kong DBレスモードを試す

インストール docker DBレスモード

ここら辺から

docker ネットワーク作成

$ docker network create kong-net
0598ab6e41283c8cac2e0f860f1a961641705176d1e0699965547c96ec8cf1e2

docker ボリューム作成

$ docker volume create kong-vol
kong-vol
$ docker volume inspect kong-vol
[
    {
        "CreatedAt": "2019-09-17T19:59:14+09:00",
        "Driver": "local",
        "Labels": {},
        "Mountpoint": "/var/lib/docker/volumes/kong-vol/_data",
        "Name": "kong-vol",
        "Options": {},
        "Scope": "local"
    }
]

作ったボリュームに設定ファイルを作成。

_format_version: "1.1"

services:
- name: my-service
  url: http://mockbin.org
  plugins:
  - name: key-auth
  routes:
  - name: my-route
    paths:
    - /

consumers:
- username: my-user
  keyauth_credentials:
  - key: my-key

mockbin.org は http://mockbin.org とか http://mockbin.org/bin/asdf とか http://mockbin.org/bin/create みると雰囲気がわかる？

DBレスモードでKongを起動

$ docker run --rm --name kong \
     --network=kong-net \
     -v "kong-vol:/usr/local/kong/declarative" \
     -e "KONG_DATABASE=off" \
     -e "KONG_DECLARATIVE_CONFIG=/usr/local/kong/declarative/kong.yml" \
     -e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
     -e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
     -e "KONG_PROXY_ERROR_LOG=/dev/stderr" \
     -e "KONG_ADMIN_ERROR_LOG=/dev/stderr" \
     -e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
     -p 8000:8000 \
     -p 8443:8443 \
     -p 8001:8001 \
     -p 8444:8444 \
     kong:latest

コングにサービスを問い合わせる。yamlの内容が得られた

$ curl -s http://localhost:8001/services | jq .
{
  "next": null,
  "data": [
    {
      "host": "mockbin.org",
      "created_at": 1568720431,
      "connect_timeout": 60000,
      "id": "0855b320-0dd2-547d-891d-601e9b38647f",
      "protocol": "http",
      "name": "my-service",
      "read_timeout": 60000,
      "port": 80,
      "path": null,
      "updated_at": 1568720431,
      "client_certificate": null,
      "tags": null,
      "write_timeout": 60000,
      "retries": 5
    }
  ]
}

コンシューマー

$ curl -s http://localhost:8001/consumers | jq .
{
  "next": null,
  "data": [
    {
      "custom_id": null,
      "created_at": 1568720431,
      "id": "4b1b701d-de2b-5588-9aa2-3b97061d9f52",
      "tags": null,
      "username": "my-user"
    }
  ]
}

コングを使ってみる

単に curl。Unauthorized と怒られた。

$ curl -i -X GET \
  --url http://localhost:8000/ \
  --header 'Host: mockbin.org'
HTTP/1.1 401 Unauthorized
Date: Tue, 17 Sep 2019 11:42:44 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
WWW-Authenticate: Key realm="kong"
Content-Length: 41
Server: kong/1.3.0

apikey つけて curl。 http://mockbin.org したようだ。

$ curl -i -X GET \
  --url http://localhost:8000/ \
  --header 'Host: mockbin.org' \
  --header "apikey: my-key"
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 10695
Connection: keep-alive
Server: openresty/1.15.8.2
Date: Tue, 17 Sep 2019 11:47:19 GMT
Etag: W/"29c7-XG+PICJmz/J+UYWt5gkKqqAUXjc"
Vary: Accept-Encoding
Via: kong/1.3.0
X-Kong-Upstream-Status: 200
X-Kong-Upstream-Latency: 399
X-Kong-Proxy-Latency: 175
Kong-Cloud-Request-ID: 5330a546053d64dd589e553764367b44

<!DOCTYPE html><html><head><meta charset="utf-8"><title>Mockbin by Kong</title>....