In this blog post, I will show you, how you can install Kong Gateway in the Docker.
Installation
Set up your directory like the following.
|-config/kong.yaml
|-output/
|-docker-compose.yaml
|-POSTGRES_PASSWORD
In your config/kong.yaml, add the following:
# a very minimal declarative config file
_format_version: "2.1"
_transform: true
In POSTGRES_PASSWORD, just add any password you want. For example:
password
Then, copy the following code snippet in your docker-compose.yaml.
version: '3.9'
x-kong-config: &kong-env
KONG_DATABASE: postgres
KONG_PG_DATABASE: ${KONG_PG_DATABASE:-kong}
KONG_PG_HOST: kong-database
KONG_PG_USER: ${POSTGRES_USER:-kong}
KONG_PG_PASSWORD_FILE: /run/secrets/kong_postgres_password
services:
kong-migrations:
image: kong/kong-gateway:3.3.1.0
command: kong migrations bootstrap
depends_on:
- kong-database
environment:
<<: *kong-env
secrets:
- kong_postgres_password
networks:
- kong-net
restart: on-failure
kong-migrations-up:
image: kong/kong-gateway:3.3.1.0
command: kong migrations up && kong migrations finish
depends_on:
- kong-database
environment:
<<: *kong-env
secrets:
- kong_postgres_password
networks:
- kong-net
restart: on-failure
kong-gateway:
image: kong/kong-gateway:3.3.1.0
user: "${KONG_USER:-kong}"
networks:
- kong-net
environment:
<<: *kong-env
KONG_PROXY_ACCESS_LOG: /dev/stdout
KONG_ADMIN_ACCESS_LOG: /dev/stdout
KONG_PROXY_ERROR_LOG: /dev/stderr
KONG_ADMIN_ERROR_LOG: /dev/stderr
KONG_ADMIN_LISTEN: 0.0.0.0:${KONG_ADMIN_PORT:-8001}
KONG_PROXY_LISTEN: 0.0.0.0:${KONG_PROXY_PORT:-8000}
secrets:
- kong_postgres_password
ports:
- '${KONG_PROXY_PORT:-8000}:8000'
- '${KONG_ADMIN_PORT:-8001}:8001'
depends_on:
- kong-database
healthcheck:
test: ["CMD", "kong", "health"]
interval: 10s
timeout: 10s
retries: 10
restart: on-failure:5
kong-database:
image: postgres:13
environment:
- POSTGRES_DB=${KONG_PG_DATABASE:-kong}
- POSTGRES_USER=${POSTGRES_USER:-kong}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-kongpass}
networks:
- kong-net
networks:
kong-net:
external: true
secrets:
kong_postgres_password:
file: ./POSTGRES_PASSWORD
Once all above completed, run the following command from terminal.
docker compose up -d
This command will create a docker container for Kong Gateway.
Hit your browser - http:/127.0.0.1:8000. You should see some JSON output in your browser.
Configuration
In this part, we will configure the most common setup in any Kong Gateway installation.
All the output of the CURL execution below will be stored in output/ directory.
By the end of this configuration, you should have:
- Securing Admin API with API Key
- Created Administrator Consumer
- Created Service for Admin API
- Created Route for Admin API
- Enable a Globally Rate Limit of 60 requests per minute
- Enable a Globally Proxy Caching for 30 seconds
Export Default Configuration
curl -s localhost:8001 | jq '.configuration' > output/configuration-default.json
Set Rate Limit Globbaly to 60 requests per minute.
curl -X POST http://localhost:8001/plugins \
--data name=rate-limiting \
--data config.minute=60 \
--data config.policy=local -o output/admin-api-rate-limit-global.json
Set Default Proxy Cache to 30 seconds
curl -X POST http://localhost:8001/plugins \
--data "name=proxy-cache" \
--data "config.request_method=GET" \
--data "config.response_code=200" \
--data "config.content_type=application/json; charset=utf-8" \
--data "config.cache_ttl=30" \
--data "config.strategy=memory" -o output/admin-api-proxy-cache-global.json
Creating Admin API Service
curl --request POST \
--url http://localhost:8001/services \
--data name=admin-api-service \
--data url='http://localhost:8001' -o output/admin-api-service.json
Creating Admin API Route
curl --request POST \
--url http://localhost:8001/services/admin-api-service/routes \
--data 'paths[]=/admin-api' \
--data name=admin-api-route -o output/admin-api-route.json
Enable Key Auth on Admin API Service
curl --request POST \
--url http://localhost:8001/services/admin-api-service/plugins \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--data '{"name":"key-auth","config":{"key_names":["api-key"],"key_in_query":false}}' -o output/admin-api-key.json
Create Admin API Consumer
curl --request POST \
--url http://localhost:8001/consumers \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--data '{"username":"administrator","custom_id":"administrator"}' -o output/admin-api-consumer.json
Creata Admin API Key
curl -X POST http://localhost:8001/consumers/administrator/key-auth -o output/admin-api-consumer-key.json
What's Next?
Once you are completed, you can start using the Kong Gateway locally - or if you want to use in production - you can install Kong Gateway based on your preferred Operating System and just follow the steps given above for minimal setup of your Kong Gateway.
You may want to put Kong Gateway behind a reverse proxy - e.g. api.dev.to is NGINX reverse proxy to a Kong Gateway, which put located at 127.0.0.1:8000.
Hopes this blog post helps you to setup Kong Gateway in your environment.
Top comments (0)