重启后会自动加载接口配置
sed -i "/^#declarative_config/i\declarative_config = /root/apis.yml" /etc/kong/kong.conf

kong restart

6.测试

curl -i -H "host: httpbin-test.local" \
    http://127.0.0.1:8000/ip

配置

对象关系图

client -> route -> service -> upstream -> taraget

插件可以是全局的,也可以只绑定到某个Route对象,或者是某个Service对象。以下列出的字段都是API网关1.0必须要在前端显示的,后续版本再添加更多的字段。下面是示例配置文件

_format_version: '1.1'
routes:
- name: route-httpbin-1
  protocols:
  - http
  - https
  hosts:
  - route-httpbin-1.local
  paths:
  - /
  strip_path: true
  preserve_host: false
  regex_priority: 0
  service: service-httpbin
  tags:
  - "group-1"
  - "api-1"
- name: route-httpbin-2
  protocols:
  - http
  - https
  hosts:
  - route-httpbin-2.local
  paths:
  - /httpbin
  strip_path: true
  preserve_host: false
  regex_priority: 0
  service: service-httpbin
  tags:
  - "group-2"
  - "api-2"
- name: route-httpbin-3
  protocols:
  - http
  - https
  hosts:
  - route-httpbin-3.local
  paths:
  - /anything
  - /get
  strip_path: false
  preserve_host: false
  regex_priority: 0
  service: service-httpbin
  tags:
  - "group-3"
  - "api-3"
- name: route-httpbin-4
  protocols:
  - http
  - https
  hosts:
  - route-httpbin-4.local
  paths:
  - /
  strip_path: false
  preserve_host: false
  regex_priority: 0
  service: service-httpbin
  tags:
  - "group-4"
  - "api-4"


services:
- name: service-httpbin
  host: upstream-httpbin
  protocol: http
  port: 80
  connect_timeout: 60000
  read_timeout: 60000
  write_timeout: 60000
  retries: 5
upstreams:
- name: upstream-httpbin
  algorithm: round-robin
  tags:
  - "v1"
targets:
- upstream: upstream-httpbin
  tags:
  - "zone1"
  target: 35.170.216.115:80
  weight: 100

#
# global plugin config
#
plugins:
- name: correlation-id
  config:
    header_name: "X-Request-Id"
    echo_downstream: true
- name: request-size-limiting
  config:
    allowed_payload_size: 1
    size_unit: megabytes
- name: request-termination
  config:
    status_code: 403
    message: So long and thanks for all the fish
  route: route-httpbin-4

通过tag的方式注入API管理平台的扩展信息,如下

tags/group-1: API分组ID
tags/api-1: APIID
tags/v1: 后端服务的版本号
tags/zone1: 后端服务节点所在的机房信息

注意:所有对象的name字段必须保证唯一性。

route-httpbin-1.local


# status code: 200
curl -i -X GET \
  --url http://localhost:8000/anything \
  --header 'Host: route-httpbin-1.local'

# status code: 200
curl -i -X GET \
  --url http://localhost:8000/get \
  --header 'Host: route-httpbin-1.local'

# status code: 200
curl -i -X GET \
  --url http://localhost:8000/ip \
  --header 'Host: route-httpbin-1.local'

route-httpbin-2.local


# status code: 200
curl -i -X GET \
  --url http://localhost:8000/httpbin/anything \
  --header 'Host: route-httpbin-2.local'

# status code: 200
curl -i -X GET \
  --url http://localhost:8000/httpbin/get \
  --header 'Host: route-httpbin-2.local'

# status code: 200
curl -i -X GET \
  --url http://localhost:8000/httpbin/ip \
  --header 'Host: route-httpbin-2.local'

route-httpbin-3.local


# status code: 200
curl -i -X GET \
  --url http://localhost:8000/anything \
  --header 'Host: route-httpbin-3.local'

# status code: 200
curl -i -X GET \
  --url http://localhost:8000/get \
  --header 'Host: route-httpbin-3.local'

# status code: 404
curl -i -X GET \
  --url http://localhost:8000/ip \
  --header 'Host: route-httpbin-3.local'

所有域名限制请求大小为1M,测试请求为1K

dd if=/dev/zero of=1k.data bs=1k count=1

# status code: 200
curl -i -H "host: route-httpbin-1.local" -F "config=@1k.data" \
    http://127.0.0.1:8000/post

# status code: 200
curl -i -H "host: route-httpbin-2.local" -F "config=@1k.data" \
    http://127.0.0.1:8000/httpbin/post

# status code: 404
curl -i -H "host: route-httpbin-3.local" -F "config=@1k.data" \
    http://127.0.0.1:8000/post

所有域名限制请求大小为1M,测试请求为2M

dd if=/dev/zero of=2m.data bs=1M count=2

# status code: 417
curl -i -H "host: route-httpbin-1.local" -F "config=@2m.data" \
    http://127.0.0.1:8000/post

# status code: 417
curl -i -H "host: route-httpbin-2.local" -F "config=@2m.data" \
    http://127.0.0.1:8000/httpbin/post

# status code: 417
curl -i -H "host: route-httpbin-3.local" -F "config=@2m.data" \
    http://127.0.0.1:8000/post

route-httpbin-2.local限制请求大小为4M,测试请求为2M

dd if=/dev/zero of=2m.data bs=1M count=2

# status code: 417
curl -i -H "host: route-httpbin-1.local" -F "config=@2m.data" \
    http://127.0.0.1:8000/post

熔断


# status code: 403
curl -i -H "host: route-httpbin-4.local" \
    http://127.0.0.1:8000/anything

流量染色(X-RequestId)


# status code: 200
curl -i -H "host: route-httpbin-3.local" \
    http://127.0.0.1:8000/anything

官方插件

Request Size Limiting

Block incoming requests whose body is greater than a specific size in megabytes.

Ref:https://docs.konghq.com/hub/kong-inc/request-size-limiting/

Rate Limiting

Rate limit how many HTTP requests a developer can make in a given period of seconds, minutes, hours, days, months or years

Ref:https://docs.konghq.com/hub/kong-inc/rate-limiting/

CORS

Easily add Cross-origin resource sharing (CORS) to a Service, a Route by enabling this plugin.

Ref:https://docs.konghq.com/hub/kong-inc/cors/

IP Restriction

Restrict access to a Service or a Route by either whitelisting or blacklisting IP addresses. Single IPs, multiple IPs or ranges in CIDR notation like 10.10.10.0/24 can be used.

Ref:https://docs.konghq.com/hub/kong-inc/ip-restriction/

Request Termination

This plugin terminates incoming requests with a specified status code and message. This allows to (temporarily) stop traffic on a Service or a Route, or even block a Consumer.

Ref:https://docs.konghq.com/hub/kong-inc/request-termination/

Correlation ID

Correlate requests and responses using a unique ID transmitted over an HTTP header.

Ref:https://docs.konghq.com/hub/kong-inc/correlation-id/

自定义插件

无。

上一篇 下一篇

猜你喜欢

热点阅读