Centos搭建Kong API框架完整教程
來自: http://itjhdev.github.io/2016/03/09/centos-kong-api/
這篇文章我們講解 Kong 在 Centos 上的搭建,安裝 Cassandra 數據庫.
Kong簡介
Kong 是在客戶端和(微)服務間轉發API通信的API網關,通過插件擴展功能。Kong 有兩個主要組件:
Kong Server :基于 nginx 的服務器,用來接收 API 請求。
Apache Cassandra :用來存儲操作數據。
你可以通過增加更多 Kong Server 機器對 Kong 服務進行水平擴展,通過前置的負載均衡器向這些機器分發請求。根據文檔描述,兩個Cassandra節點就足以支撐絕大多數情況,但如果網絡非常擁擠,可以考慮適當增加更多節點。
Github: Kong
官網: getkong
</div>
Kong安裝
-
下載kong
https://getkong.org/install/centos/#packages
下載的文件 kong-0.7.0.el6.noarch.rpm
執行命令安裝
rpm -ivh kong-0.7.0.el6.noarch.rpm
$ sudo yum install epel-release $ sudo yum install kong-0.7.0.*.noarch.rpm --nogpgcheck
</div>
>如果出現 > 錯誤:Cannot retrieve metalink for repository: epel. Please verify its path and try again > 可以通過執行<font color=“red”>yum --disablerepo=epel -y update ca-certificates</font> 完美解決 :beer:
-
啟動
[INFO] Kong 0.7.0 [INFO] Using configuration: /etc/kong/kong.yml [INFO] Setting working directory to /usr/local/kong [INFO] database...........cassandra keyspace=kong ssl=verify=false enabled=false replication_factor=1 contact_points=ec2-52-5-200-155.compute-1.amazonaws.com:34977 replication_strategy=SimpleStrategy timeout=5000 data_centers= [INFO] Database not initialized. Running migrations... [INFO] Migrating core on keyspace "kong" (cassandra) [INFO] core migrated up to: 2015-01-12-175310_skeleton [INFO] core migrated up to: 2015-01-12-175310_init_schema [INFO] core migrated up to: 2015-11-23-817313_nodes [INFO] Migrating key-auth on keyspace "kong" (cassandra) [INFO] key-auth migrated up to: 2015-07-31-172400_init_keyauth [INFO] Migrating rate-limiting on keyspace "kong" (cassandra) [INFO] rate-limiting migrated up to: 2015-08-03-132400_init_ratelimiting [INFO] Migrating mashape-analytics on keyspace "kong" (cassandra) [INFO] mashape-analytics migrated up to: 2015-12-03-161400_mashape-analytics-config [INFO] Migrating acl on keyspace "kong" (cassandra) [INFO] acl migrated up to: 2015-08-25-841841_init_acl [INFO] Migrating oauth2 on keyspace "kong" (cassandra) [INFO] oauth2 migrated up to: 2015-08-03-132400_init_oauth2 [INFO] oauth2 migrated up to: 2015-08-24-215800_cascade_delete_index [INFO] Migrating jwt on keyspace "kong" (cassandra) [INFO] jwt migrated up to: 2015-06-09-jwt-auth [INFO] Migrating basic-auth on keyspace "kong" (cassandra) [INFO] basic-auth migrated up to: 2015-08-03-132400_init_basicauth [INFO] Migrating response-ratelimiting on keyspace "kong" (cassandra) [INFO] response-ratelimiting migrated up to: 2015-08-21_init_response-rate-limiting [INFO] Migrating hmac-auth on keyspace "kong" (cassandra) [INFO] hmac-auth migrated up to: 2015-09-16-132400_init_hmacauth [INFO] dnsmasq............address=127.0.0.1:8053 dnsmasq=true port=8053 [INFO] Leaving cluster.. [INFO] nginx .............admin_api_listen=0.0.0.0:8001 proxy_listen=0.0.0.0:8000 proxy_listen_ssl=0.0.0.0:8443 [OK] Started
</div> </li>
</ol>
安裝 Cassandra
-
下載 Cassandra
wget: http://mirrors.hust.edu.cn/apache/cassandra/3.3/apache-cassandra-3.3-bin.tar.gz
-
安裝 Cassandra
tar -zxvf apache-cassandra-3.3-bin.tar.gz cd bin/
執行cassandra -f 后臺啟動 ./cassandra -f
> 在安裝
cassandra要升級Python2.7.> 執行
./cqlsh測試是否安裝成功 > </pre>Connected to Test Cluster at 127.0.0.1:9042. [cqlsh 5.0.1 | Cassandra 2.2.5 | CQL spec 3.3.1 | Native protocol v4] Use HELP for help. cqlsh>
</div> 恭喜你:beer: 安裝成功了
9042端口 > 執行./cqlsh出現下面的錯誤,需要安裝python ssl模塊 >[root@host-133-130-99-25 bin]# ./cqlsh Traceback (most recent call last): File "./cqlsh.py", line 152, in <module> from cqlshlib import cql3handling, cqlhandling, pylexotron, sslhandling File "/home/soft/apache-cassandra-2.2.5/bin/../pylib/cqlshlib/sslhandling.py", line 20, in <module> import ssl File "/usr/local/lib/python2.7/ssl.py", line 60, in <module> import _ssl # if we can't import it, let the error propagate ImportError: No module named _ssl``` 參考: [python安裝完畢后,提示找不到ssl模塊的解決步驟](http://www.cnblogs.com/yuechaotian/archive/2013/06/03/3115472.html) [CentOS yum安裝或升級Python到2.7.5教程](http://www.111cn.net/sys/CentOS/53297.htm)配置Configure Cassandra
編輯
/etc/kong/kong.yml文件Replace this in /etc/kong/kong.yml and continue installing Kong or onto the quickstart guide! database: cassandra cassandra: contact_points: - "127.0.0.1:9042"</pre> </div> </div> <h4>Kong添加Rest Api </h4> <ol> <li> <p>添加api</p> <div> <div> <pre class="brush:shell; toolbar: true; auto-links: false;">$ curl -i -X POST \ --url http://localhost:8001/apis/ \ --data 'name=mockbin' \ //自己的api name --data 'upstream_url=http://mockbin.com/' \ //API地址 --data 'request_host=mockbin.com' //API地址</pre> </div> </div> <p>成功 顯示</p> <div> <div> <pre class="brush:shell; toolbar: true; auto-links: false;">HTTP/1.1 201 Created Content-Type: application/json Connection: keep-alive { “request_host”: “mockbin.com”, “upstream_url”: “http://mockbin.com/“, “id”: “2eec1cb2-7093-411a-c14e-42e67142d2c4”, “created_at”: 1428456369000, “name”: “mockbin” }</pre> </div> </div> </li> </ol> <pre>使用`kong`作為代理請求API</pre> <div> <div> <pre class="brush:shell; toolbar: true; auto-links: false;">$ curl -i -X GET \ --url http://localhost:8000/ \ --header 'Host: mockbin.com'</pre> </div> </div> <font color=“red”>`:8000`</font> 端口代理 <ol> <li> <p>測試</p> <p> 訪問 http://localhost:8000/ 就可以訪問到自己的API了。 </p> </li> <li> <p>Nginx配置SSL</p> <div> <div> <pre class="brush:shell; toolbar: true; auto-links: false;"> ssl on; ssl_certificate /*.crt; ssl_certificate_key /*.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ALL:!ADH:!EXPORT56:-RC4+RSA:+HIGH:+MEDIUM:!EXP; ssl_prefer_server_ciphers on;</pre> </div> </div> </li> </ol> <h4>Kong API添加插件 </h4> <ol> <li> <p> 添加 key-auth 插件 配置apikey </p> <p> 執行命令: mockbin -> api 名稱 </p> <div> <div> <pre class="brush:shell; toolbar: true; auto-links: false;">curl -i -X POST \ --url http://localhost:8001/apis/mockbin/plugins/ \ --data 'name=key-auth'</pre> </div> </div> </li> </ol> <pre>添加成功顯示:</pre> <div> <div> <pre class="brush:shell; toolbar: true; auto-links: false;"> HTTP/1.1 201 Created Date: Tue, 08 Mar 2016 08:07:51 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Server: kong/0.7.0 {"api_id":"413fc8b3-4c45-43eb-a3c1-17f9325d5527","id":"4706cc84- b97a-48c4-90eb-e8ec8491d3d7","created_at": 1457424471000,"enabled":true,"name":"key-auth","config":{"key_names": ["apikey"],"hide_credentials"
?OK,成功添加`key-auth`插件API 配置訪問權限
執行命令:
username=Slj->Slj用戶```shell --接口添加用戶控制 curl -i -X POST \ --url http://localhost:8001/consumers/ \ --data "username=Slj"</pre> </div>
</div>
Slj用戶配置apikeycurl -i -X POST \ --url http://localhost:8001/consumers/Slj/key-auth/ \ --data 'key=9eGpzqh4U3qMMuSk'
</div> :beer:第一個插件安裝成功了, 我們測試一下吧
-
測試API 訪問權限
在 Headers 中添加 apikey 值
apikey 是我們上面添加的值,:beer:我們愉快的獲得到了數據。
改變一下
apikey值,看看什么效果
:joy:出錯了,那么恭喜你,
Kong的插件起效果了。</pre> </div>本文由用戶 zgvfreirup 自行上傳分享,僅供網友學習交流。所有權歸原作者,若您的權利被侵害,請聯系管理員。轉載本站原創文章,請注明出處,并保留原始鏈接、圖片水印。本站是一個以用戶分享為主的開源技術平臺,歡迎各類分享!-
相關經驗
sesese色 -