Shulou(Shulou.com)05/31 Report--

This article introduces how to analyze the principle of Kong. The content is very detailed. Interested friends can use it for reference. I hope it will be helpful to you.

An overview of what is Kong

Kong is a Lua application that runs in Nginx and can be implemented through the lua-nginx module. Instead of compiling Nginx with this module, Kong is released with OpenRestry. OpenRestry already contains lua-nginx-module,OpenRestry as a set of extended functional modules of Nginx.

Why Kong?

Kong is an Api Gateway that provides load balancing, logging, authentication, rate limiting, conversion and other functions in the form of plug-ins.

Kong can be easily extended, modular, and can run on any infrastructure.

Terminology

Route: the forwarding rule of the request, which forwards the request to Service according to Hostname and PATH.

Services: a collection of multiple Upstream, which is the forwarding target of Route.

Consumer: is the user of API, which records some information about the user.

Plugin: is a plug-in, plugin can be global, bound to Service, bound to Router, bound to Consumer.

Certificate: is a https certificate.

Sni: the binding between a domain name and Certificate, specifying the https certificate corresponding to a domain name.

Upstream: is a load balancing strategy.

Target: is the Backend service that finally processes the request.

Characteristics

Dynamic load balancing

Load balancing based on hash

Circuit breaker

Health examination

Websockets

OAuth3.0

Log record

Security.

Syslog

Monitor and control

Forwarding agent

Authentication

Rate limit

Fault detection and recovery

……

For more details, please see https://docs.konghq.com/hub/

Open source / enterprise comparison

Architecture

01 frame composition

No db mode is supported after version 1.1

02 execution process

After joining the kong, each client's request for API will first arrive at Kong, and then be proxied to the final API. Between the request and response, Kong will execute any installed plug-ins, extending the API feature set, and Kong will effectively become the entry point for each API.

Deployment

Kong supports running on any infrastructure, including docker, packages, vagrant, Homebrew, CloudFormation, AWS, Azure, Kubernetes, and so on.

This deployment is based on package mode and the software version is deployed.

Software version Kong1.0.3Postgresql9.6Kong-dashboard3.5.0

01 deploy Postgresql

Docker run-name postgres-e POSTGRES_PASSWORD=123456-p 5432 POSTGRES_PASSWORD=123456-p 5432 Murd postgres:9.6

02 create users and databases

Landing

Psql-U postgres-h 10.20.1.190murp 5432

# create a user

Create user kong with password 'kong'

# create a database

Create database kong owner kong

# exit the console

\ Q

03 download installation package

Wget: https://kong.bintray.com/kong-rpm/centos/7/:kong-1.0.3.el7.noarch.rpm

04 installation configuration

# install rpm

Yum install kong-1.0.3.el7.noarch.rpm

# copy configuration

Cp / etc/kong/kong.conf.default/etc/kong/kong.conf

# configuration

Admin_listen = 0.0.0.0 10.20.1.190pg_port 8444 sslpg_host = 5432pg_user = kongpg_password = kongpg_database = kong

Save and exit.

05 start kong

# Database migration, initializing tables

Kong migrations bootstrap

-c / etc/kong/kong.conf-vv

# start

Kong start-c / etc/kong/kong.conf

06 deployment kong-dashboard

Dashboard only supports kong version 1.0.3. The latest version of Hong Kong does not support it. Use pgbi/kong-dashboard image.

# start dashboard

Docker run-p 8888 pgbi/kong-dashboard start 8080 pgbi/kong-dashboard start-kong-url http://10.20.1.190:8001 uses

01upstream

02target

03service

04routers

05 verification

06 plug-in

1.Base-auth

Create consumer

Create Basic-auth-credential

Service enables Basic-auth

Verification

If you do not add user information and have no permissions, the results are as follows:

After adding user information, the effect is as follows:

Integration

01Dns SRV

Kong uses Dns polling to access back-end applications.

1. Architecture diagram

two。 Check the service domain name

Use Dns for service discovery and view the boms-user-service service as follows:

# dig @ 10.20.11.118-p 8600 boms-user-service.service.dc1.consul SRV

Meaning explanation:

Call the service domain name boms-user-service.service.dc1.consul, and find the instance ip+port through dns resolution, such as 10.20.11.118ip+port in the above example.

3. Modify kong configuration

Vim edits kong.conf, adding:

Dns_resolver:127.0.0.1:8600

Used in 4.kong

Manually add a service,host to the kong and enter the service domain name, add router, and then forward it.

5. Summary

Services need to be created manually in kong and apply only to consul registries.

Https://github.com/faizalpribadi/kongsul

02Agent polling

1. Architecture diagram

Agent is responsible for listening to the registry and dynamically calling kong admin API to create resources such as upstream, target, service, router, etc.

Users use boms platform to call admin API to modify router information and realize the service forwarding function. On the basis of this data, plug-ins are enabled to enrich functions.

Development

01 command line

Https://docs.konghq.com/1.0.x/cli/

02Admin API

Https://docs.konghq.com/1.0.x/admin-api/

For example:

On how to carry out the principle analysis of Kong is shared here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.