(01) -Centos 7 to install the latest version kong 1.4

Openresty Nginx is based on the language used is Lua.

• Official Website: https://konghq.com
• The official document: https://docs.konghq.com
• Project Address: https://github.com/Kong/kong
• Kong Chinese Documentation Project address: https://github.com/qianyugang/kong-docs-cn

rely

1. gcc
2. pcre
3. zlib
4. openssl
5. postgresql9.5+

 

gcc installed

Install gcc compiler environment:

 

yum -y install gcc

pcre installed

pcre (Perl Compatible Regular Expressions) is a Perl library, including perl-compatible regular expressions, nginx http library pcre of parsed regular expressions.

 

yum install -y pcre pcre-devel

zlib installation

zlib compression library provides a variety of compression and processing way.

 

sudo yum install -y zlib zlib-devel

openssl installed

Please call openssl is a Secure Sockets Layer cryptographic libraries include major cryptographic algorithms commonly used key and certificate management and SSL protocol package.

 

yum install -y openssl openssl-devel

postgresql installation

PostgreSQL is entirely community-driven open source project by more than 1000 contributors worldwide maintained. It provides the full functionality of a single version. PostgreSQL's reliability is the highest priority. Kong using postgresql database as the default.

 

// 添加 rpm
yum install -y https://download.postgresql.org/pub/repos/yum/9.5/redhat/rhel-7-x86_64/pgdg-centos95-9.5-3.noarch.rpm
// 安装 postgresql 9.5
yum install -y postgresql95-server postgresql95-contrib
// 初始化数据库
/usr/pgsql-9.5/bin/postgresql95-setup initdb

 

// 设置成 centos7 开机启动服务
sudo systemctl enable postgresql-9.5.service
// 启动 postgresql 服务
sudo systemctl start postgresql-9.5.service
// 查看 postgresql 状态
suso systemctl status postgresql-9.5.service

Configuring Postgresql

After completion of the implementation of initialization tasks, postgresql automatically creates and generates two users and a database:

linux system user postgres: user management system database;
PostgreSQL user postgres: super database administrator;
database postgres: postgres user's default database.
Since the password is generated by default, you need to change the system.

 

passwd postgres

In order to meet the needs of security and initialization Kong, it is necessary to create a user postgre kong kong and the corresponding linux user, and create a new database kong.

 

 

// 新建 linux kong 用户 
sudo adduser kong

// 使用管理员账号登录 psql 创建用户和数据库
// 切换 postgres 用户
// 切换 postgres 用户后，提示符变成 `-bash-4.2$` 
su postgres

// 进入 psql 控制台
psql

// 此时会进入到控制台（系统提示符变为'postgres=#'）
// 先为管理员用户postgres修改密码
\password postgres

// 建立新的数据库用户（和之前建立的系统用户要重名）
create user kong with password '123456';

// 为新用户建立数据库
create database kong owner kong;

// 把新建的数据库权限赋予 kong
grant all privileges on database kong to kong;

// 退出控制台
\q

Login command:
psql -U kong -d kong -h 127.0.0.1 -p 5432
login prompt permission problems postgresql database will be in work or root account.

 

Certification authority profile for /var/lib/pgsql/9.5/data/pg_hba.conf
the four common authentication as follows:

Trust : Those who connect to the server, are trusted. Psql only need to provide a username, you can not have the same name as the operating system corresponding to the user;
password and MD5 : For external access, psql need to provide a username and password. For local connections, provided psql user name and password, but also need to have access to the operating system. (With operating system of the same name user authentication) the difference between password and md5 is transmitted when an external access code whether to use md5 encryption;
ident : For external access, access to the client operating system user name from the ident server, then the operating system as a database user name log for local connections, actually uses the peer;
the peer : to get the username of the current system login through the client operating system kernel, and as psql user name to log on.

psql user must have the same name as the operating system user. And you must log on linux with the same name as the user can log psql psql. I want to log psql with other users (such as root), modify the local authentication or password for the trust can be.

 

# IPv4 local connections:
host    all             all             127.0.0.1/32            trust
host    all             all             0.0.0.0/0               trust

pgsql by default only local access, you need to turn on remote access.
Modify the configuration file / var/lib/pgsql/9.5/data/postgresql.confthe listen_addressset to '*'.

 

#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------

# - Connection Settings -

listen_addresses = '*'          # what IP address(es) to listen on;

Execution sudo systemctl restart postgresql-9.5.servicerestart postgresql.

kong installation

Referring to the official installation method [ https://getkong.org/install/centos/]  

cat > /etc/yum.repos.d/kong.repo <<EOT

[kŏng]
baseurl = https: kongbintraycomkongrpmcentos7
gpgcheck of 0 =

ROT

 

sudo yum install epel-release
sudo yum install kong-1.4.1

 

 

The following kong modify configuration files, default configuration files are located /etc/kong/kong.conf.default

 

sudo cp /etc/kong/kong.conf.default /etc/kong/kong.conf

The good postgresql installation configuration information filled in before kong profile:
sudo vi /etc/kong/kong.conf

 

#------------------------------------------------------------------------------
# DATASTORE
#------------------------------------------------------------------------------

# Kong will store all of its data (such as APIs, consumers and plugins) in
# either Cassandra or PostgreSQL.
#
# All Kong nodes belonging to the same cluster must connect themselves to the
# same database.

database = postgres              # Determines which of PostgreSQL or Cassandra
                                 # this node will use as its datastore.
                                 # Accepted values are `postgres` and
                                 # `cassandra`.

pg_host = 127.0.0.1             # The PostgreSQL host to connect to.
pg_port = 5432                  # The port to connect to.
pg_user = kong                  # The username to authenticate if required.
pg_password = 123456            # The password to authenticate if required.
pg_database = kong              # The database name to connect to.

pg_ssl = off                       # 如果不希望开放 8443 的 ssl 访问可关闭

Import data into postgres kong

kong migrations bootstrap

If you start the process, the encounter prompted FATAL: "kong" Ident authentication failed for user problem, make sure when you configure postgresql certification document, using the password or trust connection.

Kong following default listening port:

8000, monitor HTTP traffic from the client is forwarded to your upstream service.

8443, monitor HTTPS traffic, functions the same as with 8000. It can be disabled through a configuration file.

8001, Kong's HTTP management interface listens api.

8444, Kong's HTTPS listener's API management interface.

kong management default port 8001 to listen 127.0.0.1 revised to monitor all ip, modify /etc/kong/kong.conf, uncommented admin_listen the row, and read: admin_listen = 0.0.0.0:8001, 0.0.0.0:8444 ssl