Kong 是在客户端和（微）服务间转发 API 通信的 API 网关，通过插件扩展功能。持久化支持Postgresql和Cassandra。鉴于做测试，使用搭建简便的Postgresql作为DB存储。

IP分配

192.168.0.181：CentOS7 部署Kong服务； 192.168.0.184：CentOS7 部署postgresql 10；

部署postgresql

首先在192.168.0.184上部署postgresql，命令如下：

yum install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-1.noarch.rpm yum install postgresql10 yum install postgresql10-server /usr/pgsql-10/bin/postgresql-10-setup initdb systemctl enable postgresql-10 systemctl start postgresql-10

安装完毕后进入db创建用户；

#首先进入postgres用户su postgres#进入sql命令行/usr/pgsql-10/bin/psql#创建用户和库CREATE USER kong; CREATE DATABASE kong OWNER kong;#修改用户kong的密码ALTER USER kong WITH PASSWORD 'kong';

安装kong

接下来在192.168.0.181上安装kong，首先下载对应CentOS7的rpm文件：kong-community-edition-0.11.2.el7.noarch.rpm

yum install epel-releaseyum install kong-community-edition-0.11.2.*.noarch.rpm --nogpgcheck

然后修改配置文件，默认在/etc/kong/kong.conf.default

database = postgrespg_host = 192.168.0.184pg_port = 5432pg_user = kongpg_password = kongpg_database = kong

然后重命名为kong.conf

再初始化db

kong migrations up -c /etc/kong/kong.conf

启动：

kong start -c /etc/kong/kong.conf

kong开放4个端口，分别用途如下：

• 8000: 监听HTTP请求，向后端服务进行转发；
• 8443: 监听HTTPS请求，同8000；
• 8001: 用户管理api访问端口；
• 8444: 监听HTTPS用于管理api端口；

停止和reload命令：

kong stopkong reload

Kong管理接口

状态相关接口

查看kong信息

GET http://192.168.0.181:8001/

• available_on_server: 查看开启的插件列表
• enabled_in_cluster：查看集群中开启插件的信息

{    "version": "0.11.2",     "plugins": {        "enabled_in_cluster": [ ],         "available_on_server": {            "response-transformer": true,             "correlation-id": true,             "statsd": true,             "jwt": true,             "cors": true,             "basic-auth": true,             "key-auth": true,             "ldap-auth": true,             "oauth2": true,             "http-log": true,             "ip-restriction": true,             "hmac-auth": true,             "request-size-limiting": true,             "datadog": true,             "tcp-log": true,             "request-transformer": true,             "file-log": true,             "acl": true,             "bot-detection": true,             "loggly": true,             "galileo": true,             "syslog": true,             "udp-log": true,             "response-ratelimiting": true,             "aws-lambda": true,             "runscope": true,             "rate-limiting": true,             "request-termination": true        }    },     "tagline": "Welcome to kong",     "configuration": {        "error_default_type": "text/plain",         "admin_listen": "0.0.0.0:8001",         "lua_ssl_verify_depth": 1,         "trusted_ips": { },         "prefix": "/usr/local/kong",         "nginx_conf": "/usr/local/kong/nginx.conf",         "cassandra_username": "kong",         "proxy_ip": "0.0.0.0",         "ssl_cert_key": "/usr/local/kong/ssl/kong-default.key",         "admin_ssl_cert_key": "/usr/local/kong/ssl/admin-kong-default.key",         "dns_resolver": { },         "pg_user": "kong",         "mem_cache_size": "128m",         "server_tokens": true,         "proxy_ssl_port": 8443,         "admin_ip": "0.0.0.0",         "custom_plugins": { },         "pg_host": "192.168.0.184",         "nginx_acc_logs": "/usr/local/kong/logs/access.log",         "proxy_listen": "0.0.0.0:8000",         "client_ssl_cert_default": "/usr/local/kong/ssl/kong-default.crt",         "cassandra_ssl": false,         "dns_no_sync": false,         "db_update_propagation": 0,         "nginx_err_logs": "/usr/local/kong/logs/error.log",         "cassandra_port": 9042,         "dns_order": [            "LAST",             "SRV",             "A",             "CNAME"        ],         "admin_ssl_ip": "0.0.0.0",         "dns_stale_ttl": 4,         "nginx_optimizations": true,         "proxy_ssl_ip": "0.0.0.0",         "database": "postgres",         "ssl": true,         "pg_database": "kong",         "nginx_worker_processes": "auto",         "admin_ssl_port": 8444,         "lua_package_cpath": "",         "admin_port": 8001,         "nginx_pid": "/usr/local/kong/pids/nginx.pid",         "upstream_keepalive": 60,         "proxy_access_log": "logs/access.log",         "ssl_ciphers": "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256",         "ssl_cert_csr_default": "/usr/local/kong/ssl/kong-default.csr",         "admin_access_log": "logs/admin_access.log",         "dns_error_ttl": 1,         "client_ssl_cert_csr_default": "/usr/local/kong/ssl/kong-default.csr",         "pg_password": "******",         "client_ssl": false,         "cassandra_contact_points": [            "127.0.0.1"        ],         "admin_ssl_cert_csr_default": "/usr/local/kong/ssl/admin-kong-default.csr",         "lua_socket_pool_size": 30,         "real_ip_header": "X-Real-IP",         "ssl_cipher_suite": "modern",         "cassandra_consistency": "ONE",         "http2": false,         "proxy_listen_ssl": "0.0.0.0:8443",         "client_max_body_size": "0",         "admin_error_log": "logs/error.log",         "pg_ssl_verify": false,         "dns_not_found_ttl": 30,         "pg_ssl": false,         "proxy_error_log": "logs/error.log",         "proxy_port": 8000,         "cassandra_repl_strategy": "SimpleStrategy",         "latency_tokens": true,         "admin_listen_ssl": "0.0.0.0:8444",         "admin_ssl_cert": "/usr/local/kong/ssl/admin-kong-default.crt",         "admin_http2": false,         "nginx_kong_conf": "/usr/local/kong/nginx-kong.conf",         "cassandra_schema_consensus_timeout": 10000,         "dns_hostsfile": "/etc/hosts",         "log_level": "notice",         "cassandra_timeout": 5000,         "ssl_cert": "/usr/local/kong/ssl/kong-default.crt",         "admin_ssl": true,         "admin_ssl_cert_key_default": "/usr/local/kong/ssl/admin-kong-default.key",         "cassandra_ssl_verify": false,         "db_cache_ttl": 3600,         "cassandra_lb_policy": "RoundRobin",         "real_ip_recursive": "off",         "cassandra_repl_factor": 1,         "client_ssl_cert_key_default": "/usr/local/kong/ssl/kong-default.key",         "nginx_daemon": "on",         "anonymous_reports": true,         "kong_env": "/usr/local/kong/.kong_env",         "cassandra_data_centers": [            "dc1:2",             "dc2:3"        ],         "pg_port": 5432,         "plugins": {            "response-transformer": true,             "correlation-id": true,             "statsd": true,             "jwt": true,             "cors": true,             "basic-auth": true,             "key-auth": true,             "ldap-auth": true,             "request-termination": true,             "http-log": true,             "rate-limiting": true,             "hmac-auth": true,             "runscope": true,             "datadog": true,             "tcp-log": true,             "aws-lambda": true,             "response-ratelimiting": true,             "bot-detection": true,             "request-size-limiting": true,             "syslog": true,             "galileo": true,             "loggly": true,             "udp-log": true,             "file-log": true,             "request-transformer": true,             "acl": true,             "ip-restriction": true,             "oauth2": true        },         "client_body_buffer_size": "8k",         "nginx_admin_acc_logs": "/usr/local/kong/logs/admin_access.log",         "admin_ssl_cert_default": "/usr/local/kong/ssl/admin-kong-default.crt",         "db_update_frequency": 5,         "cassandra_keyspace": "kong",         "ssl_cert_default": "/usr/local/kong/ssl/kong-default.crt",         "ssl_cert_key_default": "/usr/local/kong/ssl/kong-default.key",         "lua_package_path": "./?.lua;./?/init.lua;"    },     "lua_version": "LuaJIT 2.1.0-beta2",     "prng_seeds": {        "pid: 15093": 961939718379    },     "timers": {        "pending": 5,         "running": 0    },     "hostname": "tree81"}

获取kong状态

GET http://192.168.0.181:8001/status

{    "database": {        "reachable": true #数据库的连接状态    },    "server": {        "connections_writing": 1, #正在响应的请求数        "total_requests": 8,  #总请求数        "connections_handled": 7, #处理连接总数        "connections_accepted": 7, #客户端连接总数        "connections_reading": 0, #正在读取请求头的连接数        "connections_active": 1, #活动连接数，含等待        "connections_waiting": 0 #正在等待请求的连接数    }}