Kong
Kong is a lua application API platform running in Nginx.
Installation⚑
Kong supports several platforms of which we'll use Kubernetes with the helm chart, as it gives the following advantages:
- Kong is configured dynamically and responds to the changes in your infrastructure.
- Kong is deployed onto Kubernetes with a Controller, which is responsible for configuring Kong.
- All of Kong’s configuration is done using Kubernetes resources, stored in Kubernetes’ data-store (etcd).
- Use the power of kubectl (or any custom tooling around kubectl) to configure Kong and get benefits of all Kubernetes, such as declarative configuration, cloud-provider agnostic deployments, RBAC, reconciliation of desired state, and elastic scalability.
- Kong is configured using a combination of Ingress Resource and Custom Resource Definitions(CRDs).
- DB-less by default, meaning Kong has the capability of running without a database and using only memory storage for entities.
In the helmfile.yaml
add the repository and the release:
repositories:
- name: kong
url: https://charts.konghq.com
releases:
- name: kong
namespace: api-manager
chart: kong/kong
values:
- kong/values.yaml
secrets:
- kong/secrets.yaml
While particularizing the values.yaml
keep in mind that:
- If you don't want the ingress controller set up
ingressController.enabled: false
, and inproxy
setservice: ClusterIP
andingress.enabled: true
. - Kong can be run with or without a database. By default the chart installs it without database.
-
If you deploy it without database and without the ingress controller, you have to provide a declarative configuration for Kong to run. It can be provided using an existing ConfigMap
dblessConfig.configMap
or the whole configuration can be put into thevalues.yaml
file for deployment itself, under thedblessConfig.config
parameter. -
Although kong supports it's own Kubernetes resources (CRD) for plugins and consumers, I've found now way of integrating them into the helm chart, therefore I'm going to specify everything in the
dblessConfig.config
.
So the general kong configuration values.yaml
would be:
dblessConfig:
config:
_format_version: "1.1"
services:
- name: example.com
url: https://api.example.com
plugins:
- name: key-auth
- name: rate-limiting
config:
second: 10
hour: 1000
policy: local
routes:
- name: example
paths:
- /example
And the secrets.yaml
:
consumers:
- username: lyz
keyauth_credentials:
- key: vRQO6xfBbTY3KRvNV7TbeFUUW7kjBmPhIFcUUxvkm4
To test that everything works use
curl -I https://api.example.com/example -H 'apikey: vRQO6xfBbTY3KRvNV7TbeFUUW7kjBmPhIFcUUxvkm4'
To add the prometheus monitorization, enable the serviceMonitor.enabled: true
and make sure you set the correct labels. There is a grafana official dashboard you can also use.