am I 施 文翰(シ ブンカン) Wenhan Shi • 日立製作所 - Linux kernel module development/Support • Red Hat K.K. - GlusterFS/OpenShift Support • Canonical Japan K.K. - Ubuntu/OpenStack/Kubernetes Support • Rancher Lab/SUSE - Rancher Support • Kong Inc. - Solutions Engineer @shi_wenhan wenhan.shi@konghq.com
Database for Dev portal DB Less DB Config store Declarative configuration Database mode Available for OSS, Enterprise Pros Easy and quick Fully customizable Component s Proxy Yes Yes Admin API No Yes Manager (GUI) No Yes Dev Portal No Yes Vitals No Yes
Kong gateway on VM Install the package For RHEL system, import the repo and install the package via yum Setup Database License deploy Start Kong Gateway curl $(rpm --eval "https://download.konghq.com/gateway-2.x-rhel-%{rhel}/config.repo") | sudo tee /etc/yum.repos.d/kong.repo sudo yum install kong-enterprise-edition-2.8.1.2
Kong gateway on VM Install the package Create User and Database for Kong Gateway Setup kong.conf to let Kong Gateway can connect to your database. A example file is at /etc/kong/kong.conf.default https://docs.konghq.com/gateway/2.8.x/reference/configuration/#datastore-section Initialize the database by running the Kong Gateway migrations Setup Database Start Kong Gateway License deploy CREATE USER kong WITH PASSWORD 'super_secret'; CREATE DATABASE kong OWNER kong; kong migrations bootstrap -c {PATH_TO_KONG.CONF_FILE}
Kong gateway on VM Install the package Create User and Database for Kong Gateway Setup kong.conf to let Kong Gateway can connect to your database. A example file is at /etc/kong/kong.conf.default https://docs.konghq.com/gateway/2.8.x/reference/configuration/#datastore-section Initialize the database by running the Kong Gateway migrations Setup Database Start Kong Gateway License deploy CREATE USER kong WITH PASSWORD 'super_secret'; CREATE DATABASE kong OWNER kong; kong migrations bootstrap -c {PATH_TO_KONG.CONF_FILE}
Kong on VM Install the package Start Kong Gateway with the config file. You should have a 200 response from port 8001 Setup Database Start Kong Gateway License deploy kong start -c {PATH_TO_KONG.CONF_FILE} curl -i http://localhost:8001
Kong on VM Install the package Apply the license using the Admin API. Setup Database Start Kong Gateway License deploy curl -i -X POST http://localhost:8001/licenses \ -d payload='{"license":{"payload":{"admin_seats":"1","customer":"Example Company, Inc","dataplanes":"1","license_creation_date":"2017-07-20","license_expiration_date":"2017-07-20","license_k ey":"00141000017ODj3AAG_a1V41000004wT0OEAU","product_subscription":"Konnect Enterprise","support_plan":"None"},"signature":"6985968131533a967fcc721244a979948b1066967f1e9cd65dbd8eeabe06 0fc32d894a2945f5e4a03c1cd2198c74e058ac63d28b045c2f1fcec95877bd790e1b","version":"1"}}'
2. Enable Dev Portal in Kong Manager Click on Developer Portals in the Kong Manager Click on Set up Dev Portal Click on Enable Developer Portal Developer Portal Dashboard Launch Developer Portal
2. Enable Dev Portal in Kong Manager Click on Developer Portals in the Kong Manager Click on Set up Dev Portal Click on Enable Developer Portal Developer Portal Dashboard Launch Developer Portal
2. Enable Dev Portal in Kong Manager Click on Developer Portals in the Kong Manager Click on Set up Dev Portal Click on Enable Developer Portal Developer Portal Dashboard Launch Developer Portal
2. Enable Dev Portal in Kong Manager Click on Developer Portals in the Kong Manager Click on Set up Dev Portal Click on Enable Developer Portal Developer Portal Dashboard Launch Developer Portal
2. Enable Dev Portal in Kong Manager Click on Developer Portals in the Kong Manager Click on Set up Dev Portal Click on Enable Developer Portal Developer Portal Dashboard Launch Developer Portal
3. Enable Basic Authentication (Optional) - In Kong Manager > Dev Portal > Settings > Authentication, select Basic Authentication under the Authentication Plugin - This will require users to register and login for using Dev portal
RBAC to control access to API content - Kong's Developer Portal can setup Role Based Access Control (RBAC) to control access to published content. - In this section, we will setup two roles, - internal developers - external developers - Either Kong Manager or the Admin API can be used to manage Developer and Roles.
RBAC to control access to API content - Under specs, find petstore and select Internal-Developers role then update - This will remove the default permission and only grants the Internal-Developers role.
Additional content (new header to a new page.) - Create the header - Under theme, create a new file base/layouts/custom_pg_layout.html.And add the following contents to it. {% layout = "layouts/_page.html" %} {-content-} <div style="margin-left:auto; margin-right: auto; width:960px"> {* page.body *} </div> {-content-}
Additional content (new header to a new page.) - Create the new Products page - Under content, create a new file products/index.md. And add the following contents. --- layout: custom_pg_layout.html --- <h1>Our API Products</h1> <p>Here are some of the API Products we offer</p> <table> <thead> <tr> <th>Finance Package</th> <th>eCommerce Package</th> <th>Utilities Package</th> </tr> </thead> <tbody> <tr> <td>Paid</td> <td>Paid</td> <td>Free</td> </tr> <tr> <td>Monthly plan</td> <td>Monthly plan</td> <td>NA</td> </tr> <tr> <td><a href="#">Learn more</a></td> <td><a href="#">Learn more</a></td> <td><a href="#">Learn more</a></td> </tr> </tbody> </table>
Additional content (new header to a new page.) - Link the Products page and the header menu. - Go to /base/partials/menu.html under themes. And add below item inside <ul> - <li><a href="products">API Products</a></li>
Additional content (new header to a new page.) - Now you should see a public page for API Products added to menu and when you click on it, you should see the products page:
an API in the dev portal page - Add a new code snippets Java - Kong can provide code snippet for over ten languages. - Go to base/layouts/system/spec-rend erer.html under Themes - Replace the theme(Line 64), - This is changing the default on which doesn’t specify any languages.
Registration - In this section we will setup services for registration by Developers through the Developer Portal. - This allows Developers to obtain unique credentials to access the registered APIs. - Create a service, route, and an “application-registration” plugin. # Setup Stock API service http :31001/services name=Stock-Service url='http://httpbin.org/anything' Kong-Admin-Token:kong # Setup route and application-registration plugin http -f :31001/services/Stock-Service/routes name='getStockQuote' paths="/stock/historical" Kong-Admin-Token:kong # Enable Application Plugin for service http -f :31001/services/Stock-Service/plugins name=application-registration \ config.display_name=Stock-API config.auto_approve=true Kong-Admin-Token:kong # Enable Oauth2 for service http -f :31001/services/Stock-Service/plugins name=oauth2 config.enable_client_credentials=true Kong-Admin-Token:kong
Registration - Create an Application as a Developer - Login to Dev Portal as external-developer@example.com/Kong123 - Click My Apps and Click + New Application. - Enter the following details for the Application. - Name: Finance Mobile App - Redirect URI: http://test.com/redirect - Description: Finance Mobile App
Registration - Post a request to the secured Kong proxy as shown below - Then the stock-API service can be used in this Application. $ export CLIENT_ID='ILljp6dBmo5IBQYEzt2lXG6QnTb9SnRw' $ export CLIENT_SECRET='lTptRAIPp2bwFKorUVSfTRvQFSQ7ILSt' $ http --verify=no POST "https://localhost:31443/stock/historical/oauth2/token?grant_type=client_credentials&client_id=$CLI ENT_ID&client_secret=$CLIENT_SECRET" content-type:multipart/form-data Kong-Admin-Token:kong HTTP/1.1 200 OK Connection: keep-alive Content-Length: 91 Content-Type: application/json; charset=utf-8 Date: Thu, 28 Jul 2022 05:29:14 GMT Server: kong/2.8.1.2-enterprise-edition X-Kong-Response-Latency: 129 cache-control: no-store pragma: no-cache { "access_token": "q5K4VKWoNsUj5zekLwgq4SCKPl3psqfl", "expires_in": 7200, "token_type": "bearer" }
Registration - For simplicity we will get another access token, and save it in a variable: ❯ ACCESS_TOKEN=`http --verify=no POST "https://localhost:31443/stock/historical/oauth2/token?grant_type=client_credentials&client_id=$CLI ENT_ID&client_secret=$CLIENT_SECRET" content-type:multipart/form-data Kong-Admin-Token:kong | jq -r .access_token` ❯ echo $ACCESS_TOKEN bRNFmdH1ldL99IAlPg4Cy2bLTmKWL9iS
Mocking Plugin - Mocking allows a sample response from a spec to be returned when an API is queried. This is helpful to Developers when interact and confirm responses from APIs before the API was built. - Setup Mocking plugin on the route and specify the stock specification(stock-0.1.yaml). http -f :31001/routes/getStockQuote/plugins name=mocking config.api_specification_filename=stock-0.1.yaml
Ops for Portal - Version Control - There is a Kong Portal CLI(https://github.com/Kong/kong-portal-cli) which can help you to integrate Portal configuration/content into source control & DevOps to then publish/deploy to Portal runtime. - In this section we will use the portal CLI to view the configuration of the Dev Portal, fetch the current Dev portal, modify it and deploy it.
Ops for Portal - Version Control - Clone the template repo, and then edit the default configuration: - The default config will being printed git clone https://github.com/Kong/kong-portal-templates.git cd kong-portal-templates/ sed -i "/^kong_admin_token/ckong_admin_token: 'kong'" workspaces/default/cli.conf.yaml ❯ portal config default CLI Config: kong_admin_url: 'http://localhost:8001' kong_admin_token: kong Portal Config: name: Kong Portal app_version: 2fc6a56 theme: name: base redirect: unauthenticated: login …
Ops for Portal - Version Control - Modify contents of the Products page ❯ sed -i 's/Utilities/Logistics/g' workspaces/default/content/products/index.md
Ops for Portal - Version Control - Deploy the local change to Portal container (server) ... ❯ portal deploy default ✔ Wiped all Files from default Deploying default: Deployed ✔ configs Deployed ✔ content Deployed ✔ specs Deployed ✔ emails Deployed ✔ themes ✔ Deployed all files to default
Kong for Dev portal • Enable Kong Dev portal • Customization • Publish Specs to Portal • Publish Specs to Portal • Categorizing, Tagging and Locating Services • Role Based Access to Specs • Publish Additional Content • Developer Experience • Test the API and Managing Code Snippets • Application Registration • Mocking • DevOps Portal Management Summary 75
xibuka
.png){kind=avatar}
morohoshi
devops_vtj
jacopen
nomu
nagata03
lycorptech_jp
oracle4engineer
tomoki10
yuj1osm
.png){kind=icon}
pharma_x_tech
recruitengineers
pohdccoe
zakiyama
tammyeverts
chriscoyier
jnunemaker
reverentgeek
honnibal
kneath
destraynor
shlominoach
deanohume
aarron
