Kong personal Sharing (API Gateway)

Source: Internet
Author: User
Tags cassandra

# About Kong

# # Background

When we provide API or microservices, we usually use openresty nginx for traffic forwarding or adding some rules or functions, but as the number of services and references increase, complex network environment,
Making maintenance difficult, not easy to scale, some features being duplicated in multiple services, we expect a tool to be centrally managed.

! [] (Images/kong_arch.png)

# # Introduction

Kong is the API Gateway and API Service management layer that forwards API communication between client and (micro) services, extending functionality through plug-ins. We can
The Kong service can be scaled horizontally by adding more Kong Server machines, distributing requests to these machines through a pre-built load balancer.

* Official website: https://getkong.org/
* Github:https://github.com/mashape/kong
* Kong-dashboard (Open source UI): Https://www.npmjs.com/package/kong-dashboard

# # Features

* The Kong core is built on Openresty to enable LUA processing of request/response
* Kong provides management of API/API consumer/plugin/upstream/sni/certificate through restful API;
* Data center is used to store Kong cluster node information, APIs, consumers, plug-ins and other information, currently provides PostgreSQL and Cassandra support, if the need for high availability of recommendations to use Cassandra;
* Caching mechanism (in order to avoid querying the database every time, Kong attempts to make as many data caches as possible in local memory on the first request.) ), the Kong cluster makes Kong high-performance and highly available.

# # Structure
* Admin:restful Api<-->kong server<-(cache)-->db
* Client:port--->[kong server<--(cache)-->db]-->api

# # Installation

* kong:0.11

"' Bash
$ sudo yum install Epel-release
$ sudo yum install kong-community-edition-0.11.0.*.noarch.rpm--nogpgcheck
```
* PostgreSQL 9.4+ and Cassandra 3.x.x

"' Bash
Yum Install Postgresql96-server Postgresql96-contrib
```
# # Configuration

* Configuration file

"' Bash
/etc/kong/kong.conf
/usr/local/kong/nginx.conf
/usr/local/kong/nginx-kong.conf
```
Template

"' Bash
Kong_defaults.lua
Nginx.lua
Nginx_kong.lua
```

# # Table Structure

# # Kong Common Commands

* Kong

"' Bash
Kong--v
Kong check/etc/kong/kong.conf
Kong Health-p/usr/local/kong
Kong version
```
* Initialize database, plugin update

"' Bash
Kong Migrations Up-c/etc/kong/kong.conf
Kong Migrations List-c/etc/kong/kong.conf
Kong Migrations Reset-c/etc/kong/kong.conf
```
* Configuration

"' Bash
Kong Start-c/etc/kong/kong.conf-p/usr/local/kong--nginx-conf custom_nginx.template--run-migrations True
Kong Start-c/etc/kong/kong.conf--nginx-conf custom_nginx.template
Kong Quit-p/usr/local/kong
Kong Stop-p/usr/local/kong
Kong Reload-c/etc/kong/kong.conf-p/usr/local/kong--nginx-conf custom_nginx.template
```


# # Kong Admin API
* Method:
[Get\patch\put\delete]

* Management items: [Apis\upstreams\plugins\consumers\certificates\snis]

* Format

"' Bash
Get:/apis/{name or ID}
get:/apis/
Patch:/apis/{name or ID}
put:/apis/
Delete:/apis/{name or ID}
```

* Config

"' Bash
Curl http://localhost:8001/|JQ.
Curl Http://localhost:8001/status |JQ.
```

*/apis/

"' Bash
Curl-h "Content-type:application/json"-X post-d ' {"Name": "Demo", "Hosts": "Demo.com", "Upstream_url": "/HTTP// Www.baidu.com "} '" http://localhost:8001/apis/"| JQ.
Modify Hosts-->reload
Curl-h "Content-type:application/json"-X post-d ' {"Name": "Demo", "Hosts": "Demo.com", "Upstream_url": "/HTTP// Structuretest.com "," Preserve_host ":" False "} '" http://localhost:8001/apis/"| JQ.

Curl-h "Content-type:application/json"-X post-d ' {"Name": "Demo", "Hosts": "Demo.com", "Upstream_url": "/HTTP// Demo.upstream "} '" http://localhost:8001/apis/"| JQ.
Curl-h "Content-type:application/json"-X patch-d ' {"Strip_uri": "true", "Preserve_host": "true", "Https_only": "false" , "http_if_terminated": "True"} ' "Http://localhost:8001/apis/demo" |JQ.
Curl-h "Content-type:application/json"-X post-d ' {"Name": "Demo", "Hosts": "Demo.com", "Upstream_url": "/HTTP// Demo.upstream "} '" http://localhost:8001/apis/"| JQ.
Curl-x GET "Http://localhost:8001/apis/demo" |JQ.
Curl-x GET "http://localhost:8001/apis/" |JQ.
Curl-x DELETE "Http://localhost:8001/apis/demo" |JQ.
```

*/upstreams/

"' Bash
Curl-h "Content-type:application/json"-X post-d ' {"name": "Demo.upstream", "Slots": Ten} ' "http://localhost:8001/ upstreams/"| JQ.
Curl-x GET "Http://localhost:8001/upstreams/demo.upstream" |JQ.
Curl-x GET "Http://localhost:8001/upstreams" |JQ.
Curl-x DELETE "Http://localhost:8001/upstreams/demo.upstream" |JQ.
```

*/upstreams/{name or Id}/targets

"' Bash
Curl-h "Content-type:application/json"-X post-d ' {"target": "192.168.226.129:8090", "Weight": 1} ' "http://localhost : 8001/upstreams/demo.upstream/targets "| JQ.
Curl-x GET "Http://localhost:8001/upstreams/test.upstream/targets" |JQ.
Curl-x GET "Http://localhost:8001/upstreams" |JQ.

Curl-x DELETE "Http://localhost:8001/upstreams/test.upstream/targets/target"
```

*/plugins/


"' Bash
--Modify delete only by ID;
Curl-h "Content-type:application/json"-X post-d ' {"name": "Key-auth"} ' "http://localhost:8001/apis/demo/plugins/" | JQ.
Curl-h "Content-type:application/json"-X patch-d ' {"Enabled": "True", "Config.key_names": "Apikey"} ' "/HTTP/ localhost:8001/apis/demo/plugins/9a14eea2-731b-48f7-8cb4-949ea9c0f25a "|JQ.
Curl-x GET "http://localhost:8001/plugins/" |JQ.
Curl-x GET "http://localhost:8001/apis/demo/plugins/" |JQ.
Curl-x DELETE "http://localhost:8001/apis/demo/plugins/9a14eea2-731b-48f7-8cb4-949ea9c0f25a" |JQ.
```

*/consumers/

"' Bash
Curl-h "Content-type:application/json"-X post-d ' {"username": "Demo-user"} ' "http://localhost:8001/consumers/" |JQ.
Curl-x DELETE "Http://localhost:8001/consumers/demo-user" |JQ.
Curl-x GET "Http://localhost:8001/consumers/demo-user" |JQ.
Add key:
Curl-h "Content-type:application/json"-X post-d ' {"key": "Api_key"} ' "http://localhost:8001/consumers/demo-user/ key-auth/"|JQ.
```

*/certificates/

"' Bash
Curl-h "Content-type:application/json"-X post-d ' {"cert": "", "Key": "", "Snis": ""} ' "http://localhost:8001/apis/demo/ Certificates/"|JQ.
```

*/snis/

"' Bash
Curl-h "Content-type:application/json"-X post-d ' {"Name": "", "ssl_certificate_id": ""} ' "http://localhost:8001/apis/ demo/snis/"|JQ.
```

# # Proxy Routing rules

* Configure multiple items

"' Bash
Note: The following is the interface response format
{
"Name": "My-api",
"Upstream_url": "Http://my-api.com",
"Hosts": ["example.com", "service.com"],
"URIs": ["/foo", "/bar"],
"Methods": ["GET"]
}
```

* Follow the longest match priority assessment,

"' Bash
"URIs": ["/version/\d+/status/\d+"]
"URIs": ["/version"]
"URIs": ["/"]

--Request
GET/VERSION/3/STATUS/3 matches the first one
Get/version matches a second
Get/version/123 matches a second
Get/vs matches a third
```


# # Load Balancing Reference

* DNS based loadbalancing:dns_resolver Configure DNS IP, after resolving multiple IPs, automatically use DNS load balancing (weighted load balancer, will do a simple loop) when the Dns_stale_ttl timeout after requesting DNS;

* Ring-balancer:upstream (slots\orderlist) \ Target (weight)

# # Cluster

* Version 0.11: After a node has been updated to the database, the other nodes need to update the cache invalidation field after the interval db_update_frequency. It must be configured to use the Cassandra database Db_update_propagation (Data node propagation delay).
To prevent Db_update_frequency from missing a failure event, Db_cache_ttl full volume update cache

"' Bash
Db_update_frequency = 5
db_update_propagation = 0
Db_cache_ttl = 3600
```

* Version 0.10: Through the Kong cluster, each node can know the existence of other nodes. And when a Kong node has an update to the data, it is the responsibility of the node to notify the other nodes in the cluster that the change
Notifies other nodes that the cache in local memory is invalid and retrieves the updated data from the database again.

"' Bash
Cluster_listen Communication
CLUSTER_LISTEN_RPC Agent Communication
Cluster_advertise
Cluster_encrypt_key Base64 encoded 16-byte encrypted cluster communication
Cluster_keyring_file
Cluster_ttl_on_failure//Failure node timeout after the stop is linked;
Cluster_profile//local, LAN, WAN.

--Database node table to store nodes information:
Node
vm_3_3_centos_0.0.0.0:7946_58b54877bc4a47d884b9986e71f49d8b | 10.100.3.3:7946 | 2017-08-07 04:29:05
vm_3_2_centos_0.0.0.0:7946_e4147c192bcc4401acf698ca6374d59d | 10.100.3.2:7946 | 2017-06-12 10:19:24
```

# # Common Plugins

* 8 Common plugins

# # Write Plugins

* File Structure

"' Bash

Basic
Simple-plugin
├──handler.lua an interface to implement. Each function is a time required by the life cycle of a request by Kong. (corresponding to the life cycle of the LUA module)
└──schema.lua plug-in introduces parameter type, rule, checksum

Database involved
Complete-plugin
├──api.lua and Kong RESTful docking
├──daos.lua Database Operations
├──handler.lua//
├──migrations
│├──cassandra.lua
│└──postgres.lua//kong Migrations Operation data Initialization
└──schema.lua

```

* Write Rockspec file:

"' Bash
Build = {
Type = "BUILTIN",
Modules = {
["kong.plugins.my-plugin-addtag.handler"] = "Kong/plugins/my-plugin-addtag/handler.lua",
["kong.plugins.my-plugin-addtag.schema"] = "Kong/plugins/my-plugin-addtag/schema.lua"
}
}
```

"' Bash
Luarocks make--pack-binary-rock My-plugin-addtag-0.1.0-0.rockspec
```

* Modify kong.conf custom_plugins mount, restart;

# # test Environment usage

"' Bash
Http://172.16.17.9:5664/#/apis
```

Kong personal Sharing (API Gateway)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.