`
maosheng
  • 浏览: 565905 次
  • 性别: Icon_minigender_1
  • 来自: 北京
社区版块
存档分类
最新评论

API 网关 kong/konga 安装部署

阅读更多
一、概述

Kong是Mashape开源的高性能高可用API网关和API服务管理层。自2015年在github开源后,广泛受到关注。它基于OpenResty,进行API管理,并提供了插件实现API的AOP。Kong在Mashape 管理了超过15,000 个API,为200,000开发者提供了每月数十亿的请求支持。

在微服务架构之下,服务被拆的非常零散,降低了耦合度的同时也给服务的统一管理增加了难度。如上图左所示,在旧的服务治理体系之下,鉴权,限流,日志,监控等通用功能需要在每个服务中单独实现,这使得系统维护者没有一个全局的视图来统一管理这些功能。API 网关致力于解决的问题便是为微服务纳管这些通用的功能,在此基础上提高系统的可扩展性。如右图所示,微服务搭配上 API 网关,可以使得服务本身更专注于自己的领域,很好地对服务调用者和服务提供者做了隔离。

为什么使用API-Gateway:

1. 方便客户端维护-- 每个请求方不用管理多个api url,统一访问api-gateway即可

2. 接口重构时调用方不须了解接口本身等拆分和聚合

3. 客户端无须关心接口协议

4. 统一权限控制、接口请求访问日志统计

5. 安全,是保护内部服务而设计的一道屏障

5. 开源-最大好处

Kong是一款基于Nginx_Lua模块写的高可用,由于Kong是基于Nginx的,所以可以水平扩展多个Kong服务器,通过前置的负载均衡配置把请求均匀地分发到各个Server,来应对大批量的网络请求。

Kong主要有三个组件:
Kong Server :基于nginx的服务器,用来接收API请求。
Apache Cassandra/PostgreSQL :用来存储操作数据。
Kong dashboard:官方推荐UI管理工具,当然,也可以使用 restfull 方式 管理 admin api。

Kong采用插件机制进行功能定制,插件集(可以是0或N个)在API请求响应循环的生命周期中被执行,插件使用Lua编写。
目前已有几个基础功能:HTTP基本认证、密钥认证、CORS(Cross-Origin Resource Sharing,跨域资源共享)、TCP、UDP、文件日志、API请求限流、请求转发以及Nginx监控。

Kong 的插件机制是其高可扩展性的根源,Kong 可以很方便地为路由和服务提供各种插件,网关所需要的基本特性,Kong 都如数支持:

Cloud-Native:与平台无关,Kong可以从裸机运行到Kubernetes。
动态负载平衡:在多个上游服务之间平衡流量。
基于哈希的负载平衡:具有一致的哈希/粘性会话的负载平衡。
断路器:智能跟踪不健康的上游服务。
运行状况检查:主动和被动监视上游服务。
服务发现:在第三方DNS解析器(例如Consul)中解析SRV记录。
无服务器:直接从Kong调用和保护AWS Lambda或OpenWhisk功能。
WebSockets:通过WebSockets与您的上游服务进行通信。
gRPC:与gRPC服务进行通信,并通过日志记录和可观察性插件观察流量
OAuth2.0:轻松将OAuth2.0身份验证添加到您的API。
日志记录:通过HTTP,TCP,UDP或磁盘记录对系统的请求和响应。
安全性:ACL,僵尸程序检测,白名单/黑名单IP等。
Syslog:登录到系统日志。
SSL:为基础服务或API设置特定的SSL证书。
监视:实时监视提供关键的负载和性能服务器指标。
转发代理:使Kong连接到透明的中介HTTP代理。
认证:HMAC,JWT,Basic等。
速率限制:基于许多变量的阻止和限制请求。
转换:添加,删除或处理HTTP请求和响应。
缓存:在代理层缓存并提供响应。
CLI:从命令行控制Kong群集。
REST API:Kong可以使用其RESTful API进行操作,以实现最大的灵活性。
地理复制:跨不同区域的配置始终是最新的。
故障检测和恢复:如果您的Cassandra节点之一发生故障,则 Kong不会受到影响。
群集:所有Kong节点自动加入群集,并在各个节点之间更新其配置。
可伸缩性:Kong本质上分布,只需添加节点即可水平扩展。
性能:Kong通过扩展和使用NGINX作为核心轻松处理负载。
插件:可扩展的体系结构,用于向Kong和API添加功能。

Kong网关插件:
身份认证插件:Kong提供了Basic Authentication、Key authentication、OAuth2.0 authentication、HMAC authentication、JWT、LDAP authentication认证实现。
安全控制插件:ACL(访问控制)、CORS(跨域资源共享)、动态SSL、IP限制、爬虫检测实现。
流量控制插件:请求限流(基于请求计数限流)、上游响应限流(根据upstream响应计数限流)、请求大小限制。限流支持本地、Redis和集群限流模式。
分析监控插件:Galileo(记录请求和响应数据,实现API分析)、Datadog(记录API Metric如请求次数、请求大小、响应状态和延迟,可视化API Metric)、Runscope(记录请求和响应数据,实现API性能测试和监控)。
协议转换插件:请求转换(在转发到upstream之前修改请求)、响应转换(在upstream响应返回给客户端之前修改响应)。
日志应用插件:TCP、UDP、HTTP、File、Syslog、StatsD、Loggly等。

请求流程:
当Kong运行时,每个对API的请求将先被Kong命中,然后这个请求将会被代理转发到最终的API接口。在请求(Requests)和响应(Responses)之间,Kong将会执行已经事先安装和配置好的任何插件,授权您的API访问操作。Kong是每个API请求的入口点(Endpoint)

二、安装Kong:

安装准备:
yum -y install epel-release
下载kong rpm:
https://kong.bintray.com/kong-community-edition-rpm/centos/7/:kong-community-edition-1.1.2.el7.noarch.rpm
上传服务器:
/opt/kong
安装kong:
cd /opt/kong
yum install kong-community-edition-1.1.2.el7.noarch.rpm --nogpgcheck

三、安装 PostgreSQL 11.9

官网下载PostgreSQL 11.9
https://www.postgresql.org/ftp/source/
官网下载PostgreSQL 12.4
https://www.postgresql.org/ftp/source/v12.4/

上传服务器:
/opt/kong
解压:
cd /opt/kong
tar -zvxf postgresql-11.9.tar.gz
mv postgresql-11.9 /usr/local/
编译:
cd /usr/local/postgresql-11.9/
./configure --prefix=/usr/local/postgresql
安装:
# make
# make install

以下为官方安装(https://www.postgresql.org/download/linux/redhat/)
yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
yum install -y postgresql12-server
/usr/pgsql-12/bin/postgresql-12-setup initdb
systemctl enable postgresql-12
systemctl start postgresql-12

四、PostgreSQL用户权限和环境变量设置

提示:默认root用户不能启动postgresql数据库

创建postgres用户:
# useradd postgres
# passwd postgres  ## 密码 postgres

设置权限:
# mkdir -p /data/postgresql/data/
# mkdir -p /data/postgresql/log/
# chown -R postgres:postgres /data/postgresql/data/
# chown -R postgres:postgres /data/postgresql/log/
# chown -R postgres:postgres /usr/local/postgresql/

添加环境变量:
#postgresql
export POSTGRESQL_HOME=/usr/local/postgresql
export PGDATA=/data/postgresql/data/
export PATH=$PATH:$POSTGRESQL_HOME/bin:$PGDATA


检查是否配置成功:
[root@hadoop000 ~]$ /usr/local/postgresql/bin/psql -V

psql (PostgreSQL) 11.9

切换用户:
su - postgres

初始化数据库(用户postgres执行)
[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/initdb -D /data/postgresql/data/

The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.

The database cluster will be initialized with locale "en_US.UTF-8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".

Data page checksums are disabled.

fixing permissions on existing directory /data/postgresql/data ... ok
creating subdirectories ... ok
selecting default max_connections ... 100
selecting default shared_buffers ... 128MB
selecting default timezone ... PRC
selecting dynamic shared memory implementation ... posix
creating configuration files ... ok
running bootstrap script ... ok
performing post-bootstrap initialization ... ok
syncing data to disk ... ok

WARNING: enabling "trust" authentication for local connections
You can change this by editing pg_hba.conf or using the option -A, or
--auth-local and --auth-host, the next time you run initdb.

Success. You can now start the database server using:

    /usr/local/postgresql/bin/pg_ctl -D /data/postgresql/data/ -l logfile start

检查数据库文件:

# cd /data/postgresql/data

[postgres@hadoop000 ~]$ ls
base    pg_commit_ts  pg_hba.conf    pg_logical    pg_notify    pg_serial     pg_stat      pg_subtrans  pg_twophase  pg_wal   postgresql.auto.conf
global  pg_dynshmem   pg_ident.conf  pg_multixact  pg_replslot  pg_snapshots  pg_stat_tmp  pg_tblspc    PG_VERSION   pg_xact  postgresql.conf

修改访问控制配置:pg_hba.conf文件,添加host  all  all  0.0.0.0/0  md5可使其远程访问,加密方式改为MD5(密码访问)

[postgres@hadoop000 ~]$ vi pg_hba.conf
.........................

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all             0.0.0.0/0               md5
host    all             all             127.0.0.1/32            trust
# IPv6 local connections:
host    all             all             ::1/128                 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local   replication     all                                     trust
host    replication     all             127.0.0.1/32            trust
host    replication     all             ::1/128                 trust


提示:
(1)host all all 127.0.0.1/32 trust表示本地连接数据库不需要输入密码(即使有密码,设为trust后就不需要密码)
(2)host all all 0.0.0.0/0    md5  表示所有主机连接数据库需要输入密码
(3)当然,这两个综合后表现的结果就是:对于本机链接表示信任(不需要输入密码),对于非本机链接需要输入密码

修改postgresql.conf 主配置文件,将localhost 改为*,表示监听整个网络
[postgres@hadoop000 ~]$ vi postgresql.conf

..............

#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------

# - Connection Settings -

listen_addresses = '*'                  # what IP address(es) to listen on;
                                        # comma-separated list of addresses;
                                        # defaults to 'localhost'; use '*' for all
                                        # (change requires restart)
port = 5432                             # (change requires restart)
max_connections = 100                   # (change requires restart)
#superuser_reserved_connections = 3     # (change requires restart)
#unix_socket_directories = '/tmp'       # comma-separated list of directories
                                        # (change requires restart)
#unix_socket_group = ''                 # (change requires restart)
#unix_socket_permissions = 0777         # begin with 0 to use octal notation
                                        # (change requires restart)
#bonjour = off                          # advertise server via Bonjour
                                        # (change requires restart)
#bonjour_name = ''                      # defaults to the computer name
                                        # (change requires restart)

................

五、启动 PostgreSQL

启动数据库(用户postgres执行):

[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/pg_ctl start -D /data/postgresql/data/ -l /data/postgresql/log/pg_server.log
waiting for server to start.... done
server started

查看是否安装成功:

[root@hadoop000 data]# netstat -tlun | grep 5432   #postgres是占用5432端口
tcp        0      0 0.0.0.0:5432            0.0.0.0:*               LISTEN
tcp6       0      0 :::5432                 :::*                    LISTEN


重启数据库:
[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/pg_ctl restart -D /data/postgresql/data/ -l /data/postgresql/log/pg_server.log

关闭postgresql数据库:
pg_ctl stop -m fast

连接数据库(用户postgres执行):
[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/psql

修改密码:
连接成功后,直接输入\password 可修改密码 (password=postgres)

创建Kong用户和数据库:
postgres=# create user kong;
CREATE ROLE
postgres=#alter role kong with password 'kongpw';

postgres=# create database kong owner kong;
CREATE DATABASE

补存:
查看系统用户信息:
SELECT usename FROM pg_user;
获得当前postgresql版本:
SELECT version();
查看数据库用户列表:
SELECT * FROM pg_shadow;
查看客户端编码:
show client_encoding;
查看客户端连接情况:
SELECT client_addr,client_port,query_start,state,query FROM pg_stat_activity;
查看被锁定表:
SELECT pg_class.relname AS table, pg_database.datname AS database, pid, mode, granted FROM pg_locks, pg_class, pg_database WHERE pg_locks.relation = pg_class.oid AND pg_locks.database = pg_database.oid;
查看数据库大小:
SELECT pg_size_pretty(pg_database_size('kong')) As fulldbsize;


六、启动Kong:

导入Kong数据:
[root@hadoop000 ~]$  cp /etc/kong/kong.conf.default /etc/kong/kong.conf   ##root 用户执行

[root@hadoop000 ~]$  vi /etc/kong/kong.conf

修改以上配置文件
#------------------------------------------------------------------------------
# GENERAL
#------------------------------------------------------------------------------

prefix = /usr/local/kong/       # Working directory. Equivalent to Nginx's
                                 # prefix path, containing temporary files
                                 # and logs.
                                 # Each Kong process must have a separate
                                 # working directory.

log_level = notice              # Log level of the Nginx server. Logs are
                                 # found at `<prefix>/logs/error.log`.


proxy_access_log = logs/access.log       # Path for proxy port request access
                                          # logs. Set this value to `off` to
                                          # disable logging proxy requests.
                                          # If this value is a relative path,
                                          # it will be placed under the
                                          # `prefix` location.

proxy_error_log = logs/error.log         # Path for proxy port request error
                                          # logs. The granularity of these logs
                                          # is adjusted by the `log_level`
                                          # property.

admin_access_log = logs/admin_access.log # Path for Admin API request access
                                          # logs. Set this value to `off` to
                                          # disable logging Admin API requests.
                                          # If this value is a relative path,
                                          # it will be placed under the
                                          # `prefix` location.

admin_error_log = logs/error.log         # Path for Admin API request error
                                          # logs. The granularity of these logs
                                          # is adjusted by the `log_level`
                                          # property.


#------------------------------------------------------------------------------
# NGINX
#------------------------------------------------------------------------------

proxy_listen = 0.0.0.0:8000, 0.0.0.0:8443 ssl

admin_listen = 0.0.0.0:8001, 0.0.0.0:8444 ssl

nginx_worker_processes = auto

nginx_daemon = on

#------------------------------------------------------------------------------
# DATASTORE
#------------------------------------------------------------------------------

database = postgres             # Determines which of PostgreSQL or Cassandra
                                 # this node will use as its datastore.
                                 # Accepted values are `postgres`,
                                 # `cassandra`, and `off`.

pg_host = 192.101.11.152         # Host of the Postgres server.
pg_port = 5432                  # Port of the Postgres server.
#pg_timeout = 5000               # Defines the timeout (in ms), for connecting,
                                 # reading and writing.

pg_user = kong                  # Postgres user.
pg_password = kongpw            # Postgres user's password.
pg_database = kong              # The database name to connect to.


导入:
[postgres@hadoop000 ~]$ kong migrations bootstrap -c /etc/kong/kong.conf

2020/08/21 22:24:32 [warn] 27376#0: *2 [lua] client.lua:568: init(): [dns-client] Invalid configuration, no valid nameservers found, context: ngx.timer
bootstrapping database...
migrating core on database 'kong'...
core migrated up to: 000_base (executed)
core migrated up to: 001_14_to_15 (executed)
core migrated up to: 002_15_to_1 (executed)
core migrated up to: 003_100_to_110 (executed)
migrating oauth2 on database 'kong'...
oauth2 migrated up to: 000_base_oauth2 (executed)
oauth2 migrated up to: 001_14_to_15 (executed)
oauth2 migrated up to: 002_15_to_10 (executed)
migrating acl on database 'kong'...
acl migrated up to: 000_base_acl (executed)
acl migrated up to: 001_14_to_15 (executed)
migrating jwt on database 'kong'...
jwt migrated up to: 000_base_jwt (executed)
jwt migrated up to: 001_14_to_15 (executed)
migrating basic-auth on database 'kong'...
basic-auth migrated up to: 000_base_basic_auth (executed)
basic-auth migrated up to: 001_14_to_15 (executed)
migrating key-auth on database 'kong'...
key-auth migrated up to: 000_base_key_auth (executed)
key-auth migrated up to: 001_14_to_15 (executed)
migrating rate-limiting on database 'kong'...
rate-limiting migrated up to: 000_base_rate_limiting (executed)
rate-limiting migrated up to: 001_14_to_15 (executed)
rate-limiting migrated up to: 002_15_to_10 (executed)
rate-limiting migrated up to: 003_10_to_112 (executed)
migrating hmac-auth on database 'kong'...
hmac-auth migrated up to: 000_base_hmac_auth (executed)
hmac-auth migrated up to: 001_14_to_15 (executed)
migrating response-ratelimiting on database 'kong'...
response-ratelimiting migrated up to: 000_base_response_rate_limiting (executed)
response-ratelimiting migrated up to: 001_14_to_15 (executed)
response-ratelimiting migrated up to: 002_15_to_10 (executed)
24 migrations processed
24 executed
database is up-to-date


报错问题:
2020/08/21 21:46:45 [warn] 25091#0: *2 [lua] client.lua:568: init(): [dns-client] Invalid configuration, no valid nameservers found, context: ngx.timer
2020-08-21 21:46:45.934 CST [25093] FATAL:  no pg_hba.conf entry for host "192.101.11.152", user "kong", database "kong"
Error: [PostgreSQL error] failed to retrieve server_version_num: FATAL: no pg_hba.conf entry for host "192.101.11.152", user "kong", database "kong"

  Run with --v (verbose) or --vv (debug) for more details

解决方法:
vi /etc/kong/kong.conf    ##修改 pg_host 从192.101.11.152 改为127.0.0.1
pg_host = 127.0.0.1             # Host of the Postgres server.


启动:
[root@hadoop000 ~]# kong start
2020/08/21 22:28:24 [warn] 27673#0: *2 [lua] client.lua:568: init(): [dns-client] Invalid configuration, no valid nameservers found, context: ngx.timer
2020/08/21 22:28:24 [warn] ulimit is currently set to "1024". For better performance set it to at least "4096" using "ulimit -n"
Kong started

验证Kong是否成功启动:
[root@hadoop000 local]# curl -I -m 10 -o /dev/null -s -w '%{http_code}\n' http://localhost:8001/
200


提示:
停止kong:
# kong stop 
    重新启动
    # kong restart
重新加载:
# kong reload

Kong默认监听下面端口:

8000,监听来自客户端的HTTP流量,转发到你的upstream服务上。

8443,监听HTTPS的流量,功能跟8000一样。可以通过配置文件禁止。

8001,Kong的HTTP监听的api管理接口。

8444,Kong的HTTPS监听的API管理接口。

检查kong是否安装成功:
curl -i http://localhost:8001/
或者
curl 127.0.0.1:8001  #也可以用浏览器访问:ip:8001


七、安装 Konga:

konga介绍:

konga带来的一个最大的便利就是可以很好地通过UI观察到现在kong的所有的配置,并且可以对于管理kong节点情况进行查看、监控和预警,konga主要特性如下:

多用户管理
管理多个Kong节点
电子邮件异常信息通知
管理所有Kong Admin API
使用快照备份,还原和迁移Kong节点
使用运行状况检查监控节点和API状态
轻松的数据库集成(MySQL,postgresSQL,MongoDB)

1、拉取镜像
docker pull pantsel/konga:0.14.6

2、创建konga数据库:

su - postgres

/usr/local/postgresql/bin/psql

create user konga with password 'konga';

CREATE DATABASE "konga" WITH ENCODING='UTF8';

给konga分配数据库:
ALTER DATABASE konga OWNER TO konga;
赋予用户konga权限:
grant all privileges on database konga to konga;
修改用户密码:
alter role konga with password 'kongapw';
查询用户信息:
SELECT * FROM pg_roles WHERE rolname='konga';

提示:
创建数据库:
CREATE DATABASE name
    [ [ WITH ] [ OWNER [=] user_name ]
           [ TEMPLATE [=] template ]
           [ ENCODING [=] encoding ]
           [ LC_COLLATE [=] lc_collate ]
           [ LC_CTYPE [=] lc_ctype ]
           [ TABLESPACE [=] tablespace_name ]
           [ CONNECTION LIMIT [=] connlimit ] ]
  
create database school with owner=president template=template0 encoding='UTF8' lc_collate='C' lc_ctype='C' tablespace=tbs_test connection limit = 100;

修改数据库:
ALTER DATABASE name RENAME TO new_name;
ALTER DATABASE name OWNER TO new_owner;
ALTER DATABASE name SET TABLESPACE new_tablespace;

删除数据库:
DROP DATABASE IF EXISTS konga;

3、初始化konga数据库:

docker run --rm pantsel/konga:0.14.6 -c prepare -a postgres -u postgresql://{DB-user}:{DB-pass}@{DB-host}:{DB-port}/konga

相关命令解读:

命令 描述                                  默认
-c     执行的命令,这里我们执行的是prepare       -
-a     adapter 简写 ,可以是postgres 或者mysql   -
-u     db url 数据库连接全称                   -

docker run --rm pantsel/konga:0.14.6 -c prepare -a postgres -u postgresql://konga:konga@192.101.11.152:5432/konga
debug: Preparing database...
Using postgres DB Adapter.
Database exists. Continue...
debug: Hook:api_health_checks:process() called
debug: Hook:health_checks:process() called
debug: Hook:start-scheduled-snapshots:process() called
debug: Hook:upstream_health_checks:process() called
debug: Hook:user_events_hook:process() called
debug: Seeding User...
debug: User seed planted
debug: Seeding Kongnode...
debug: Kongnode seed planted
debug: Seeding Emailtransport...
debug: Emailtransport seed planted
debug: Database migrations completed!

到此Konga的数据库环境就搞定了。

遇到问题1:
debug: Preparing database...
Using postgres DB Adapter.
Failed to connect to DB { Error: connect ECONNREFUSED 127.0.0.1:5432
    at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1106:14)
  errno: 'ECONNREFUSED',
  code: 'ECONNREFUSED',
  syscall: 'connect',
  address: '127.0.0.1',
  port: 5432 }

解决方案: 
修改:vi /etc/kong/kong.conf
pg_host = 127.0.0.1
修改为:
pg_host = 192.101.11.152
    重新启动:
    # kong restart

遇到问题2: 
Failed to connect to DB { error: no pg_hba.conf entry for host "172.17.0.3", user "konga", database "konga"
遇到问题2: 
Failed to connect to DB { error: no pg_hba.conf entry for host "172.17.0.3", user "konga", database "konga"
致命错误: 用户 "postgres" Ident 认证失败

解决方案:
修改vi /data/postgresql/data/pg_hba.conf
host    all             all              0.0.0.0/32              trust   ##修改为下面方式:
host    all             all              0.0.0.0/0               md5
重启数据库:
su - postgres
[postgres@hadoop000 ~]$ /usr/local/postgresql/bin/pg_ctl restart -D /data/postgresql/data/ -l /data/postgresql/log/pg_server.log

再次执行:
su - root
docker run --rm pantsel/konga:0.14.6 -c prepare -a postgres -u postgresql://konga:konga@192.101.11.152:5432/konga
 
4、启动Konga

docker run -d -p 1337:1337  \
-e "DB_ADAPTER=postgres"  \
-e "DB_HOST=192.101.11.152" \
-e "DB_PORT=5432" \
-e "DB_USER=konga" \
-e "DB_PASSWORD=kongapw" \
-e "DB_DATABASE=konga" \
-e "DB_PG_SCHEMA=public" \
-e "NODE_ENV=production"  \
--restart=on-failure:3 \
--name konga \
pantsel/konga:0.14.6


注意:"DB_ADAPTER=postgres" ##支持mongo,postgres,mysql和sqlserver

安装完成之后直接访问1337端口即可访问konga首页,并且注册自己的账号

http://192.101.11.152:1337


kong网关默认日志在/usr/local/kong/logs,主要有access.log,admin_access.log,error.log,access.log和nginx的access日志类似,这里会记录所所有通过kong网关的日志


八、安装 Kong-dashboard:

# docker pull pgbi/kong-dashboard

# Start Kong Dashboard
docker run -d --name kong-dashboard -p 8080:8080 pgbi/kong-dashboard start --kong-url http://192.101.11.152:8001

# Start Kong Dashboard on a custom port
docker run -d --name kong-dashboard -p [port]:8080 pgbi/kong-dashboard start --kong-url http://localhost:8001

# Start Kong Dashboard with basic auth
docker run -d --name kong-dashboard -p 8080:8080 pgbi/kong-dashboard start --kong-url http://kong:8001 --basic-auth user1=password1 user2=password2

访问Kong Dashboard:
http://192.101.11.152:8080


九、安装pgadmin:

pgadmin:postgres数据库管理工具

# docker pull dpage/gpadmin4

# docker run -d -p 8090:80 --name pgadmin --link kong-database:kong-database -e "PGADMIN_DEFAULT_EMAIL=user@domain.com" -e "PGADMIN_DEFAULT_PASSWORD=SuperSecret" --restart always dpage/pgadmin4
                                                                                                                                                      
注意:
Username: user@domain.com
Password: SuperSecret
登录用户是: user@domain.com  密码是:SuperSecret











分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics