Add Kong as Gateway

Now we want to protect our API with Kong as an API Gateway. To do this we will have to extend our docker-compose.yaml with only one additional service and make some changes to the existing one.

We use Kong in DB-less mode with a Declarative Configuration. In this mode Kong only works on in memory data and most endpoints of the Admin API won’t work. Additionally there are some plug ins which require a database (the OAuth2 plugin for example). The advantage is that we can do the whole configuration of endpoints, routes and plugins in a single .yml file.

For more information on the DB-less mode see the Kong docs.

Network

We want all our services to be part of one network. So we add a networks section to our docker-compose.yaml and attach our rove-api service to it.

Additionally we aim to access the API only through our API gateway, so we will have to remove the port-mapping from the service description of the rover-api service. The docker-compose.yaml should then look like this:

version: '3'

networks:
  kong-rover-demo:
    driver: bridge

services:
  rover-api:
    container_name: rover-api
    image: registry.gitlab.com/ngstmnn/go-rover:0.1.2-debug
    networks:
      - kong-rover-demo

Kong

The new service we have to add is the Kong API gateway. You can find an official docker image on Docker Hub.

  kong:
    container_name: kong
    image: kong:1.3
    restart: always
    networks:
      - kong-rover-demo
    environment:
      - KONG_DATABASE=off
      - KONG_DECLARATIVE_CONFIG=/etc/kong/kong.yml
      - KONG_PROXY_LISTEN=0.0.0.0:8000
      - KONG_ADMIN_LISTEN=0.0.0.0:8001
    volumes:
      - ./kong/kong.yml:/etc/kong/kong.yml
    ports:
      - 80:8000
      - 8001:8001

Configuration file

As mentioned above we want to configure the gateway using a Declarative Configuration. We have already added an environment variable to our docker-compose.yaml which points to this configuration file and we have a volume mapping which maps the file from our local file system to the container.

So, to make sure Kong is able to start we need to create this file. For now we only need a property specifying the version of the configuration format.

echo "_format_version: \"1.1\"" > ./kong/kong.yml

Start the services

Once we have updated the docker-compose.yaml (this is how it should look now) we can start the services again with:

docker-compose up -d

If we send a request as we did when we only had the API deployed we will receive the following answer from Kong:

{
  "message":"no Route matched with those values"
}

So we can’t access our API any more. To change this, we will have to add a service and a route to our API gateway. As we decided to use DB-less mode with a Declarative Configuration we will have to stop our services before we make changes to the configuration file as Kong won’t refresh its configuration automatically when the file changes.

docker-compose down

There are other ways to update the configuration in DB-less mode. But to keep the tutorial simple we just stop the service and start it again after applying the changes.

Continue to the next section.