Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

A Kong retrospective: from 0.10 to 0.13

76 views

Published on

A short introductory talk given as part of the April 2018 Kong meetup "Introducing Kubernetes Ingress Controller for Kong".

This talk covers the new features and improvements made to Kong from 2017 to 2018, including the groundwork conducted by Kong Inc. and open source contributors that allowed for the development of the Kong Ingress Controller for Kubernetes.

The Kong Ingress Controller for Kubernetes was then announced during the meetup:

https://github.com/Kong/kubernetes-ingress-controller

Published in: Software
  • Be the first to comment

  • Be the first to like this

A Kong retrospective: from 0.10 to 0.13

  1. 1. konghq.comMeetup Meetup
  2. 2. konghq.comMeetup 2 ● When was our last Kong meetup? ○ March 2017! ○ Kong 0.10 ● What happened since then? ○ 3 major releases (0.11, 0.12, 0.13) ■ Numerous new features ■ Many efforts in usability and platform agnosticity ○ Community growth ■ Contributors ■ Kong Nation Retrospective
  3. 3. konghq.comMeetup 3 ● 0.10 -> 0.13 is a large Changelog ○ https://github.com/Kong/kong/blob/master/CHANGELOG.md ● Some of these laid out the foundations for the Kubernetes integration: ○ Native clustering: getting rid of our Serf dependency ○ DNS: SRV & non-FQDN resolution ○ Health-checks & circuit breakers ○ Control/data plane separation ○ Services & Routes Laying out the groundwork for… Kubernetes!
  4. 4. Native clustering
  5. 5. konghq.comMeetup 5 ● A cluster is made of stateless peers connected to the same database (PostgreSQL/Cassandra). ● Kong maintains a cache of the configuration stored in the database. ● What about… cache invalidation? Clustering
  6. 6. konghq.comMeetup 6 Serf Clustering us-west-1 us-east-1 K K K K K K LB LB Cassandra Cassandra Serf Serf Serf Serf Serf Serf 0.10 Kong + Serf pattern overhead cross-DC communication sidecar daemon with overhead TCP/UDP ports
  7. 7. konghq.comMeetup 7 Native Clustering Kong 0.11 and above us-west-1 us-east-1 K K K K K LB LB Cassandra Cassandra K
  8. 8. konghq.comMeetup 8 ● Serf was retired in favor of a pub/sub mechanism between Kong and PostgreSQL/Cassandra ○ https://github.com/Kong/kong/pull/2561 ○ https://github.com/thibaultcha/lua-resty-mlcache ● Reduce configuration/operations overhead ● Fully stateless ● More robust ● Got rid of some blocking I/O at the same time Native Clustering Kong 0.11 and above
  9. 9. DNS
  10. 10. konghq.comMeetup 10 ● Kong maintains a user-land DNS resolver (in Lua) ○ Performance (NGINX) ○ SRV records ○ /etc/hosts ○ /etc/resolv.conf ○ DNS load-balancing ○ https://github.com/Kong/lua-resty-dns-client/ DNS resolution
  11. 11. konghq.comMeetup 11 ● /etc/resolv.conf ○ Honour MAXNS (3) ○ Parse search and ndots options for non-FQDNs ● SRV records load-balancing ● Performance and memory footprint improvements Kubernetes-ready DNS resolution
  12. 12. Health-checks & circuit breakers
  13. 13. konghq.comMeetup Load balancing & retry policy ● Kong can act as a L7 load balancer ○ Round-robin ○ Weighted round-robin ○ Consistent hashing ● Retry policy for L3/L4 errors on a per-request basis Let’s be more proactive! 13
  14. 14. konghq.comMeetup Health-checks & circuit breakers ● Landed in Kong CE 0.12 ○ https://github.com/Kong/kong/pull/3096 ○ https://getkong.org/docs/0.12.x/health-checks-circuit-breakers/ ● Each node maintains the health of its upstreams ● Active checks: recurring probe ● Passive checks: tracks proxied requests ● Configurable L3/L4 errors and L7 HTTP status codes Kong 0.12 and above 14
  15. 15. Control & Data Planes
  16. 16. konghq.comMeetup Control & Data Planes ● How to disable the Admin API in Kong 0.12 and below? ○ Custom nginx.conf template ○ Remove the server {} block ● Disable the proxy: ditto! 16
  17. 17. konghq.comMeetup Control & Data Planes Kong 0.13 and above ● Landed in Kong CE 0.13 ○ https://github.com/Kong/kong/pull/3147 ● New configuration syntax for listeners ○ Support for disabling components ○ Support disabling plain text ○ Support for multiple listeners ○ Overall simplification of configuration parameters proxy_listen = [off] | <address:port> [ssl] [http2] [proxy_protocol], [...next...] 17
  18. 18. konghq.comMeetup Control & Data Planes Kong 0.13 and above proxy_listen = 0.0.0.0:443 ssl http2 admin_listen = 127.0.0.1:8443 ssl ssl = on http2 = on proxy_listen = 0.0.0.0:80 proxy_listen_ssl = 0.0.0.0:443 admin_ssl = on admin_http2 = off admin_listen = 127.0.0.1:8001 admin_listen_ssl = 127.0.0.1:8443 18
  19. 19. konghq.comMeetup Control & Data Planes Kong 0.13 and above proxy_listen = 0.0.0.0:443 ssl admin_listen = off Data plane proxy_listen = off admin_listen = 127.0.0.1:8443 Control plane 19
  20. 20. Services & Routes
  21. 21. konghq.comMeetup Services & Routes ● How to apply plugins per endpoint in Kong 0.12 and below? ● What about plugins that do not proxy requests? 21
  22. 22. konghq.comMeetup Services & Routes 22
  23. 23. konghq.comMeetup Services & Routes $ curl -X POST http://localhost:8001/apis -d 'name=example-api' -d 'uris=/profile' -d 'upstream_url=http://example-api.local' HTTP/1.1 201 Created Connection: close … $ curl -X POST http://localhost:8001/apis/example-api -d 'name=key-auth' -d config.key_names=apikey' HTTP/1.1 201 Created Connection: close … 23
  24. 24. konghq.comMeetup Services & Routes 24
  25. 25. konghq.comMeetup Services & Routes 25
  26. 26. konghq.comMeetup ● Landed in Kong CE 0.13 ○ https://github.com/Kong/kong/pull/3224 ○ https://konghq.com/blog/kong-ce-0-13-0-released 26 Services & Routes
  27. 27. Demo
  28. 28. Community milestones
  29. 29. konghq.comMeetup Community Milestones 29 Kong Nation https://discuss.konghq.com
  30. 30. konghq.comMeetup Community Milestones 30 100 contributors! To all our contributors: thank you!
  31. 31. konghq.comMeetup 31
  32. 32. konghq.comMeetup Community Milestones 32 Contributor T-shirt!
  33. 33. Thank you Now: Kong Ingress Controller

×