Kong is a lua application API platform running in Nginx.
- Kong is configured dynamically and responds to the changes in your infrastructure.
- Kong is deployed onto Kubernetes with a Controller, which is responsible for configuring Kong.
- All of Kong’s configuration is done using Kubernetes resources, stored in Kubernetes’ data-store (etcd).
- Use the power of kubectl (or any custom tooling around kubectl) to configure Kong and get benefits of all Kubernetes, such as declarative configuration, cloud-provider agnostic deployments, RBAC, reconciliation of desired state, and elastic scalability.
- Kong is configured using a combination of Ingress Resource and Custom Resource Definitions(CRDs).
- DB-less by default, meaning Kong has the capability of running without a database and using only memory storage for entities.
helmfile.yaml add the repository and the release:
repositories: - name: kong url: https://charts.konghq.com releases: - name: kong namespace: api-manager chart: kong/kong values: - kong/values.yaml secrets: - kong/secrets.yaml
While particularizing the
values.yaml keep in mind that:
- If you don't want the ingress controller set up
ingressController.enabled: false, and in
- Kong can be run with or without a database. By default the chart installs it without database.
If you deploy it without database and without the ingress controller, you have to provide a declarative configuration for Kong to run. It can be provided using an existing ConfigMap
dblessConfig.configMapor the whole configuration can be put into the
values.yamlfile for deployment itself, under the
Although kong supports it's own Kubernetes resources (CRD) for plugins and consumers, I've found now way of integrating them into the helm chart, therefore I'm going to specify everything in the
So the general kong configuration
values.yaml would be:
dblessConfig: config: _format_version: "1.1" services: - name: example.com url: https://api.example.com plugins: - name: key-auth - name: rate-limiting config: second: 10 hour: 1000 policy: local routes: - name: example paths: - /example
consumers: - username: lyz keyauth_credentials: - key: vRQO6xfBbTY3KRvNV7TbeFUUW7kjBmPhIFcUUxvkm4
To test that everything works use
curl -I https://api.example.com/example -H 'apikey: vRQO6xfBbTY3KRvNV7TbeFUUW7kjBmPhIFcUUxvkm4'