tjtjtjのメモ

自分のためのメモです

kong 初めてのプラグイン

kong は OpenResty に埋め込まれているようだ。Embedding Kong in OpenResty

なので kong のプラグインlua で書くと。。。どこにどう書いたら kong にプラグインを認識されられるのか、このヘン読んでもよくわからなかった(/usr/local/kong だったら /usr/local/kong-plugin/myplugin に置く?)。

kong-plugin テンプレート から development environment へのリンクがあった。これを読むとよさそうなので試した。

plugin 付きのkong を起動

# kong-vagrant クローン
$ git clone https://github.com/Kong/kong-vagrant
$ cd kong-vagrant

# kong 1.3.0 をクローン
$ git clone https://github.com/Kong/kong
$ cd kong
$ git checkout 1.3.0
$ cd ..

# kong-plugin をクローン
$ git clone https://github.com/Kong/kong-plugin

# vagrant up
$ vagrant up

# ssh
$ vagrant ssh-config --host mykong >> ~/.ssh/config
$ ssh mykong

# make
$ cd /kong
$ make dev
$ export KONG_PLUGINS=bundled,myplugin

# kong 起動
$ cd /kong
$ bin/kong migrations bootstrap
$ bin/kong start

# myplugin が入っていること確認
$ curl http://localhost:8001 | jq
{
  "plugins": {
    "enabled_in_cluster": [],
    "available_on_server": {
      "correlation-id": true,
      "pre-function": true,
      "cors": true,
      "ldap-auth": true,
      "loggly": true,
      "hmac-auth": true,
      "zipkin": true,
      "request-size-limiting": true,
      "azure-functions": true,
      "request-transformer": true,
      "oauth2": true,
      "response-transformer": true,
      "ip-restriction": true,
      "statsd": true,
      "jwt": true,
      "proxy-cache": true,
      "basic-auth": true,
      "key-auth": true,
      "http-log": true,
      "myplugin": true,     <--- あった
      "datadog": true,
      "tcp-log": true,
      "rate-limiting": true,
      "post-function": true,
      "prometheus": true,
      "acl": true,
      "kubernetes-sidecar-injector": true,
      "syslog": true,
      "file-log": true,
      "udp-log": true,
      "response-ratelimiting": true,
      "aws-lambda": true,
      "session": true,
      "bot-detection": true,
      "request-termination": true
    }
  },
  :
}

サービスとルート作成

サービス作成

$ curl -i -X POST \
  --url>   --url http://localhost:8001/services/ \
>   --data 'name=mockbin' \
>   --data 'url=http://mockbin.org/request'
HTTP/1.1 201 Created
Date: Wed, 02 Oct 2019 11:15:42 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Access-Control-Allow-Origin: *
Server: kong/1.3.0
Content-Length: 295

{"host":"mockbin.org",
  "created_at":1570014942,
  "connect_timeout":60000,
  "id":"8dbdd1fa-49a2-428b-be88-515ce5861685",
  "protocol":"http",
  "name":"mockbin",
  "read_timeout":60000,
  "port":80,
  "path":"\/request",
  "updated_at":1570014942,
  "retries":5,
  "write_timeout":60000,
  "tags":null,
  "client_certificate":null
}

ルート作成

$ curl -i -X POST \
  --url http://localhost:8001/services/mockbin/routes \
  --data 'paths=/'

HTTP/1.1 201 Created
Date: Wed, 02 Oct 2019 11:17:20 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Access-Control-Allow-Origin: *
Server: kong/1.3.0
Content-Length: 399

{
  "id":"1cea2fd2-94e2-41fb-b4dd-3f2ddcaf8178",
  "tags":null,
  "updated_at":1570015040,
  "destinations":null,
  "headers":null,
  "protocols":["http","https"],
  "created_at":1570015040,
  "snis":null,
  "service":{"id":"8dbdd1fa-49a2-428b-be88-515ce5861685"},
  "name":null,
  "preserve_host":false,
  "regex_priority":0,
  "strip_path":true,
  "sources":null,
  "paths":["\/"],
  "https_redirect_status_code":426,
  "hosts":null,
  "methods":null
}

プラグインを確認

今回のプラグインって何するの?

github.com

  • リクエストヘッダに Hello-World: this is on a request を付与
  • レスポンスヘッダに Bye-World: this is on the respons を付与

って感じでしょうか。

プラグイン適用

プラグイン適用前確認

$ curl -i http://localhost:8000
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 947
Connection: keep-alive
Server: openresty/1.15.8.2
Date: Wed, 02 Oct 2019 11:20:38 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: host,connection,x-forwarded-for,x-forwarded-proto,x-forwarded-host,x-forwarded-port,x-real-ip,kong-cloud-request-id,kong-client-id,user-agent,accept,x-request-id,via,connect-time,x-request-start,total-route-time
Access-Control-Allow-Credentials: true
X-Powered-By: mockbin
Vary: Accept, Accept-Encoding
Etag: W/"3b3-23mI5a/Nc5siECwTiVD17ffY7pA"
Via: kong/1.3.0
X-Kong-Upstream-Status: 200
X-Kong-Upstream-Latency: 332
X-Kong-Proxy-Latency: 1103
Kong-Cloud-Request-ID: 3d8a05512f1df478c7d331ff521256db

{
  "startedDateTime": "2019-10-02T11:20:38.531Z",
  "clientIPAddress": "127.0.0.1",
  "method": "GET",
  "url": "http://localhost/request",
  "httpVersion": "HTTP/1.1",
  "cookies": {},
  "headers": {
    "host": "mockbin.org",
    "connection": "close",
    "x系": カット
    "kong-cloud-request-id": "3d8a05512f1df478c7d331ff521256db",
    "kong-client-id": "mockbin",
    "user-agent": "curl/7.58.0",
    "accept": "*/*",
    "via": "1.1 vegur",
    "connect-time": "1",
    "total-route-time": "0"
  },
  "queryString": {},
  "postData": {
    "mimeType": "application/octet-stream",
    "text": "",
    "params": []
  },
  "headersSize": 496,
  "bodySize": 0
}

プラグイン適用

$ curl -i -X POST \
  --url http://localhost:8001/services/mockbin/plugins \
  --data 'name=myplugin'

HTTP/1.1 201 Created
Date: Wed, 02 Oct 2019 11:25:03 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Access-Control-Allow-Origin: *
Server: kong/1.3.0
Content-Length: 272

{
  "created_at":1570015503,
  "config":{},
  "id":"d5f4fc1c-cafb-49c9-af91-41a77ac760f3",
  "service":{"id":"8dbdd1fa-49a2-428b-be88-515ce5861685"},
  "name":"myplugin",
  "protocols":["grpc","grpcs","http","https"],
  "enabled":true,
  "run_on":"first",
  "consumer":null,
  "route":null,
  "tags":null
}

プラグイン適用後

$ curl -i http://localhost:8000
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 990
Connection: keep-alive
Server: openresty/1.15.8.2
Date: Wed, 02 Oct 2019 11:26:13 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: host,connection,x-forwarded-for,x-forwarded-proto,x-forwarded-host,x-forwarded-port,x-real-ip,kong-cloud-request-id,kong-client-id,user-agent,accept,hello-world,x-request-id,via,connect-time,x-request-start,total-route-time
Access-Control-Allow-Credentials: true
X-Powered-By: mockbin
Vary: Accept, Accept-Encoding
Etag: W/"3de-OSFy1U2/1LzKNPqTUjm10elCFLU"
Via: kong/1.3.0
X-Kong-Upstream-Status: 200
X-Kong-Upstream-Latency: 340
X-Kong-Proxy-Latency: 266
Kong-Cloud-Request-ID: c4c4add2dbdd8a8b70958af6bc9cb0c3
Bye-World: this is on the response    <--- これ

{
  "startedDateTime": "2019-10-02T11:26:13.096Z",
  "clientIPAddress": "127.0.0.1",
  "method": "GET",
  "url": "http://localhost/request",
  "httpVersion": "HTTP/1.1",
  "cookies": {},
  "headers": {
    "host": "mockbin.org",
    "connection": "close",
    "x系": カット
    "kong-cloud-request-id": "c4c4add2dbdd8a8b70958af6bc9cb0c3",
    "kong-client-id": "mockbin",
    "user-agent": "curl/7.58.0",
    "accept": "*/*",
    "hello-world": "this is on a request",    <--- これ
    "via": "1.1 vegur",
    "connect-time": "1",
    "total-route-time": "0"
  },
  "queryString": {},
  "postData": {
    "mimeType": "application/octet-stream",
    "text": "",
    "params": []
  },
  "headersSize": 531,
  "bodySize": 0
}

おわり

とりあえず雰囲気はわかった。続きの running-kong-from-the-source-repo を読みながらならできそうな気がしてきた。