API Gateway : Kong
what
problems


多个服务要写自己的log,auth,对于比较耗时的,有时还要高流量限制。
solution intro

单点部署的情况:


why not just haproxy log (kinbana)
haproxy rate limit http://blog.serverfault.com/2010/08/26/1016491873/
simple version:
frontend fe_api_ssl
acl too_many_uploads_by_user sc0_gpc0_rate() gt 100
acl mark_seen sc0_inc_gpc0 gt 0
stick-table type string size 100k store gpc0_rate(60s)
tcp-request content track-sc0 hdr(Authorization) if METH_POST document_request is_upload
use_backend be_429_slow_down if mark_seen too_many_uploads_by_user
backend be_429_slow_down
timeout tarpit 2s
errorfile 500 /etc/haproxy/errorfiles/429.http
http-request tarpit
backend be_api
feature
- logs
- rate-limit
- auth
- monitoring
more plugin
install
try to use docker instead of pkg/deb/vagrant
docker run -d --name kong-database -p 5432:5432 -e "POSTGRES_USER=kong" -e "POSTGRES_DB=kong" postgres:9.4
docker run -d --name kong-database -p 9042:9042 cassandra:3
dengwei@RMBAP:~/projects/github/kong$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b1b969345f2c kong:latest "/docker-entrypoin..." 16 hours ago Up 16 hours 0.0.0.0:7946->7946/tcp, 0.0.0.0:8000-8001->8000-8001/tcp, 0.0.0.0:8443->8443/tcp, 0.0.0.0:7946->7946/udp kong
9d73317da8e3 cassandra:3 "/docker-entrypoin..." 16 hours ago Up 16 hours 7000-7001/tcp, 7199/tcp, 9160/tcp, 0.0.0.0:9042->9042/tcp kong-database
kong-database
config
http localhost:8001
HTTP/1.1 200 OK
...
Server: kong/0.10.2
{
"configuration": {
"admin_ip": "0.0.0.0",
"admin_listen": "0.0.0.0:8001",
"admin_listen_ssl": "0.0.0.0:8444",
"admin_port": 8001,
"admin_ssl": true,
...
"admin_ssl_ip": "0.0.0.0",
"admin_ssl_port": 8444,
"anonymous_reports": true,
"cassandra_consistency": "ONE",
"cassandra_contact_points": [
"kong-database"
],
"cassandra_data_centers": [
"dc1:2",
"dc2:3"
],
"cassandra_keyspace": "kong",
"cassandra_lb_policy": "RoundRobin",
"cassandra_port": 9042,
...
"pg_user": "kong",
"plugins": {
"acl": true,
...
},
"prefix": "/usr/local/kong",
"proxy_ip": "0.0.0.0",
"proxy_listen": "0.0.0.0:8000",
...
},
"hostname": "b1b969345f2c",
"lua_version": "LuaJIT 2.1.0-beta2",
"plugins": {
"available_on_server": {
"acl": true,
...
},
"enabled_in_cluster": {}
},
...
"tagline": "Welcome to kong",
"timers": {
"pending": 4,
"running": 0
},
"version": "0.10.2"
}
adding an api:
http POST localhost:8001/apis name=demo upstream_url=http://mockbin.org/request request_host=mockbin.org
host with port
http POST localhost:8001/apis name=localdemo upstream_url=http://localhost:3010/request hosts=localhost
list apis:
http localhost:8001/apis
check admin log
in docker container:
sh-4.2# ls
access.log admin_access.log error.log serf.log
use plugin
auth example
http POST localhost:8001/apis/0ee4b228-3089-4ae9-b13a-09ba4df8004e/plugins name=key-auth config.key_names=X-AUTH
http POST localhost:8001/consumers/b7199b84-cbe6-47ef-9cd0-c68ab27dfee0/key-auth key=abc123
verify :
http localhost:8000 HOST:mockbin.org X-AUTH:1234
http localhost:8000 HOST:mockbin.org X-AUTH:abc123
previous one won't work , latter one works, which with the right key
rate limit example:
find your api id by list apishttp localhost:8001/apis
in my example the api id is: 0ee4b228-3089-4ae9-b13a-09ba4df8004e
http POST localhost:8001/apis/0ee4b228-3089-4ae9-b13a-09ba4df8004e/plugin;5Cs name=rate-limiting config.minute=5 config.hour=10
test it:
http localhost:8000 Host:mockbin.org X-AUTH:abc123
HTTP/1.1 200 OK
after 5 times with 1 minute:
dengwei@RMBAP:~/projects/work$ http localhost:8000 Host:mockbin.org X-AUTH:abc123
HTTP/1.1 429
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Date: Thu, 25 May 2017 12:18:35 GMT
Server: kong/0.10.2
Transfer-Encoding: chunked
X-RateLimit-Limit-hour: 10
X-RateLimit-Limit-minute: 5
X-RateLimit-Remaining-hour: 0
X-RateLimit-Remaining-minute: 5
{
"message": "API rate limit exceeded"
}
how does it work
rest api with other url in sub page
ui for monitor(need enterprise)
plugin with other language?
to do or not
api gateway: to be or not to be
ref
API & Microservices Management with Kong
kong基础使用
kong ui
kong dashboard
docker
使用Kong来管理业务restful api
[聊聊架构:深入浅出聊聊企业级API网关](https://mp.weixin.qq.com/s?__biz=MzA5Nzc4OTA1Mw==&mid=2659599286&idx=1&sn=f41c9dc7f9f2027eab97889b1b01a391&chksm=8be996a4bc9e1fb29ea77d0941bedb60714c6a7ae94edd44bf705a0910979e18e631210ab326)
problems
in docker you will not success in forward your request via kong. issue here
dengwei@RMBAP:~/projects/work$ http POST localhost:8001/apis name=localdemoabc upstream_url=http://localhost:3010/ uris=/abc
HTTP/1.1 201 Created
dengwei@RMBAP:~/projects/work$ http localhost:8000/abc host=localhost
HTTP/1.1 502 Bad Gateway
todo:
nginx + koa sample
how routing work and verify
ui page
speed lost
comparing with other api gateway: loopback.io http://orange.sumory.com/
API Gateway : Kong的更多相关文章
- API Gateway - KONG 安装与配置
简介 Kong,是由Mashape公司开源的,基于Nginx的API gateway 特点 可扩展,支持分布式 模块化 功能:授权.日志.ip限制.限流.api 统计分析(存在商业插件Galileo等 ...
- kong API gateway
参考:https://www.cnblogs.com/chenjinxi/p/8724564.html 一.简介 Kong,是由Mashape公司开源的,基于Nginx的API gateway. 二. ...
- API gateway 之 kong 基本操作 (三)
一.演示环境准备 1.nginx配置 [root@nginx conf.d]# pwd /etc/nginx/conf.d [root@nginx conf.d]# ls conf_bak kong_ ...
- API gateway 之 kong 基本介绍 (一)
一.API网关概念介绍 API 网关,即API Gateway,是大型分布式系统中,为了保护内部服务而设计的一道屏障,可以提供高性能.高可用的 API托管服务,从而帮助服务的开发者便捷地对外提供服务, ...
- 关于kong | API Gateway
目录 为什么需要 API 网关(more) kong的概念 为什么使用Kong Kong 的管理方式 高可扩展性的背后-插件机制 [前言]: Kong是一个云原生,高效,可扩展的分布式 API 网关. ...
- Docker安装Kong API Gateway并使用
我最新最全的文章都在南瓜慢说 www.pkslow.com,文章更新也只在官网,欢迎大家来喝茶~~ 1 简介 Kong不是一个简单的产品,本文讲的Kong主要指的是Kong API Gateway,即 ...
- 谈谈微服务中的 API 网关(API Gateway)
前言 又是很久没写博客了,最近一段时间换了新工作,比较忙,所以没有抽出来太多的时间写给关注我的粉丝写一些干货了,就有人问我怎么最近没有更新博客了,在这里给大家抱歉. 那么,在本篇文章中,我们就一起来探 ...
- 聊聊 API Gateway 和 Netflix Zuul
最近参与了公司 API Gateway 的搭建工作,技术选型是 Netflix Zuul,主要聊一聊其中的一些心得和体会. 本文主要是介绍使用 Zuul 且在不强制使用其他 Neflix OSS 组件 ...
- 微服务中的 API 网关(API Gateway)
API 网关(API Gateway)提供高性能.高可用的 API 托管服务,帮助用户对外开放其部署在 ECS.容器服务等云产品上的应用,提供完整的 API 发布.管理.维护生命周期管理.用户只需进行 ...
随机推荐
- 【HNOI 2018】道路
Problem Description \(W\) 国的交通呈一棵树的形状.\(W\) 国一共有\(n - 1\)个城市和\(n\)个乡村,其中城市从\(1\)到\(n - 1\) 编号,乡村从\(1 ...
- Lintcode481-Binary Tree Leaf Sum-Easy
481. Binary Tree Leaf Sum Given a binary tree, calculate the sum of leaves. Example Example 1: Input ...
- MySQL安装指南(转)
MySQL安装指南 安装MySQL sudo apt-get install mysql-server 这个应该很简单了,而且我觉得大家在安装方面也没什么太大问题,所以也就不多说了,下面我们来讲讲 ...
- Pandas 基础(9) - 组合方法 merge
首先, 还是以天气为例, 准备如下数据: df1 = pd.DataFrame({ 'city': ['newyork', 'chicago', 'orlando'], 'temperature': ...
- Cocos Creator 使用protobufjs
Win7 + Creator 2.0.0 + protobufjs 6.8.8 1.下载安装protobufjs npm install -g protobufjs 可以看到protobufjs安装在 ...
- LeetCode--015--三元之和(java)
给定一个包含 n 个整数的数组 nums,判断 nums 中是否存在三个元素 a,b,c ,使得 a + b + c = 0 ?找出所有满足条件且不重复的三元组. 注意:答案中不可以包含重复的三元组. ...
- postman加密短信验证码
问题描述:有一个绑定手机号的接口需要向手机发送验证码,接口会将验证码进行base64编码加密,加密后的值赋值给code参数,其他接口请求均需要code参数,如何带上该参数 解决方案:在请求其他接口前请 ...
- 7.8 GRASP原则八: 间接 Indirection
GRASP原则八: 间接 Indirection 若两个对象直接连接,导致耦合太紧,如何解决?3.1 GRASP rule8: Indirection 间接 Name: Indirection ...
- python入门-基础语法
一.变量 定义字符串要加单引号‘’ 变量命名规范: 变量名只能是字母.数字或下划线的任意组合 变量名的第一个字符不能是数字 变量名不能用关键字 变量名不要用中文 变量名不要太长,区分大小写 面就用单引 ...
- Hadoop经典案例(排序&Join&topk&小文件合并)
①自定义按某列排序,二次排序 writablecomparable中的compareto方法 ②topk a利用treemap,缺点:map中的key不允许重复:https://blog.csdn.n ...