欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

kong安装-负载

程序员文章站 2022-06-03 20:25:19
...

kong介绍

Kong 是在客户端和(微)服务间转发API通信的API网关,通过插件扩展功能

当我们决定对应用进行微服务改造时,应用客户端如何与微服务交互的问题也随之而来,毕竟服务数量的增加会直接导致部署授权、负载均衡、通信管理、分析和改变的难度增加

Kong API GATEWAY是一个不错的解决方案,其所提供的访问限制、安全、流量控制、分析监控、日志、请求转发、合成和协议转换功能,可以解放开发者去把精力集中在具体逻辑的代码,而不是把时间花费在考虑如何解决应用和其他微服务链接的问题上。

在众多API GATEWAY框架中,Mashape开源的高性能高可用API网关和API服务管理层——KONG(基于NGINX)特点尤为突出,它可以通过插件扩展已有功能,这些插件(使用lua编写)在API请求响应循环的生命周期中被执行。于此同时,KONG本身提供包括HTTP基本认证、**认证、CORS、TCP、UDP、文件日志、API请求限流、请求转发及NGINX监控等基本功能。目前,Kong在Mashape管理了超过15,000个API,为200,000开发者提供了每月数十亿的请求支持。

软件 版本
CentOS Linux release 7.5.1804 (Core)
JDK jdk-8u144-linux-x64.gz
apache-cassandra apache-cassandra-3.11.0-bin.tar.gz
kong kong-community-edition-0.11.0.el6.noarch.rpm
node.js node-v6.10.0-linux-x64.tar.xz
kong-dashboard 源码安装
负载节点
负载软件 节点名 负载IP
apache-cassandra Test Cluster 192.168.96.36
apache-cassandra Test Cluster 192.168.96.37
kong kong 192.168.96.36
kong kong 192.168.96.37
授权 和添加到同一个用户组
[[email protected] local]$ sudo mkdir nlp
[[email protected] nlp]$ sudo chown uaren /usr/local/nlp
[[email protected] nlp]$ sudo chgrp uaren /usr/local/nlp
[[email protected] nlp]$ sudo chmod 775  /usr/local/nlp

安装JDK

$ tar -xzvf jdk-8u144-linux-x64.gz
修改环境变量
$ sudo vim /etc/profile
加入环境变量
export JAVA_HOME=/usr/local/nlp/java/jdk1.8.0_144
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
配置完成之后
$source /etc/profile

安装apache-cassandra-3.11.0-bin.tar.gz

tar -zxvf apache-cassandra-3.11.0-bin.tar.gz
设置环境变量

export CASSANDRA_HOME=/usr/local/nlp/apache-cassandra-3.11.0
export PATH=$CASSANDRA_HOME/bin:$PATH

配置完成之后
$source /etc/profile

解压cassandra的安装包后可以查看主要的配置文件,都在conf/目录下,
conf/cassandra.yaml比较重要,其中需要着重注意的有以下一些配置项
cluster_name: 'Test Cluster'
num_tokens: 256
seed_provider:
    - class_name: org.apache.cassandra.locator.SimpleSeedProvider
      parameters:
          - seeds: "127.0.0.1"
listen_address: lcoalhost
rpc_address: lcoalhost
endpoint_snitch: SimpleSnitch

修改配置文件
$ sudo vim conf/cassandra.yaml

讲所有有显示ip的地方都需要注意并修改,将127.0.0.1和localhost改为你的对外访问的ip
修改之后:
cluster_name: 'Test Cluster'
num_tokens: 256
seed_provider:
    - class_name: org.apache.cassandra.locator.SimpleSeedProvider
      parameters:
          - seeds: "192.168.96.36"
listen_address: 192.168.96.36
rpc_address: 192.168.96.36
endpoint_snitch: SimpleSnitch

更改属主授权
$ sudo useradd -r -m cassandra
$ sudo chown -R cassandra /usr/local/nlp/apache-cassandra-3.11.0

启动cassandra
$ cd /usr/local/nlp/apache-cassandra-3.11.0/bin
$ ./cassandra

启动之后查看一下状态
$ ./nodetool status

Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
--  Address       Load       Tokens       Owns (effective)  Host ID                               Rack
UN  192.168.96.36  175.55 KiB  256          100.0%            e4b8fdbe-9734-484d-a1b0-c874a26c0bd8  rack1

现在cassandra已经启动了节点1 名字为cluster_name: 'Test Cluster'


apache-cassandra配置负载

以同样的方式 再在另一台机器上安装apache-cassandra

修改两个apache-cassandra中的配置文件conf/cassandra.yaml

seed_provider:
    - class_name: org.apache.cassandra.locator.SimpleSeedProvider
      parameters:
          - seeds: "192.168.96.36,192.168.96.37"

修改完成之后 从启两台cassandra
在此查看状态
$ ./nodetool status

Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
--  Address       Load       Tokens       Owns (effective)  Host ID                               Rack
UN  192.168.96.36  490.6 KiB  256          51.0%             e4b8fdbe-9734-484d-a1b0-c874a26c0bd8  rack1
UN  192.168.96.37  217.68 KiB  256          49.0%             6cc47362-32c0-4742-8a5f-b6b3fd32c55f  rack1

此时完成两台负载的配置

Kong安装

下载并安装
 $ sudo yum install epel-release
$ sudo yum install kong-community-edition-0.11.0.el6.noarch.rpm --nogpgcheck
$ sudo cp /etc/kong/kong.conf.default /etc/kong/kong.conf
$ sudo mkdir /usr/local/kong
$ sudo chown uaren /usr/local/kong
$ sudo chgrp uaren /usr/local/kong
修改配置文件
$ sudo vim /etc/kong/kong.conf
【详细的配置文件请查看kong.conf】
修改完成之后编译kong
$ kong migrations up -c /etc/kong/kong.conf

出现错误
Error: [cassandra error] Error during migration 2017-01-24-132600_upstream_timeouts_2: [Read timeout] Operation timed out - received only 0 responses.

  Run with --v (verbose) or --vv (debug) for more details
  
需要初始化数据库,插件更新
$ kong migrations list -c /etc/kong/kong.conf
$ kong migrations reset -c /etc/kong/kong.conf

再次编译
$ kong migrations up -c /etc/kong/kong.conf
出现
migrating core for keyspace kong
...
...
waiting for Cassandra schema consensus (10000ms timeout)...
Cassandra schema consensus: reached
编译完成

启动kong
kong start –c /etc/kong/kong.conf --vv

kong配置负载

以同样的方式 再在另一台机器上安装kong
修改两个kong中的配置文件/etc/kong/kong.conf

在# DATASTORE 中 添加如下配置
cassandra_contact_points = 192.168.96.36,192.168.96.37
重启kong

kong-dashboard 安装

kong-dashboard 的安装需要node.js支撑,所以需要先安装node.js

$ mkdir nodejs
$ sudo chown uaren /usr/local/nodejs/
$ sudo chgrp uaren /usr/local/nodejs/
$ sudo chmod 775  /usr/local/nodejs/

在安装node-v6.10.0-linux-x64.tar.xz时由于文件是.tar.xz的后缀,
所以先解压成tar后缀在解压node文件
解压为tar后缀
$ xz -d node-v6.10.0-linux-x64.tar.xz
$ ll
-rw-r--r-- 1 uaren uaren 47114240 12月 14 16:31 node-v6.10.0-linux-x64.tar

$ tar -xvf node-v6.10.0-linux-x64.tar
$ mv node-v6.10.0-linux-x64 node
建立软连接,变为全局
ln -s /usr/local/nodejs/node/bin/npm /usr/local/bin/
ln -s /usr/local/nodejs/node/bin/node /usr/local/bin/

配置环境变量
$ sudo vim /etc/profile

export NODE_HOME=/usr/local/nodejs/node
export PATH=$NODE_HOME/bin:$PATH

$ source /etc/profile

验证是否安装配置成功
$ node -v


kong-dashboard 安装

安装
$ npm install -g kong-dashboard


启动
$ nohup kong-dashboard start   --kong-url http://192.168.96.36:8101  --port 8102  --basic-auth uaren=uaren > /dev/null 2>&1 &

说明:--kong-url http://192.168.96.36:8101 需要连接的空
--port 8102 是kong-dashboard对外的端口号 
--basic-auth uaren=uaren123是登陆的账号uaren和密码uaren123 

kong 配置文件

# -----------------------
# Kong configuration file
# -----------------------
#
# The commented-out settings shown in this file represent the default values.
#
# This file is read when `kong start` or `kong compile` are used. Kong
# generates the Nginx configuration with the settings specified in this file.
#
# All environment variables prefixed with `KONG_` and capitalized will override
# the settings specified in this file.
# Example:
#   `log_level` setting -> `KONG_LOG_LEVEL` env variable
#
# Boolean values can be specified as `on`/`off` or `true`/`false`.
# Lists must be specified as comma-separated strings.
#
# All comments in this file can be removed safely, including the
# commented-out properties.
# You can verify the integrity of your settings with `kong check <conf>`.

#------------------------------------------------------------------------------
# GENERAL
#------------------------------------------------------------------------------

prefix = /usr/local/kong/       # Working directory. Equivalent to Nginx's
                                 # prefix path, containing temporary files
                                 # and logs.
                                 # Each Kong process must have a separate
                                 # working directory.

log_level = notice              # Log level of the Nginx server. Logs are
                                 # found at <prefix>/logs/error.log
# Note: See http://nginx.org/en/docs/ngx_core_module.html#error_log for a list
# of accepted values.

proxy_access_log = logs/access.log       # Path for proxy port request access
                                          # logs. Set this value to `off` to
                                          # disable logging proxy requests.
                                          # If this value is a relative path, it
                                          # will be placed under the `prefix`
                                          # location.

proxy_error_log = logs/error.log         # Path for proxy port request error
                                          # logs. Granularity of these logs is
                                          # adjusted by the `log_level`
                                          # directive.

admin_access_log = logs/admin_access.log # Path for Admin API request access
                                          # logs. Set this value to `off` to
                                          # disable logging Admin API requests.
                                          # If this value is a relative path, it
                                          # will be placed under the `prefix`
                                          # location.

admin_error_log = logs/error.log         # Path for Admin API request error
                                          # logs. Granularity of these logs is
                                          # adjusted by the `log_level`
                                          # directive.

#custom_plugins =                # Comma-separated list of additional plugins
                                 # this node should load.
                                 # Use this property to load custom plugins
                                 # that are not bundled with Kong.
                                 # Plugins will be loaded from the
                                 # `kong.plugins.{name}.*` namespace.

anonymous_reports = on          # Send anonymous usage data such as error
                                 # stack traces to help improve Kong.

#------------------------------------------------------------------------------
# NGINX
#------------------------------------------------------------------------------

#proxy_listen = 0.0.0.0:8000     # Address and port on which Kong will accept
                                 # HTTP requests.
                                 # This is the public-facing entrypoint of
                                 # Kong, to which your consumers will make
                                 # requests.
# Note: See http://nginx.org/en/docs/http/ngx_http_core_module.html#listen for
# a description of the accepted formats for this and other *_listen values.

#proxy_listen_ssl = 0.0.0.0:8443 # Address and port on which Kong will accept
                                 # HTTPS requests if `ssl` is enabled.

#admin_listen = 0.0.0.0:8001     # Address and port on which Kong will expose
                                 # an entrypoint to the Admin API.
                                 # This API lets you configure and manage Kong,
                                 # and should be kept private and secured.

#admin_listen_ssl = 0.0.0.0:8444 # Address and port on which Kong will accept
                                 # HTTPS requests to the admin API, if
                                 # `admin_ssl` is enabled.

#nginx_user = nobody nobody      # Defines user and group credentials used by
                                 # worker processes. If group is omitted, a
                                 # group whose name equals that of user is
                                 # used. Ex: [user] [group].

#nginx_worker_processes = auto   # Determines the number of worker processes
                                 # spawned by Nginx.

#nginx_daemon = on               # Determines wether Nginx will run as a daemon
                                 # or as a foreground process. Mainly useful
                                 # for development or when running Kong inside
                                 # a Docker environment.

#mem_cache_size = 128m           # Size of the in-memory cache for database
                                 # entities. The accepted units are `k` and
                                 # `m`, with a minimum recommended value of
                                 # a few MBs.

#ssl = on                        # Determines if Nginx should be listening for
                                 # HTTPS traffic on the `proxy_listen_ssl`
                                 # address. If disabled, Nginx will only bind
                                 # itself on `proxy_listen`, and all SSL
                                 # settings will be ignored.

#ssl_cipher_suite = modern       # Defines the TLS ciphers served by Nginx.
                                 # Accepted values are `modern`, `intermediate`,
                                 # `old`, or `custom`.
# Note: See https://wiki.mozilla.org/Security/Server_Side_TLS for detailed
# descriptions of each cipher suite.

#ssl_ciphers =                   # Defines a custom list of TLS ciphers to be
                                 # served by Nginx. This list must conform to
                                 # the pattern defined by `openssl ciphers`.
                                 # This value is ignored if `ssl_cipher_suite`
                                 # is not `custom`.

#ssl_cert =                      # If `ssl` is enabled, the absolute path to
                                 # the SSL certificate for the
                                 # `proxy_listen_ssl` address.

#ssl_cert_key =                  # If `ssl` is enabled, the absolute path to
                                 # the SSL key for the `proxy_listen_ssl`
                                 # address.

#http2 = off                     # Enables HTTP2 support for HTTPS traffic on
                                 # the `proxy_listen_ssl` address.

#client_ssl = off                # Determines if Nginx should send client-side
                                 # SSL certificates when proxying requests.

#client_ssl_cert =               # If `client_ssl` is enabled, the absolute path
                                 # to the client SSL certificate for the
                                 # `proxy_ssl_certificate` directive. Note that
                                 # this value is statically defined on the node,
                                 # and currently cannot be configured on a
                                 # per-API basis.

#client_ssl_cert_key =           # If `client_ssl` is enabled, the absolute path
                                 # to the client SSL key for the
                                 # `proxy_ssl_certificate_key` address. Note
                                 # this value is statically defined on the node,
                                 # and currently cannot be configured on a
                                 # per-API basis.

#admin_ssl = on                  # Determines if Nginx should be listening for
                                 # HTTPS traffic on the `admin_listen_ssl`
                                 # address. If disabled, Nginx will only bind
                                 # itself on `admin_listen`, and all SSL
                                 # settings will be ignored.

#admin_ssl_cert =                # If `admin_ssl` is enabled, the absolute path
                                 # to the SSL certificate for the
                                 # `admin_listen_ssl` address.

#admin_ssl_cert_key =            # If `admin_ssl` is enabled, the absolute path
                                 # to the SSL key for the `admin_listen_ssl`
                                 # address.

#admin_http2 = off               # Enables HTTP2 support for HTTPS traffic on
                                 # the `admin_listen_ssl` address.

#upstream_keepalive = 60         # Sets the maximum number of idle keepalive
                                 # connections to upstream servers that are
                                 # preserved in the cache of each worker
                                 # process. When this number is exceeded, the
                                 # least recently used connections are closed.

#server_tokens = on              # Enables or disables emitting Kong version on
                                 # error pages and in the "Server" or "Via"
                                 # (in case the request was proxied) response
                                 # header field.

#latency_tokens = on             # Enables or disables emitting Kong latency
                                 # information in the "X-Kong-Proxy-Latency"
                                 # and "X-Kong-Upstream-Latency" response
                                 # header fields.

#trusted_ips =                   # Defines trusted IP addresses blocks that are
                                 # known to send correct X-Forwarded-* headers.
                                 # Requests from trusted IPs make Kong forward
                                 # their X-Forwarded-* headers upstream.
                                 # Non-trusted requests make Kong insert its
                                 # own X-Forwarded-* headers.
                                 #
                                 # This property also sets the `set_real_ip_from`
                                 # directive(s) in the Nginx configuration. It
                                 # accepts the same type of values (CIDR blocks)
                                 # but as a comma-separated list.
                                 #
                                 # To trust *all* /!\ IPs, set this value to
                                 # `0.0.0.0/0,::/0`.
                                 #
                                 # If the special value `unix:` is specified,
                                 # all UNIX-domain sockets will be trusted.
# Note:
#
# See http://nginx.org/en/docs/http/ngx_http_realip_module.html for
# examples of accepted values.

trusted_ips = 0.0.0.0/0,::/0
#real_ip_header = X-Real-IP      # Defines the request header field whose value
                                 # will be used to replace the client address.
                                 # This value sets the ngx_http_realip_module
                                 # directive of the same name in the Nginx
                                 # configuration.
                                 #
                                 # If this value receives `proxy_protocol`, the
                                 # `proxy_protocol` parameter will be appended
                                 # to the `listen` directive of the Nginx
                                 # template.
# Note:
#
# See http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_header
# for a description of this directive.
#
# See https://www.nginx.com/resources/admin-guide/proxy-protocol/ for more
# details about the `proxy_protocol` parameter.

real_ip_header = X-Forwarded-For
#real_ip_recursive = off         # This value sets the ngx_http_realip_module
                                 # directive of the same name in the Nginx
                                 # configuration.
# Note:
#
# See http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_recursive
# for a description of this directive.

#client_max_body_size = 0        # Defines the maximum request body size allowed
                                 # by requests proxied by Kong, specified in the
                                 # Content-Length request header. If a request
                                 # exceeds this limit, Kong will respond with a
                                 # 413 (Request Entity Too Large). Setting this
                                 # value to 0 disables checking the request body
                                 # size.
# Note: See
# http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size
# for further description of this parameter. Numeric values may be suffixed with
# 'k' or 'm' to denote limits in terms of kilobytes or megabytes.

#client_body_buffer_size = 8k    # Defines the buffer size for reading the
                                 # request body. If the client request body is
                                 # larger than this value, the body will be
                                 # buffered to disk. Note that when the body is
                                 # buffered to disk Kong plugins that access or
                                 # manipulate the request body may not work, so
                                 # it is advisable to set this value as high as
                                 # possible (e.g., set it as high as
                                 # `client_max_body_size` to force request
                                 # bodies to be kept in memory). Do note that
                                 # high-concurrency environments will require
                                 # significant memory allocations to process
                                 # many concurrent large request bodies.
# Note: See
# http://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_buffer_size
# for further description of this parameter. Numeric values may be suffixed with
# 'k' or 'm' to denote limits in terms of kilobytes or megabytes.

#error_default_type = text/plain  # Default MIME type to use when the request
                                  # `Accept` header is missing and Nginx
                                  # is returning an error for the request.
                                  # Accepted values are `text/plain`,
                                  # `text/html`, `application/json`, and
                                  # `application/xml`.

#------------------------------------------------------------------------------
# DATASTORE
#------------------------------------------------------------------------------

# Kong will store all of its data (such as APIs, consumers and plugins) in
# either Cassandra or PostgreSQL.
#
# All Kong nodes belonging to the same cluster must connect themselves to the
# same database.

database = cassandra             # Determines which of PostgreSQL or Cassandra
                                 # this node will use as its datastore.
                                 # Accepted values are `postgres` and
                                 # `cassandra`.

#pg_host = 127.0.0.1             # The PostgreSQL host to connect to.
#pg_port = 5432                  # The port to connect to.
#pg_user = kong                  # The username to authenticate if required.
#pg_password =                   # The password to authenticate if required.
#pg_database = kong              # The database name to connect to.

#pg_ssl = off                    # Toggles client-server TLS connections
                                 # between Kong and PostgreSQL.

#pg_ssl_verify = off             # Toggles server certificate verification if
                                 # `pg_ssl` is enabled.
                                 # See the `lua_ssl_trusted_certificate`
                                 # setting to specify a certificate authority.

cassandra_contact_points = 192.168.96.36,192168.96.37  # A comma-separated list of contact
                                       # points to your cluster.

cassandra_port = 9042           # The port on which your nodes are listening
                                 # on. All your nodes and contact points must
                                 # listen on the same port.

cassandra_keyspace = kong       # The keyspace to use in your cluster.

cassandra_timeout = 5000        # Defines the timeout (in ms), for reading
                                 # and writing.

cassandra_ssl = off             # Toggles client-to-node TLS connections
                                 # between Kong and Cassandra.

cassandra_ssl_verify = off      # Toggles server certificate verification if
                                 # `cassandra_ssl` is enabled.
                                 # See the `lua_ssl_trusted_certificate`
                                 # setting to specify a certificate authority.

cassandra_username = kong       # Username when using the
                                 # `PasswordAuthenticator` scheme.

cassandra_password =            # Password when using the
                                 # `PasswordAuthenticator` scheme.

cassandra_consistency = ONE     # Consistency setting to use when reading/
                                 # writing to the Cassandra cluster.

cassandra_lb_policy = RoundRobin  # Load balancing policy to use when
                                   # distributing queries across your Cassandra
                                   # cluster.
                                   # Accepted values are `RoundRobin` and
                                   # `DCAwareRoundRobin`.
                                   # Prefer the later if and only if you are
                                   # using a multi-datacenter cluster.

cassandra_local_datacenter =    # When using the `DCAwareRoundRobin` load
                                 # balancing policy, you must specify the name
                                 # of the local (closest) datacenter for this
                                 # Kong node.

cassandra_repl_strategy = SimpleStrategy  # When migrating for the first time,
                                           # Kong will use this setting to
                                           # create your keyspace.
                                           # Accepted values are
                                           # `SimpleStrategy` and
                                           # `NetworkTopologyStrategy`.

cassandra_repl_factor = 1       # When migrating for the first time, Kong
                                 # will create the keyspace with this
                                 # replication factor when using the
                                 # `SimpleStrategy`.

cassandra_data_centers = dc1:2,dc2:3  # When migrating for the first time,
                                       # will use this setting when using the
                                       # `NetworkTopologyStrategy`.
                                       # The format is a comma-separated list
                                       # made of <dc_name>:<repl_factor>.

cassandra_schema_consensus_timeout = 10000  # Defines the timeout (in ms) for
                                             # the waiting period to reach a
                                             # schema consensus between your
                                             # Cassandra nodes.
                                             # This value is only used during
                                             # migrations.

#------------------------------------------------------------------------------
# DATASTORE CACHE
#------------------------------------------------------------------------------

# In order to avoid unecessary communication with the datastore, Kong caches
# entities (such as APIs, Consumers, Credentials...) for a configurable period
# of time. It also handles invalidations if such an entity is updated.
#
# This section allows for configuring the behavior of Kong regarding the
# caching of such configuration entities.

db_update_frequency = 5         # Frequency (in seconds) at which to check for
                                 # updated entities with the datastore.
                                 # When a node creates, updates, or deletes an
                                 # entity via the Admin API, other nodes need
                                 # to wait for the next poll (configured by
                                 # this value) to eventually purge the old
                                 # cached entity and start using the new one.

db_update_propagation = 5       # Time (in seconds) taken for an entity in the
                                 # datastore to be propagated to replica nodes
                                 # of another datacenter.
                                 # When in a distributed environment such as
                                 # a multi-datacenter Cassandra cluster, this
                                 # value should be the maximum number of
                                 # seconds taken by Cassandra to propagate a
                                 # row to other datacenters.
                                 # When set, this property will increase the
                                 # time taken by Kong to propagate the change
                                 # of an entity.
                                 # Single-datacenter setups or PostgreSQL
                                 # servers should suffer no such delays, and
                                 # this value can be safely set to 0.

db_cache_ttl = 3600             # Time-to-live (in seconds) of an entity from
                                 # the datastore when cached by this node.
                                 # Database misses (no entity) are also cached
                                 # according to this setting.
                                 # If set to 0, such cached entities/misses
                                 # never expire.

#------------------------------------------------------------------------------
# DNS RESOLVER
#------------------------------------------------------------------------------

# By default the DNS resolver will use the standard configuration files
# `/etc/hosts` and `/etc/resolv.conf`. The settings in the latter file will be
# overridden by the environment variables `LOCALDOMAIN` and `RES_OPTIONS` if
# they have been set.

#dns_resolver =                  # Comma separated list of nameservers, each
                                 # entry in `ip[:port]` format to be used by
                                 # Kong. If not specified the nameservers in
                                 # the local `resolv.conf` file will be used.
                                 # Port defaults to 53 if omitted. Accepts
                                 # both IPv4 and IPv6 addresses.

#dns_hostsfile = /etc/hosts      # The hosts file to use. This file is read
                                 # once and its content is static in memory.
                                 # To read the file again after modifying it,
                                 # Kong must be reloaded.

#dns_order = LAST,SRV,A,CNAME    # The order in which to resolve different
                                 # record types. The `LAST` type means the
                                 # type of the last successful lookup (for the
                                 # specified name). The format is a (case
                                 # insensitive) comma separated list.

#dns_stale_ttl = 4               # Defines, in seconds, how long a record will
                                 # remain in cache past its TTL. This value
                                 # will be used while the new DNS record is
                                 # fetched in the background.
                                 # Stale data will be used from expiry of a
                                 # record until either the refresh query
                                 # completes, or the `dns_stale_ttl` number of
                                 # seconds have passed.

#dns_not_found_ttl = 30          # TTL in seconds for empty DNS responses and
                                 # "(3) name error" responses.

#dns_error_ttl = 1               # TTL in seconds for error responses.

#dns_no_sync = off               # If enabled, then upon a cache-miss every
                                 # request will trigger its own dns query.
                                 # When disabled multiple requests for the
                                 # same name/type will be synchronised to a
                                 # single query.

#------------------------------------------------------------------------------
# DEVELOPMENT & MISCELLANEOUS
#------------------------------------------------------------------------------

# Additional settings inherited from lua-nginx-module allowing for more
# flexibility and advanced usage.
#
# See the lua-nginx-module documentation for more informations:
# https://github.com/openresty/lua-nginx-module

#lua_ssl_trusted_certificate =   # Absolute path to the certificate
                                 # authority file for Lua cosockets in PEM
                                 # format. This certificate will be the one
                                 # used for verifying Kong's database
                                 # connections, when `pg_ssl_verify` or
                                 # `cassandra_ssl_verify` are enabled.

#lua_ssl_verify_depth = 1        # Sets the verification depth in the server
                                 # certificates chain used by Lua cosockets,
                                 # set by `lua_ssl_trusted_certificate`.
                                 # This includes the certificates configured
                                 # for Kong's database connections.

#lua_code_cache = on             # When disabled, every request will run in a
                                 # separate Lua VM instance: all Lua modules
                                 # will be loaded from scratch. Useful for
                                 # adopting an edit-and-refresh approach while
                                 # developing a plugin.
                                 # Turning this directive off has a severe
                                 # impact on performance.

#lua_package_path =              # Sets the Lua module search path (LUA_PATH).
                                 # Useful when developing or using custom
                                 # plugins not stored in the default search
                                 # path.

#lua_package_cpath =             # Sets the Lua C module search path
                                 # (LUA_CPATH).

#lua_socket_pool_size = 30       # Specifies the size limit for every cosocket
                                 # connection pool associated with every remote
                                 # server