what

problems





多个服务要写自己的log,auth,对于比较耗时的,有时还要高流量限制。

solution intro

单点部署的情况:



why not just haproxy log (kinbana)

haproxy rate limit http://blog.serverfault.com/2010/08/26/1016491873/

simple version:

  frontend fe_api_ssl

    acl too_many_uploads_by_user sc0_gpc0_rate() gt 100
acl mark_seen sc0_inc_gpc0 gt 0 stick-table type string size 100k store gpc0_rate(60s) tcp-request content track-sc0 hdr(Authorization) if METH_POST document_request is_upload use_backend be_429_slow_down if mark_seen too_many_uploads_by_user backend be_429_slow_down
timeout tarpit 2s
errorfile 500 /etc/haproxy/errorfiles/429.http
http-request tarpit backend be_api

feature

install

try to use docker instead of pkg/deb/vagrant

docker run -d --name kong-database  -p 5432:5432   -e "POSTGRES_USER=kong"   -e "POSTGRES_DB=kong"   postgres:9.4
docker run -d --name kong-database -p 9042:9042 cassandra:3 dengwei@RMBAP:~/projects/github/kong$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b1b969345f2c kong:latest "/docker-entrypoin..." 16 hours ago Up 16 hours 0.0.0.0:7946->7946/tcp, 0.0.0.0:8000-8001->8000-8001/tcp, 0.0.0.0:8443->8443/tcp, 0.0.0.0:7946->7946/udp kong
9d73317da8e3 cassandra:3 "/docker-entrypoin..." 16 hours ago Up 16 hours 7000-7001/tcp, 7199/tcp, 9160/tcp, 0.0.0.0:9042->9042/tcp kong-database
kong-database

config

http localhost:8001
HTTP/1.1 200 OK
...
Server: kong/0.10.2 {
"configuration": {
"admin_ip": "0.0.0.0",
"admin_listen": "0.0.0.0:8001",
"admin_listen_ssl": "0.0.0.0:8444",
"admin_port": 8001,
"admin_ssl": true,
...
"admin_ssl_ip": "0.0.0.0",
"admin_ssl_port": 8444,
"anonymous_reports": true,
"cassandra_consistency": "ONE",
"cassandra_contact_points": [
"kong-database"
],
"cassandra_data_centers": [
"dc1:2",
"dc2:3"
],
"cassandra_keyspace": "kong",
"cassandra_lb_policy": "RoundRobin",
"cassandra_port": 9042,
...
"pg_user": "kong",
"plugins": {
"acl": true,
...
},
"prefix": "/usr/local/kong",
"proxy_ip": "0.0.0.0",
"proxy_listen": "0.0.0.0:8000",
...
},
"hostname": "b1b969345f2c",
"lua_version": "LuaJIT 2.1.0-beta2",
"plugins": {
"available_on_server": {
"acl": true,
...
},
"enabled_in_cluster": {}
},
...
"tagline": "Welcome to kong",
"timers": {
"pending": 4,
"running": 0
},
"version": "0.10.2"
}

adding an api:

http POST localhost:8001/apis name=demo upstream_url=http://mockbin.org/request request_host=mockbin.org

host with port

http POST localhost:8001/apis name=localdemo upstream_url=http://localhost:3010/request hosts=localhost

list apis:

http localhost:8001/apis

check admin log

in docker container:

sh-4.2# ls
access.log admin_access.log error.log serf.log

use plugin

  • auth example

     http POST localhost:8001/apis/0ee4b228-3089-4ae9-b13a-09ba4df8004e/plugins name=key-auth config.key_names=X-AUTH
    http POST localhost:8001/consumers/b7199b84-cbe6-47ef-9cd0-c68ab27dfee0/key-auth key=abc123

verify :

http localhost:8000 HOST:mockbin.org X-AUTH:1234
http localhost:8000 HOST:mockbin.org X-AUTH:abc123

previous one won't work , latter one works, which with the right key

  • rate limit example:

    find your api id by list apis

    http localhost:8001/apis

in my example the api id is: 0ee4b228-3089-4ae9-b13a-09ba4df8004e

http POST localhost:8001/apis/0ee4b228-3089-4ae9-b13a-09ba4df8004e/plugin;5Cs name=rate-limiting config.minute=5 config.hour=10

test it:

http localhost:8000 Host:mockbin.org X-AUTH:abc123
HTTP/1.1 200 OK

after 5 times with 1 minute:

dengwei@RMBAP:~/projects/work$  http localhost:8000 Host:mockbin.org X-AUTH:abc123
HTTP/1.1 429
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Date: Thu, 25 May 2017 12:18:35 GMT
Server: kong/0.10.2
Transfer-Encoding: chunked
X-RateLimit-Limit-hour: 10
X-RateLimit-Limit-minute: 5
X-RateLimit-Remaining-hour: 0
X-RateLimit-Remaining-minute: 5 {
"message": "API rate limit exceeded"
}

how does it work

rest api with other url in sub page

ui for monitor(need enterprise)

plugin with other language?

to do or not

api gateway: to be or not to be

ref

API & Microservices Management with Kong

kong基础使用

kong ui

kong dashboard

docker

使用Kong来管理业务restful api

[聊聊架构:深入浅出聊聊企业级API网关](https://mp.weixin.qq.com/s?__biz=MzA5Nzc4OTA1Mw==&mid=2659599286&idx=1&sn=f41c9dc7f9f2027eab97889b1b01a391&chksm=8be996a4bc9e1fb29ea77d0941bedb60714c6a7ae94edd44bf705a0910979e18e631210ab326)

problems

in docker you will not success in forward your request via kong. issue here

    dengwei@RMBAP:~/projects/work$ http POST localhost:8001/apis name=localdemoabc upstream_url=http://localhost:3010/ uris=/abc

    HTTP/1.1 201 Created

    dengwei@RMBAP:~/projects/work$ http localhost:8000/abc host=localhost
HTTP/1.1 502 Bad Gateway

todo:

nginx + koa sample

how routing work and verify

ui page

speed lost

comparing with other api gateway: loopback.io http://orange.sumory.com/

API Gateway : Kong的更多相关文章

  1. API Gateway - KONG 安装与配置

    简介 Kong,是由Mashape公司开源的,基于Nginx的API gateway 特点 可扩展,支持分布式 模块化 功能:授权.日志.ip限制.限流.api 统计分析(存在商业插件Galileo等 ...

  2. kong API gateway

    参考:https://www.cnblogs.com/chenjinxi/p/8724564.html 一.简介 Kong,是由Mashape公司开源的,基于Nginx的API gateway. 二. ...

  3. API gateway 之 kong 基本操作 (三)

    一.演示环境准备 1.nginx配置 [root@nginx conf.d]# pwd /etc/nginx/conf.d [root@nginx conf.d]# ls conf_bak kong_ ...

  4. API gateway 之 kong 基本介绍 (一)

    一.API网关概念介绍 API 网关,即API Gateway,是大型分布式系统中,为了保护内部服务而设计的一道屏障,可以提供高性能.高可用的 API托管服务,从而帮助服务的开发者便捷地对外提供服务, ...

  5. 关于kong | API Gateway

    目录 为什么需要 API 网关(more) kong的概念 为什么使用Kong Kong 的管理方式 高可扩展性的背后-插件机制 [前言]: Kong是一个云原生,高效,可扩展的分布式 API 网关. ...

  6. Docker安装Kong API Gateway并使用

    我最新最全的文章都在南瓜慢说 www.pkslow.com,文章更新也只在官网,欢迎大家来喝茶~~ 1 简介 Kong不是一个简单的产品,本文讲的Kong主要指的是Kong API Gateway,即 ...

  7. 谈谈微服务中的 API 网关(API Gateway)

    前言 又是很久没写博客了,最近一段时间换了新工作,比较忙,所以没有抽出来太多的时间写给关注我的粉丝写一些干货了,就有人问我怎么最近没有更新博客了,在这里给大家抱歉. 那么,在本篇文章中,我们就一起来探 ...

  8. 聊聊 API Gateway 和 Netflix Zuul

    最近参与了公司 API Gateway 的搭建工作,技术选型是 Netflix Zuul,主要聊一聊其中的一些心得和体会. 本文主要是介绍使用 Zuul 且在不强制使用其他 Neflix OSS 组件 ...

  9. 微服务中的 API 网关(API Gateway)

    API 网关(API Gateway)提供高性能.高可用的 API 托管服务,帮助用户对外开放其部署在 ECS.容器服务等云产品上的应用,提供完整的 API 发布.管理.维护生命周期管理.用户只需进行 ...

随机推荐

  1. 【HNOI 2018】道路

    Problem Description \(W\) 国的交通呈一棵树的形状.\(W\) 国一共有\(n - 1\)个城市和\(n\)个乡村,其中城市从\(1\)到\(n - 1\) 编号,乡村从\(1 ...

  2. Lintcode481-Binary Tree Leaf Sum-Easy

    481. Binary Tree Leaf Sum Given a binary tree, calculate the sum of leaves. Example Example 1: Input ...

  3. MySQL安装指南(转)

    MySQL安装指南   安装MySQL sudo apt-get install mysql-server 这个应该很简单了,而且我觉得大家在安装方面也没什么太大问题,所以也就不多说了,下面我们来讲讲 ...

  4. Pandas 基础(9) - 组合方法 merge

    首先, 还是以天气为例, 准备如下数据: df1 = pd.DataFrame({ 'city': ['newyork', 'chicago', 'orlando'], 'temperature': ...

  5. Cocos Creator 使用protobufjs

    Win7 + Creator 2.0.0 + protobufjs 6.8.8 1.下载安装protobufjs npm install -g protobufjs 可以看到protobufjs安装在 ...

  6. LeetCode--015--三元之和(java)

    给定一个包含 n 个整数的数组 nums,判断 nums 中是否存在三个元素 a,b,c ,使得 a + b + c = 0 ?找出所有满足条件且不重复的三元组. 注意:答案中不可以包含重复的三元组. ...

  7. postman加密短信验证码

    问题描述:有一个绑定手机号的接口需要向手机发送验证码,接口会将验证码进行base64编码加密,加密后的值赋值给code参数,其他接口请求均需要code参数,如何带上该参数 解决方案:在请求其他接口前请 ...

  8. 7.8 GRASP原则八: 间接 Indirection

    GRASP原则八: 间接 Indirection  若两个对象直接连接,导致耦合太紧,如何解决?3.1 GRASP rule8: Indirection 间接  Name: Indirection ...

  9. python入门-基础语法

    一.变量 定义字符串要加单引号‘’ 变量命名规范: 变量名只能是字母.数字或下划线的任意组合 变量名的第一个字符不能是数字 变量名不能用关键字 变量名不要用中文 变量名不要太长,区分大小写 面就用单引 ...

  10. Hadoop经典案例(排序&Join&topk&小文件合并)

    ①自定义按某列排序,二次排序 writablecomparable中的compareto方法 ②topk a利用treemap,缺点:map中的key不允许重复:https://blog.csdn.n ...