欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

API 网关 kong/konga 安装部署

程序员文章站 2022-06-22 16:06:52
...
一、概述

Kong是Mashape开源的高性能高可用API网关和API服务管理层。自2015年在github开源后,广泛受到关注。它基于OpenResty,进行API管理,并提供了插件实现API的AOP。Kong在Mashape 管理了超过15,000 个API,为200,000开发者提供了每月数十亿的请求支持。

在微服务架构之下,服务被拆的非常零散,降低了耦合度的同时也给服务的统一管理增加了难度。如上图左所示,在旧的服务治理体系之下,鉴权,限流,日志,监控等通用功能需要在每个服务中单独实现,这使得系统维护者没有一个全局的视图来统一管理这些功能。API 网关致力于解决的问题便是为微服务纳管这些通用的功能,在此基础上提高系统的可扩展性。如右图所示,微服务搭配上 API 网关,可以使得服务本身更专注于自己的领域,很好地对服务调用者和服务提供者做了隔离。

为什么使用API-Gateway:

1. 方便客户端维护-- 每个请求方不用管理多个api url,统一访问api-gateway即可

2. 接口重构时调用方不须了解接口本身等拆分和聚合

3. 客户端无须关心接口协议

4. 统一权限控制、接口请求访问日志统计

5. 安全,是保护内部服务而设计的一道屏障

5. 开源-最大好处

Kong是一款基于Nginx_Lua模块写的高可用,由于Kong是基于Nginx的,所以可以水平扩展多个Kong服务器,通过前置的负载均衡配置把请求均匀地分发到各个Server,来应对大批量的网络请求。

Kong主要有三个组件:
Kong Server :基于nginx的服务器,用来接收API请求。
Apache Cassandra/PostgreSQL :用来存储操作数据。
Kong dashboard:官方推荐UI管理工具,当然,也可以使用 restfull 方式 管理 admin api。

Kong采用插件机制进行功能定制,插件集(可以是0或N个)在API请求响应循环的生命周期中被执行,插件使用Lua编写。
目前已有几个基础功能:HTTP基本认证、密钥认证、CORS(Cross-Origin Resource Sharing,跨域资源共享)、TCP、UDP、文件日志、API请求限流、请求转发以及Nginx监控。

Kong 的插件机制是其高可扩展性的根源,Kong 可以很方便地为路由和服务提供各种插件,网关所需要的基本特性,Kong 都如数支持:

Cloud-Native:与平台无关,Kong可以从裸机运行到Kubernetes。
动态负载平衡:在多个上游服务之间平衡流量。
基于哈希的负载平衡:具有一致的哈希/粘性会话的负载平衡。
断路器:智能跟踪不健康的上游服务。
运行状况检查:主动和被动监视上游服务。
服务发现:在第三方DNS解析器(例如Consul)中解析SRV记录。
无服务器:直接从Kong调用和保护AWS Lambda或OpenWhisk功能。
WebSockets:通过WebSockets与您的上游服务进行通信。
gRPC:与gRPC服务进行通信,并通过日志记录和可观察性插件观察流量
OAuth2.0:轻松将OAuth2.0身份验证添加到您的API。
日志记录:通过HTTP,TCP,UDP或磁盘记录对系统的请求和响应。
安全性:ACL,僵尸程序检测,白名单/黑名单IP等。
Syslog:登录到系统日志。
SSL:为基础服务或API设置特定的SSL证书。
监视:实时监视提供关键的负载和性能服务器指标。
转发代理:使Kong连接到透明的中介HTTP代理。
认证:HMAC,JWT,Basic等。
速率限制:基于许多变量的阻止和限制请求。
转换:添加,删除或处理HTTP请求和响应。
缓存:在代理层缓存并提供响应。
CLI:从命令行控制Kong群集。
REST API:Kong可以使用其RESTful API进行操作,以实现最大的灵活性。
地理复制:跨不同区域的配置始终是最新的。
故障检测和恢复:如果您的Cassandra节点之一发生故障,则 Kong不会受到影响。
群集:所有Kong节点自动加入群集,并在各个节点之间更新其配置。
可伸缩性:Kong本质上分布,只需添加节点即可水平扩展。
性能:Kong通过扩展和使用NGINX作为核心轻松处理负载。
插件:可扩展的体系结构,用于向Kong和API添加功能。

Kong网关插件:
身份认证插件:Kong提供了Basic Authentication、Key authentication、OAuth2.0 authentication、HMAC authentication、JWT、LDAP authentication认证实现。
安全控制插件:ACL(访问控制)、CORS(跨域资源共享)、动态SSL、IP限制、爬虫检测实现。
流量控制插件:请求限流(基于请求计数限流)、上游响应限流(根据upstream响应计数限流)、请求大小限制。限流支持本地、Redis和集群限流模式。
分析监控插件:Galileo(记录请求和响应数据,实现API分析)、Datadog(记录API Metric如请求次数、请求大小、响应状态和延迟,可视化API Metric)、Runscope(记录请求和响应数据,实现API性能测试和监控)。
协议转换插件:请求转换(在转发到upstream之前修改请求)、响应转换(在upstream响应返回给客户端之前修改响应)。
日志应用插件:TCP、UDP、HTTP、File、Syslog、StatsD、Loggly等。

请求流程:
当Kong运行时,每个对API的请求将先被Kong命中,然后这个请求将会被代理转发到最终的API接口。在请求(Requests)和响应(Responses)之间,Kong将会执行已经事先安装和配置好的任何插件,授权您的API访问操作。Kong是每个API请求的入口点(Endpoint)

二、安装Kong:

安装准备:
yum -y install epel-release
下载kong rpm:
https://kong.bintray.com/kong-community-edition-rpm/centos/7/:kong-community-edition-1.1.2.el7.noarch.rpm
上传服务器:
/opt/kong
安装kong:
cd /opt/kong
yum install kong-community-edition-1.1.2.el7.noarch.rpm --nogpgcheck

三、安装 PostgreSQL 11.9

官网下载PostgreSQL 11.9
https://www.postgresql.org/ftp/source/
官网下载PostgreSQL 12.4
https://www.postgresql.org/ftp/source/v12.4/

上传服务器:
/opt/kong
解压:
cd /opt/kong
tar -zvxf postgresql-11.9.tar.gz
mv postgresql-11.9 /usr/local/
编译:
cd /usr/local/postgresql-11.9/
./configure --prefix=/usr/local/postgresql
安装:
# make
# make install

以下为官方安装(https://www.postgresql.org/download/linux/redhat/)
yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
yum install -y postgresql12-server
/usr/pgsql-12/bin/postgresql-12-setup initdb
systemctl enable postgresql-12
systemctl start postgresql-12

四、PostgreSQL用户权限和环境变量设置

提示:默认root用户不能启动postgresql数据库

创建postgres用户:
# useradd postgres
# passwd postgres  ## 密码 postgres

设置权限:
# mkdir -p /data/postgresql/data/
# mkdir -p /data/postgresql/log/
# chown -R postgres:postgres /data/postgresql/data/
# chown -R postgres:postgres /data/postgresql/log/
# chown -R postgres:postgres /usr/local/postgresql/

添加环境变量:
#postgresql
export POSTGRESQL_HOME=/usr/local/postgresql
export PGDATA=/data/postgresql/data/
export PATH=$PATH:$POSTGRESQL_HOME/bin:$PGDATA


检查是否配置成功:
[root@hadoop000 ~]$ /usr/local/postgresql/bin/psql -V

psql (PostgreSQL) 11.9

切换用户:
su - postgres

初始化数据库(用户postgres执行)
[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/initdb -D /data/postgresql/data/

The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.

The database cluster will be initialized with locale "en_US.UTF-8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".

Data page checksums are disabled.

fixing permissions on existing directory /data/postgresql/data ... ok
creating subdirectories ... ok
selecting default max_connections ... 100
selecting default shared_buffers ... 128MB
selecting default timezone ... PRC
selecting dynamic shared memory implementation ... posix
creating configuration files ... ok
running bootstrap script ... ok
performing post-bootstrap initialization ... ok
syncing data to disk ... ok

WARNING: enabling "trust" authentication for local connections
You can change this by editing pg_hba.conf or using the option -A, or
--auth-local and --auth-host, the next time you run initdb.

Success. You can now start the database server using:

    /usr/local/postgresql/bin/pg_ctl -D /data/postgresql/data/ -l logfile start

检查数据库文件:

# cd /data/postgresql/data

[postgres@hadoop000 ~]$ ls
base    pg_commit_ts  pg_hba.conf    pg_logical    pg_notify    pg_serial     pg_stat      pg_subtrans  pg_twophase  pg_wal   postgresql.auto.conf
global  pg_dynshmem   pg_ident.conf  pg_multixact  pg_replslot  pg_snapshots  pg_stat_tmp  pg_tblspc    PG_VERSION   pg_xact  postgresql.conf

修改访问控制配置:pg_hba.conf文件,添加host  all  all  0.0.0.0/0  md5可使其远程访问,加密方式改为MD5(密码访问)

[postgres@hadoop000 ~]$ vi pg_hba.conf
.........................

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all             0.0.0.0/0               md5
host    all             all             127.0.0.1/32            trust
# IPv6 local connections:
host    all             all             ::1/128                 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local   replication     all                                     trust
host    replication     all             127.0.0.1/32            trust
host    replication     all             ::1/128                 trust


提示:
(1)host all all 127.0.0.1/32 trust表示本地连接数据库不需要输入密码(即使有密码,设为trust后就不需要密码)
(2)host all all 0.0.0.0/0    md5  表示所有主机连接数据库需要输入密码
(3)当然,这两个综合后表现的结果就是:对于本机链接表示信任(不需要输入密码),对于非本机链接需要输入密码

修改postgresql.conf 主配置文件,将localhost 改为*,表示监听整个网络
[postgres@hadoop000 ~]$ vi postgresql.conf

..............

#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------

# - Connection Settings -

listen_addresses = '*'                  # what IP address(es) to listen on;
                                        # comma-separated list of addresses;
                                        # defaults to 'localhost'; use '*' for all
                                        # (change requires restart)
port = 5432                             # (change requires restart)
max_connections = 100                   # (change requires restart)
#superuser_reserved_connections = 3     # (change requires restart)
#unix_socket_directories = '/tmp'       # comma-separated list of directories
                                        # (change requires restart)
#unix_socket_group = ''                 # (change requires restart)
#unix_socket_permissions = 0777         # begin with 0 to use octal notation
                                        # (change requires restart)
#bonjour = off                          # advertise server via Bonjour
                                        # (change requires restart)
#bonjour_name = ''                      # defaults to the computer name
                                        # (change requires restart)

................

五、启动 PostgreSQL

启动数据库(用户postgres执行):

[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/pg_ctl start -D /data/postgresql/data/ -l /data/postgresql/log/pg_server.log
waiting for server to start.... done
server started

查看是否安装成功:

[root@hadoop000 data]# netstat -tlun | grep 5432   #postgres是占用5432端口
tcp        0      0 0.0.0.0:5432            0.0.0.0:*               LISTEN
tcp6       0      0 :::5432                 :::*                    LISTEN


重启数据库:
[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/pg_ctl restart -D /data/postgresql/data/ -l /data/postgresql/log/pg_server.log

关闭postgresql数据库:
pg_ctl stop -m fast

连接数据库(用户postgres执行):
[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/psql

修改密码:
连接成功后,直接输入\password 可修改密码 (password=postgres)

创建Kong用户和数据库:
postgres=# create user kong;
CREATE ROLE
postgres=#alter role kong with password 'kongpw';

postgres=# create database kong owner kong;
CREATE DATABASE

补存:
查看系统用户信息:
SELECT usename FROM pg_user;
获得当前postgresql版本:
SELECT version();
查看数据库用户列表:
SELECT * FROM pg_shadow;
查看客户端编码:
show client_encoding;
查看客户端连接情况:
SELECT client_addr,client_port,query_start,state,query FROM pg_stat_activity;
查看被锁定表:
SELECT pg_class.relname AS table, pg_database.datname AS database, pid, mode, granted FROM pg_locks, pg_class, pg_database WHERE pg_locks.relation = pg_class.oid AND pg_locks.database = pg_database.oid;
查看数据库大小:
SELECT pg_size_pretty(pg_database_size('kong')) As fulldbsize;


六、启动Kong:

导入Kong数据:
[root@hadoop000 ~]$  cp /etc/kong/kong.conf.default /etc/kong/kong.conf   ##root 用户执行

[root@hadoop000 ~]$  vi /etc/kong/kong.conf

修改以上配置文件
#------------------------------------------------------------------------------
# GENERAL
#------------------------------------------------------------------------------

prefix = /usr/local/kong/       # Working directory. Equivalent to Nginx's
                                 # prefix path, containing temporary files
                                 # and logs.
                                 # Each Kong process must have a separate
                                 # working directory.

log_level = notice              # Log level of the Nginx server. Logs are
                                 # found at `<prefix>/logs/error.log`.


proxy_access_log = logs/access.log       # Path for proxy port request access
                                          # logs. Set this value to `off` to
                                          # disable logging proxy requests.
                                          # If this value is a relative path,
                                          # it will be placed under the
                                          # `prefix` location.

proxy_error_log = logs/error.log         # Path for proxy port request error
                                          # logs. The granularity of these logs
                                          # is adjusted by the `log_level`
                                          # property.

admin_access_log = logs/admin_access.log # Path for Admin API request access
                                          # logs. Set this value to `off` to
                                          # disable logging Admin API requests.
                                          # If this value is a relative path,
                                          # it will be placed under the
                                          # `prefix` location.

admin_error_log = logs/error.log         # Path for Admin API request error
                                          # logs. The granularity of these logs
                                          # is adjusted by the `log_level`
                                          # property.


#------------------------------------------------------------------------------
# NGINX
#------------------------------------------------------------------------------

proxy_listen = 0.0.0.0:8000, 0.0.0.0:8443 ssl

admin_listen = 0.0.0.0:8001, 0.0.0.0:8444 ssl

nginx_worker_processes = auto

nginx_daemon = on

#------------------------------------------------------------------------------
# DATASTORE
#------------------------------------------------------------------------------

database = postgres             # Determines which of PostgreSQL or Cassandra
                                 # this node will use as its datastore.
                                 # Accepted values are `postgres`,
                                 # `cassandra`, and `off`.

pg_host = 192.101.11.152         # Host of the Postgres server.
pg_port = 5432                  # Port of the Postgres server.
#pg_timeout = 5000               # Defines the timeout (in ms), for connecting,
                                 # reading and writing.

pg_user = kong                  # Postgres user.
pg_password = kongpw            # Postgres user's password.
pg_database = kong              # The database name to connect to.


导入:
[postgres@hadoop000 ~]$ kong migrations bootstrap -c /etc/kong/kong.conf

2020/08/21 22:24:32 [warn] 27376#0: *2 [lua] client.lua:568: init(): [dns-client] Invalid configuration, no valid nameservers found, context: ngx.timer
bootstrapping database...
migrating core on database 'kong'...
core migrated up to: 000_base (executed)
core migrated up to: 001_14_to_15 (executed)
core migrated up to: 002_15_to_1 (executed)
core migrated up to: 003_100_to_110 (executed)
migrating oauth2 on database 'kong'...
oauth2 migrated up to: 000_base_oauth2 (executed)
oauth2 migrated up to: 001_14_to_15 (executed)
oauth2 migrated up to: 002_15_to_10 (executed)
migrating acl on database 'kong'...
acl migrated up to: 000_base_acl (executed)
acl migrated up to: 001_14_to_15 (executed)
migrating jwt on database 'kong'...
jwt migrated up to: 000_base_jwt (executed)
jwt migrated up to: 001_14_to_15 (executed)
migrating basic-auth on database 'kong'...
basic-auth migrated up to: 000_base_basic_auth (executed)
basic-auth migrated up to: 001_14_to_15 (executed)
migrating key-auth on database 'kong'...
key-auth migrated up to: 000_base_key_auth (executed)
key-auth migrated up to: 001_14_to_15 (executed)
migrating rate-limiting on database 'kong'...
rate-limiting migrated up to: 000_base_rate_limiting (executed)
rate-limiting migrated up to: 001_14_to_15 (executed)
rate-limiting migrated up to: 002_15_to_10 (executed)
rate-limiting migrated up to: 003_10_to_112 (executed)
migrating hmac-auth on database 'kong'...
hmac-auth migrated up to: 000_base_hmac_auth (executed)
hmac-auth migrated up to: 001_14_to_15 (executed)
migrating response-ratelimiting on database 'kong'...
response-ratelimiting migrated up to: 000_base_response_rate_limiting (executed)
response-ratelimiting migrated up to: 001_14_to_15 (executed)
response-ratelimiting migrated up to: 002_15_to_10 (executed)
24 migrations processed
24 executed
database is up-to-date


报错问题:
2020/08/21 21:46:45 [warn] 25091#0: *2 [lua] client.lua:568: init(): [dns-client] Invalid configuration, no valid nameservers found, context: ngx.timer
2020-08-21 21:46:45.934 CST [25093] FATAL:  no pg_hba.conf entry for host "192.101.11.152", user "kong", database "kong"
Error: [PostgreSQL error] failed to retrieve server_version_num: FATAL: no pg_hba.conf entry for host "192.101.11.152", user "kong", database "kong"

  Run with --v (verbose) or --vv (debug) for more details

解决方法:
vi /etc/kong/kong.conf    ##修改 pg_host 从192.101.11.152 改为127.0.0.1
pg_host = 127.0.0.1             # Host of the Postgres server.


启动:
[root@hadoop000 ~]# kong start
2020/08/21 22:28:24 [warn] 27673#0: *2 [lua] client.lua:568: init(): [dns-client] Invalid configuration, no valid nameservers found, context: ngx.timer
2020/08/21 22:28:24 [warn] ulimit is currently set to "1024". For better performance set it to at least "4096" using "ulimit -n"
Kong started

验证Kong是否成功启动:
[root@hadoop000 local]# curl -I -m 10 -o /dev/null -s -w '%{http_code}\n' http://localhost:8001/
200


提示:
停止kong:
# kong stop 
    重新启动
    # kong restart
重新加载:
# kong reload

Kong默认监听下面端口:

8000,监听来自客户端的HTTP流量,转发到你的upstream服务上。

8443,监听HTTPS的流量,功能跟8000一样。可以通过配置文件禁止。

8001,Kong的HTTP监听的api管理接口。

8444,Kong的HTTPS监听的API管理接口。

检查kong是否安装成功:
curl -i http://localhost:8001/
或者
curl 127.0.0.1:8001  #也可以用浏览器访问:ip:8001


七、安装 Konga:

konga介绍:

konga带来的一个最大的便利就是可以很好地通过UI观察到现在kong的所有的配置,并且可以对于管理kong节点情况进行查看、监控和预警,konga主要特性如下:

多用户管理
管理多个Kong节点
电子邮件异常信息通知
管理所有Kong Admin API
使用快照备份,还原和迁移Kong节点
使用运行状况检查监控节点和API状态
轻松的数据库集成(MySQL,postgresSQL,MongoDB)

1、拉取镜像
docker pull pantsel/konga:0.14.6

2、创建konga数据库:

su - postgres

/usr/local/postgresql/bin/psql

create user konga with password 'konga';

CREATE DATABASE "konga" WITH ENCODING='UTF8';

给konga分配数据库:
ALTER DATABASE konga OWNER TO konga;
赋予用户konga权限:
grant all privileges on database konga to konga;
修改用户密码:
alter role konga with password 'kongapw';
查询用户信息:
SELECT * FROM pg_roles WHERE rolname='konga';

提示:
创建数据库:
CREATE DATABASE name
    [ [ WITH ] [ OWNER [=] user_name ]
           [ TEMPLATE [=] template ]
           [ ENCODING [=] encoding ]
           [ LC_COLLATE [=] lc_collate ]
           [ LC_CTYPE [=] lc_ctype ]
           [ TABLESPACE [=] tablespace_name ]
           [ CONNECTION LIMIT [=] connlimit ] ]
  
create database school with owner=president template=template0 encoding='UTF8' lc_collate='C' lc_ctype='C' tablespace=tbs_test connection limit = 100;

修改数据库:
ALTER DATABASE name RENAME TO new_name;
ALTER DATABASE name OWNER TO new_owner;
ALTER DATABASE name SET TABLESPACE new_tablespace;

删除数据库:
DROP DATABASE IF EXISTS konga;

3、初始化konga数据库:

docker run --rm pantsel/konga:0.14.6 -c prepare -a postgres -u postgresql://{DB-user}:{DB-pass}@{DB-host}:{DB-port}/konga

相关命令解读:

命令 描述                                  默认
-c     执行的命令,这里我们执行的是prepare       -
-a     adapter 简写 ,可以是postgres 或者mysql   -
-u     db url 数据库连接全称                   -

docker run --rm pantsel/konga:0.14.6 -c prepare -a postgres -u postgresql://konga:konga@192.101.11.152:5432/konga
debug: Preparing database...
Using postgres DB Adapter.
Database exists. Continue...
debug: Hook:api_health_checks:process() called
debug: Hook:health_checks:process() called
debug: Hook:start-scheduled-snapshots:process() called
debug: Hook:upstream_health_checks:process() called
debug: Hook:user_events_hook:process() called
debug: Seeding User...
debug: User seed planted
debug: Seeding Kongnode...
debug: Kongnode seed planted
debug: Seeding Emailtransport...
debug: Emailtransport seed planted
debug: Database migrations completed!

到此Konga的数据库环境就搞定了。

遇到问题1:
debug: Preparing database...
Using postgres DB Adapter.
Failed to connect to DB { Error: connect ECONNREFUSED 127.0.0.1:5432
    at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1106:14)
  errno: 'ECONNREFUSED',
  code: 'ECONNREFUSED',
  syscall: 'connect',
  address: '127.0.0.1',
  port: 5432 }

解决方案: 
修改:vi /etc/kong/kong.conf
pg_host = 127.0.0.1
修改为:
pg_host = 192.101.11.152
    重新启动:
    # kong restart

遇到问题2: 
Failed to connect to DB { error: no pg_hba.conf entry for host "172.17.0.3", user "konga", database "konga"
遇到问题2: 
Failed to connect to DB { error: no pg_hba.conf entry for host "172.17.0.3", user "konga", database "konga"
致命错误: 用户 "postgres" Ident 认证失败

解决方案:
修改vi /data/postgresql/data/pg_hba.conf
host    all             all              0.0.0.0/32              trust   ##修改为下面方式:
host    all             all              0.0.0.0/0               md5
重启数据库:
su - postgres
[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/pg_ctl restart -D /data/postgresql/data/ -l /data/postgresql/log/pg_server.log

再次执行:
su - root
docker run --rm pantsel/konga:0.14.6 -c prepare -a postgres -u postgresql://konga:konga@192.101.11.152:5432/konga
 
4、启动Konga

docker run -d -p 1337:1337  \
-e "DB_ADAPTER=postgres"  \
-e "DB_HOST=192.101.11.152" \
-e "DB_PORT=5432" \
-e "DB_USER=konga" \
-e "DB_PASSWORD=kongapw" \
-e "DB_DATABASE=konga" \
-e "DB_PG_SCHEMA=public" \
-e "NODE_ENV=production"  \
--restart=on-failure:3 \
--name konga \
pantsel/konga:0.14.6


注意:"DB_ADAPTER=postgres" ##支持mongo,postgres,mysql和sqlserver

安装完成之后直接访问1337端口即可访问konga首页,并且注册自己的账号

http://192.101.11.152:1337


kong网关默认日志在/usr/local/kong/logs,主要有access.log,admin_access.log,error.log,access.log和nginx的access日志类似,这里会记录所所有通过kong网关的日志


八、安装 Kong-dashboard:

# docker pull pgbi/kong-dashboard

# Start Kong Dashboard
docker run -d --name kong-dashboard -p 8080:8080 pgbi/kong-dashboard start --kong-url http://192.101.11.152:8001

# Start Kong Dashboard on a custom port
docker run -d --name kong-dashboard -p [port]:8080 pgbi/kong-dashboard start --kong-url http://localhost:8001

# Start Kong Dashboard with basic auth
docker run -d --name kong-dashboard -p 8080:8080 pgbi/kong-dashboard start --kong-url http://kong:8001 --basic-auth user1=password1 user2=password2

访问Kong Dashboard:
http://192.101.11.152:8080


九、安装pgadmin:

pgadmin:postgres数据库管理工具

# docker pull dpage/gpadmin4

# docker run -d -p 8090:80 --name pgadmin --link kong-database:kong-database -e "PGADMIN_DEFAULT_EMAIL=user@domain.com" -e "PGADMIN_DEFAULT_PASSWORD=SuperSecret" --restart always dpage/pgadmin4
                                                                                                                                                      
注意:
Username: user@domain.com
Password: SuperSecret
登录用户是: user@domain.com  密码是:SuperSecret











相关标签: API gateway