Kong v0.10.0 發布

Kong是在客戶端和（微）服務間轉發API通信的API網關，通過插件擴展功能。Kong有兩個主要組件：

• Kong Server ：基于nginx的服務器，用來接收API請求。
• Apache Cassandra ：用來存儲操作數據。

你可以通過增加更多Kong Server機器對Kong服務進行水平擴展，通過前置的負載均衡器向這些機器分發請求。根據文檔描述，兩個Cassandra節點就足以支撐絕大多數情況，但如果網絡非常擁擠，可以考慮適當增加更多節點。

對于開源社區來說，Kong 中最誘人的一個特性是可以通過插件擴展已有功能，這些插件在 API 請求響應循環的生命周期中被執行。插件使用 Lua 編寫，而且 Kong 還有如下幾個基礎功能：

•  HTTP 基本認證
•  密鑰認證
•  CORS（ Cross-origin Resource Sharing，跨域資源共享）
•  TCP/UDP
•  文件日志
•  API 請求限流
•  請求轉發
•  nginx 監控

http://static.open-open.com/news/uploadImg/20160527/20160527220606_951.png

更新日志

•  API Objects (as configured via the Admin API) do not support the request_host and request_uri fields anymore. The 0.10 migrations should upgrade your current API Objects, but make sure to read the new 0.10 Proxy Guide to learn the new routing capabilities of Kong. On the good side, this means that Kong can now route incoming requests according to a combination of Host headers, URIs, and HTTP methods.
•  Final slashes in upstream_url are no longer allowed.
  #2115
•  The SSL plugin has been removed and dynamic SSL capabilities have been added to Kong core, and are configurable via new properties on the API entity. See the related PR for a detailed explanation of this change.
  #1970
•  Drop the Dnsmasq dependency. We now internally resolve both A and SRV DNS records.
  #1587
•  Dropping support for unsecure TLS/1.0 and defaulting Upgrade responses to TLS/1.2.
  #2119
• Bump the compatible OpenResty version to 1.11.2.1 and 1.11.2.2. Support for OpenResty 1.11.2.2 requires the --without-luajit-lua52 compilation flag.
• Separate Admin API and Proxy error logs. Admin API logs are now written to logs/admin_access.log.
  #1782
• Auto-generates stronger SHA-256 with RSA encryption SSL certificates.
  #2117

•  Support for Cassandra 3.x.
  #1709
•  SRV records resolution.
  #1587
•  Load balancing. When an A or SRV record resolves to multiple entries, Kong now rotates those upstream targets with a Round-Robin algorithm. This is a first step towards implementing more load balancing
  algorithms.Another way to specify multiple upstream targets is to use the newly introduced /upstreams and /targets entities of the Admin API.
  #1587
  #1735
•  Multiple hosts and paths per API. Kong can now route incoming requests to your services based on a combination of Host headers, URIs and HTTP methods. See the related PR for a detailed explanation of the new properties and capabilities of the new router.
  #1970
•  Maintain upstream connection pools which should greatly improve performance, especially for HTTPS upstream connections. We now use HTTP/1.1 for upstream connections as well as an nginx upstream block with a configurablekeepalive directive, thanks to the new nginx_keepalive configuration property.
  #1587
  #1827
•  Websockets support. Kong can now upgrade client connections to use the ws protocol when Upgrade: websocket is present.
  #1827
• Use an in-memory caching strategy for database entities in order to reduce CPU load during requests proxying.
  #1688
• Provide negative-caching for missed database entities. This should improve performance in some cases.
  #1914
• Support for serving the Admin API over SSL. This introduces new properties in the configuration file: admin_listen_ssl, admin_ssl, admin_ssl_cert and admin_ssl_cert_key.
  #1706
• Support for upstream connection timeouts. APIs now have 3 new fields:upstream_connect_timeout, upstream_send_timeout, upstream_read_timeout to specify, in milliseconds, a timeout value for requests between Kong and your APIs.
  #2036
• Support for clustering key rotation in the underlying Serf process:
  • new cluster_keyring_file property in the configuration file.
  • new kong cluster keys .. CLI commands that expose the underlying serf keys .. commands.
    #2069
• Support for lua_socket_pool_size property in configuration file.
  #2109
• Plugins:
  •  New AWS Lambda plugin. Thanks Tim Erickson for his collaboration on this new addition.
    #1777
    #1190
  • Anonymous authentication for auth plugins. When such plugins receive the config.anonymous=<consumer_id> property, even non-authenticated requests will be proxied by Kong, with the traditional Consumer headers set to the designated anonymous consumer, but also with a X-Anonymous-Consumer header. Multiple auth plugins will work in a logical OR fashion.
    #1666 and
    #2035
  • request-transformer: Ability to change the HTTP method of the upstream request. #1635
  • jwt: Support for ES256 signatures.
    #1920
  • rate-limiting: Ability to select the Redis database to use via the new config.redis_database plugin property.
    #1941

• Looking for Serf in known installation paths.
  #1997
• Including port in upstream Host header.
  #2045
• Clarify the purpose of the cluster_listen_rpc property in the configuration file. Thanks Jeremy Monin for the patch.
  #1860
• Admin API:
  • Properly Return JSON responses (instead of HTML) on HTTP 409 Conflict when adding Plugins.
    #2014
• CLI:
  • Avoid double-prefixing migration error messages with the database name (PostgreSQL/Cassandra).
• Plugins:
  • Fix fault tolerancy logic and error reporting in rate-limiting plugins.
  • CORS: Properly return Access-Control-Allow-Credentials: false if Access-Control-Allow-Origin: *.
    #2104
  • key-auth: enforce key_names to be proper header names according to Nginx.
    #2142

下載

• Source code (zip)
• Source code (tar.gz)

本站原創，轉載時保留以下信息：
本文轉自：深度開源（open-open.com）
原文地址：http://www.baiduhome.net/news/view/5e635f26