KONG-ADMIN演示

1、创建服务

curl -i -X POST 
  --url http://localhost:8001/services/ 
  --data 'name=example-service' 
  --data 'url=http://mockbin.org'
     url--对应services 表 protocol-host-port(http---mockbin.org)

2. Add a Route for the Service(一个服务有多个路由)

$ curl -i -X POST 
  --url http://localhost:8001/services/baidu-service/routes 
  --data 'hosts[]=t1.com'  --data 'hosts[]=t2.com'

//多种方式

hosts accepts multiple values, which must be comma-separated when specifying them via the Admin API, and is represented in a JSON payload:

$ curl -i -X POST http://localhost:8001/routes/ 
    -H 'Content-Type: application/json' 
    -d '{"hosts":["example.com", "foo-service.com"]}'
HTTP/1.1 201 Created
...

But since the Admin API also supports form-urlencoded content types, you can specify an array via the [] notation:

$ curl -i -X POST http://localhost:8001/routes/ 
    -d 'hosts[]=example.com' 
    -d 'hosts[]=foo-service.com'
HTTP/1.1 201 Created

3. Forward your requests through Kong---TEST

Issue the following cURL request to verify that Kong is properly forwarding requests to your Service. Note that by default Kong handles proxy requests on port :8000:

$ curl -i -X GET 
  --url http://localhost:8000/ 
  --header 'Host: example.com'

4、给服务添加启用插件
     请求访问时，会检查：

   keyauth_credentials--这个表里存储着身份凭证

----key,consumerid---统一认证时候，需要提供来访的apikey,按照apikey找到consumerid,进而查询到consumer,设置

          后续请求头里面。

      ----访问key的发放服务（登录服务）--这个不需要启用认证

Configure the key-auth plugin

To configure the key-auth plugin for the Service you configured in Kong, issue the following cURL request:

A、为服务启用插件

$ curl -i -X POST 
  --url http://localhost:8001/services/baidu-service/plugins/ 
  --data 'name=key-auth'

当系统初始化时，读表plugins（读取插件配置）---会为每个服务加载插件列表，当请求来临时，调用插件的拦截方法，传递conf---
插件内会去从请求中找出访问key,然后差找访问凭证，进而查询出消费者，把消费者信息，写到后续请求头中

测试访问，返回

  curl -i -X GET --url http://t1.com:8000 --header 'HOST:t1.com'
HTTP/1.1 401 Unauthorized
Date: Sun, 29 Mar 2020 13:02:57 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
WWW-Authenticate: Key realm="kong"
Content-Length: 41
X-Kong-Response-Latency: 1
Server: kong/2.0.2

{"message":"No API key found in request"}

B、建立访问者身份凭证

//创建消费者----增加应用的用户

curl -i -X POST 
  --url http://localhost:8001/consumers/ 
  --data "username=Jason"

//创建消费者访问凭证----keyauth_credentials--增加记录

curl -i -X POST 
  --url http://localhost:8001/consumers/Jason/key-auth/ 
  --data 'key=123456'

//验证访问

curl -i -X GET --url http://t1.com:8000 --header 'HOST:t1.com'  --header 'apikey:123456'