what

problems





多个服务要写自己的log,auth,对于比较耗时的,有时还要高流量限制。

solution intro

单点部署的情况:



why not just haproxy log (kinbana)

haproxy rate limit http://blog.serverfault.com/2010/08/26/1016491873/

simple version:

  frontend fe_api_ssl

    acl too_many_uploads_by_user sc0_gpc0_rate() gt 100

    acl mark_seen sc0_inc_gpc0 gt 0

    stick-table type string size 100k store gpc0_rate(60s)

    tcp-request content track-sc0 hdr(Authorization) if METH_POST document_request is_upload

    use_backend be_429_slow_down if mark_seen too_many_uploads_by_user  

  backend be_429_slow_down

    timeout tarpit 2s

    errorfile 500 /etc/haproxy/errorfiles/429.http

    http-request tarpit

  backend be_api

feature

install

try to use docker instead of pkg/deb/vagrant

docker run -d --name kong-database  -p 5432:5432   -e "POSTGRES_USER=kong"   -e "POSTGRES_DB=kong"   postgres:9.4

docker run -d --name kong-database  -p 9042:9042  cassandra:3

dengwei@RMBAP:~/projects/github/kong$ docker ps -a

CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                     PORTS                                                                                                      NAMES

b1b969345f2c        kong:latest         "/docker-entrypoin..."   16 hours ago        Up 16 hours                0.0.0.0:7946->7946/tcp, 0.0.0.0:8000-8001->8000-8001/tcp, 0.0.0.0:8443->8443/tcp, 0.0.0.0:7946->7946/udp   kong

9d73317da8e3        cassandra:3         "/docker-entrypoin..."   16 hours ago        Up 16 hours                7000-7001/tcp, 7199/tcp, 9160/tcp, 0.0.0.0:9042->9042/tcp                                                  kong-database

                                             kong-database

config

http localhost:8001


HTTP/1.1 200 OK

...

Server: kong/0.10.2

{

    "configuration": {

        "admin_ip": "0.0.0.0",

        "admin_listen": "0.0.0.0:8001",

        "admin_listen_ssl": "0.0.0.0:8444",

        "admin_port": 8001,

        "admin_ssl": true,

        ...

        "admin_ssl_ip": "0.0.0.0",

        "admin_ssl_port": 8444,

        "anonymous_reports": true,

        "cassandra_consistency": "ONE",

        "cassandra_contact_points": [

            "kong-database"

        ],

        "cassandra_data_centers": [

            "dc1:2",

            "dc2:3"

        ],

        "cassandra_keyspace": "kong",

        "cassandra_lb_policy": "RoundRobin",

        "cassandra_port": 9042,

        ...

        "pg_user": "kong",

        "plugins": {

            "acl": true,

            ...

        },

        "prefix": "/usr/local/kong",

        "proxy_ip": "0.0.0.0",

        "proxy_listen": "0.0.0.0:8000",

        ...

    },

    "hostname": "b1b969345f2c",

    "lua_version": "LuaJIT 2.1.0-beta2",

    "plugins": {

        "available_on_server": {

            "acl": true,

           ...

        },

        "enabled_in_cluster": {}

    },

   ...

    "tagline": "Welcome to kong",

    "timers": {

        "pending": 4,

        "running": 0

    },

    "version": "0.10.2"

}

adding an api:

http POST localhost:8001/apis name=demo upstream_url=http://mockbin.org/request request_host=mockbin.org

host with port

http POST localhost:8001/apis name=localdemo upstream_url=http://localhost:3010/request hosts=localhost

list apis:

http localhost:8001/apis

check admin log

in docker container:

sh-4.2# ls

access.log  admin_access.log  error.log  serf.log

use plugin

  • auth example

     http POST localhost:8001/apis/0ee4b228-3089-4ae9-b13a-09ba4df8004e/plugins name=key-auth config.key_names=X-AUTH
    
 http POST localhost:8001/consumers/b7199b84-cbe6-47ef-9cd0-c68ab27dfee0/key-auth key=abc123

verify :

http localhost:8000 HOST:mockbin.org X-AUTH:1234

http localhost:8000 HOST:mockbin.org X-AUTH:abc123

previous one won't work , latter one works, which with the right key

  • rate limit example:

    find your api id by list apis

    http localhost:8001/apis

in my example the api id is: 0ee4b228-3089-4ae9-b13a-09ba4df8004e

http POST localhost:8001/apis/0ee4b228-3089-4ae9-b13a-09ba4df8004e/plugin;5Cs name=rate-limiting config.minute=5 config.hour=10

test it:

http localhost:8000 Host:mockbin.org X-AUTH:abc123

HTTP/1.1 200 OK

after 5 times with 1 minute:

dengwei@RMBAP:~/projects/work$  http localhost:8000 Host:mockbin.org X-AUTH:abc123

HTTP/1.1 429

Connection: keep-alive

Content-Type: application/json; charset=utf-8

Date: Thu, 25 May 2017 12:18:35 GMT

Server: kong/0.10.2

Transfer-Encoding: chunked

X-RateLimit-Limit-hour: 10

X-RateLimit-Limit-minute: 5

X-RateLimit-Remaining-hour: 0

X-RateLimit-Remaining-minute: 5

{

    "message": "API rate limit exceeded"

}

how does it work

rest api with other url in sub page

ui for monitor(need enterprise)

plugin with other language?

to do or not

api gateway: to be or not to be

ref

API & Microservices Management with Kong

kong基础使用

kong ui

kong dashboard

docker

使用Kong来管理业务restful api

[聊聊架构:深入浅出聊聊企业级API网关](https://mp.weixin.qq.com/s?__biz=MzA5Nzc4OTA1Mw==&mid=2659599286&idx=1&sn=f41c9dc7f9f2027eab97889b1b01a391&chksm=8be996a4bc9e1fb29ea77d0941bedb60714c6a7ae94edd44bf705a0910979e18e631210ab326)

problems

in docker you will not success in forward your request via kong. issue here

    dengwei@RMBAP:~/projects/work$ http POST localhost:8001/apis name=localdemoabc upstream_url=http://localhost:3010/ uris=/abc

    HTTP/1.1 201 Created

    dengwei@RMBAP:~/projects/work$ http localhost:8000/abc host=localhost

    HTTP/1.1 502 Bad Gateway

todo:

nginx + koa sample

how routing work and verify

ui page

speed lost

comparing with other api gateway: loopback.io http://orange.sumory.com/

API Gateway : Kong的更多相关文章

  1. API Gateway - KONG 安装与配置

    简介 Kong,是由Mashape公司开源的,基于Nginx的API gateway 特点 可扩展,支持分布式 模块化 功能:授权.日志.ip限制.限流.api 统计分析(存在商业插件Galileo等 ...

  2. kong API gateway

    参考:https://www.cnblogs.com/chenjinxi/p/8724564.html 一.简介 Kong,是由Mashape公司开源的,基于Nginx的API gateway. 二. ...

  3. API gateway 之 kong 基本操作 (三)

    一.演示环境准备 1.nginx配置 [root@nginx conf.d]# pwd /etc/nginx/conf.d [root@nginx conf.d]# ls conf_bak kong_ ...

  4. API gateway 之 kong 基本介绍 (一)

    一.API网关概念介绍 API 网关,即API Gateway,是大型分布式系统中,为了保护内部服务而设计的一道屏障,可以提供高性能.高可用的 API托管服务,从而帮助服务的开发者便捷地对外提供服务, ...

  5. 关于kong | API Gateway

    目录 为什么需要 API 网关(more) kong的概念 为什么使用Kong Kong 的管理方式 高可扩展性的背后-插件机制 [前言]: Kong是一个云原生,高效,可扩展的分布式 API 网关. ...

  6. Docker安装Kong API Gateway并使用

    我最新最全的文章都在南瓜慢说 www.pkslow.com,文章更新也只在官网,欢迎大家来喝茶~~ 1 简介 Kong不是一个简单的产品,本文讲的Kong主要指的是Kong API Gateway,即 ...

  7. 谈谈微服务中的 API 网关(API Gateway)

    前言 又是很久没写博客了,最近一段时间换了新工作,比较忙,所以没有抽出来太多的时间写给关注我的粉丝写一些干货了,就有人问我怎么最近没有更新博客了,在这里给大家抱歉. 那么,在本篇文章中,我们就一起来探 ...

  8. 聊聊 API Gateway 和 Netflix Zuul

    最近参与了公司 API Gateway 的搭建工作,技术选型是 Netflix Zuul,主要聊一聊其中的一些心得和体会. 本文主要是介绍使用 Zuul 且在不强制使用其他 Neflix OSS 组件 ...

  9. 微服务中的 API 网关(API Gateway)

    API 网关(API Gateway)提供高性能.高可用的 API 托管服务,帮助用户对外开放其部署在 ECS.容器服务等云产品上的应用,提供完整的 API 发布.管理.维护生命周期管理.用户只需进行 ...

随机推荐

  1. BOM简介

    BOM简介 BOM Browser Object Model 浏览器对象模型 // 通过window对象来访问浏览器 console.log(window.document); // frames:当 ...

  2. 字段值为 null 时,序列化或反序列化成其他值

    using Newtonsoft.Json; using Newtonsoft.Json.Serialization; using System; using System.Collections.G ...

  3. js Array​.prototype​.reduce()

    例子: , , , ]; const reducer = (accumulator, currentValue) => accumulator + currentValue; // 1 + 2 ...

  4. ATDD

    什么是ATDD 首先,ATDD不是一种测试方法论,而是一种开发方法论. UTDD涉及的人员仅仅是开发人员,那么ATDD仅仅涉及测试人员吗?不是,产品.开发.测试都需要参与到ATDD中来. 在ATDD活 ...

  5. xml和tomcat介绍

    一 xml介绍: xml:可扩展性的文件 功能: 1.作为框架的配置文件 2.方便在网络中传输数据 <a> <b></b> <c></c> ...

  6. rsync详细配置

    1 说在前面的话 rsync官方网站: https://www.samba.org/ftp/rsync/rsync.html rsync是可以实现增量备份的工具.配合任务计划,rsync能实现定时或间 ...

  7. PythonWEB框架之Tornado

    前言 Tornado(龙卷风)和Django一样是Python中比较主流的web框架,Tornado 和现在的主流 Web 服务器框架也有着明显的区别:Tornado自带socket,并且实现了异步非 ...

  8. UVa LA 4254 - Processor 二分,贪心 难度: 1

    题目 https://icpcarchive.ecs.baylor.edu/index.php?option=com_onlinejudge&Itemid=8&page=show_pr ...

  9. 基于vue的实战步骤

    1.脚手架vue-cli安装 npm install -g vue-cli (npm init -f 生成package.json文件) vue init webpack myapp cd myapp ...

  10. C语言冒泡(起泡)排序与选择排序的循环条件区别

    冒泡排序(写法1): i = 0; i < n-1; ++i{ flag = true; j = 0; j < n-1-i; ++j{//从前面开始冒泡 if( arr[j] < a ...