├── 0.10.3 ├── .dockerignore ├── docker-entrypoint.sh └── Dockerfile ├── .gitignore ├── docker-compose.yml ├── deploy.sh ├── check.sh ├── conf ├── kong.conf └── nginx.template ├── circle.yml └── README.md /0.10.3/.dockerignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | chechkong.sh 3 | -------------------------------------------------------------------------------- /0.10.3/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/dumb-init /bin/sh 2 | 3 | set -ex 4 | 5 | # Disabling nginx daemon mode 6 | export KONG_NGINX_DAEMON="off" 7 | 8 | [ -z "$KONG_NGINX_DAEMON" ] && export KONG_NGINX_DAEMON="off" 9 | 10 | ulimit -n 4096 11 | 12 | exec "$@" 13 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2" 2 | 3 | services: 4 | kong-database: 5 | image: orangesys/alpine-postgres:9.5.4 6 | container_name: kong-database 7 | ports: 8 | - "5432:5432" 9 | environment: 10 | - POSTGRES_USER=kong 11 | - POSTGRES_DB=kong 12 | - PGDATA=/var/lib/postgresql/kong 13 | kong: 14 | image: orangesys/alpine-kong 15 | container_name: kong 16 | environment: 17 | - KONG_DATABASE=postgres 18 | - KONG_PG_HOST=kong-database 19 | # command: kong start -c /conf/kong.conf --nginx-conf /conf/nginx.template 20 | restart: always 21 | ports: 22 | - "8000:8000" 23 | - "8443:8443" 24 | - "8001:8001" 25 | - "7946:7946" 26 | - "7946:7946/udp" 27 | volumes: 28 | - "./conf:/conf" 29 | links: 30 | - kong-database 31 | -------------------------------------------------------------------------------- /deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -ex 4 | 5 | dir=. 6 | if [ $# -gt 0 ]; then 7 | dir=("$@") 8 | fi 9 | 10 | log_msg() { 11 | echo "[$(date "+%Y/%m/%d %H:%M:%S %z")] $@" 12 | } 13 | 14 | log_msg "Verifying docker daemon connectivity" 15 | 16 | # Gather directories with a Dockerfile and sanitize the path to remove leading 17 | # a leading ./ and multiple slashes into a single slash. 18 | dockerfiles=$(find "$dir" -name Dockerfile -print0 | xargs -0 -I{} dirname {} | sed 's@^./@@' | sed 's@//*@/@g') 19 | for path in $dockerfiles; do 20 | # Generate a tag by replacing the first slash with a colon and all remaining slashes with a dash. 21 | tag=$(echo $path | sed 's@/@:@' | sed 's@/@-@g') 22 | log_msg "Tagging docker image $tag with gcr tag" 23 | docker tag "orangesys/alpine-kong:${tag}" "asia.gcr.io/saas-orangesys-io/alpine-kong:${tag}" 24 | docker tag "orangesys/alpine-kong:${tag}" "quay.io/orangesys/alpine-kong:${tag}" 25 | docker push quay.io/orangesys/alpine-kong:${tag} 26 | sudo /opt/google-cloud-sdk/bin/gcloud docker -- push asia.gcr.io/saas-orangesys-io/alpine-kong:${tag} 27 | docker logout 28 | done 29 | -------------------------------------------------------------------------------- /check.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set +ex 4 | 5 | curl -si -X POST \ 6 | --url http://localhost:8001/apis/ \ 7 | --data 'name=mockbin' \ 8 | --data 'upstream_url=http://mockbin.com' \ 9 | --data 'hosts=mockbin.com' 10 | 11 | curl -si -X POST \ 12 | --url http://localhost:8001/apis/mockbin/plugins/ \ 13 | --data 'name=jwt' 14 | 15 | curl -si -X POST \ 16 | --url http://localhost:8001/consumers/ \ 17 | --data "username=mockbin" 18 | 19 | 20 | curl -si -X POST \ 21 | --url http://localhost:8001/consumers/mockbin/jwt \ 22 | --data 'key=a36c3049b36249a3c9f8891cb127243c' \ 23 | --data 'secret=e71829c351aa4242c2719cbfbe671c09' 24 | 25 | curl -s http://localhost:8000/request?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhMzZjMzA0OWIzNjI0OWEzYzlmODg5MWNiMTI3MjQzYyIsImV4cCI6MTQ0MjQzMDA1NCwibmJmIjoxNDQyNDI2NDU0LCJpYXQiOjE0NDI0MjY0NTR9.AhumfY35GFLuEEjrOXiaADo7Ae6gt_8VLwX7qffhQN4 --header "Host: mockbin.com" 26 | curl -s http://localhost:8000/request?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhMzZjMzA0OWIzNjI0OWEzYzlmODg5MWNiMTI3MjQzYyIsImV4cCI6MTQ0MjQzMDA1NCwibmJmIjoxNDQyNDI2NDU0LCJpYXQiOjE0NDI0MjY0NTR9.AhumfY35GFLuEEjrOXiaADo7Ae6gt_8VLwX7qffhQN4 --header "Host: mockbin.com"|grep -q GET 27 | -------------------------------------------------------------------------------- /conf/kong.conf: -------------------------------------------------------------------------------- 1 | ssl = false 2 | nginx_acc_logs = /usr/local/openresty/nginx/logs/access.log 3 | nginx_pid = /usr/local/kong/pids/nginx.pid 4 | nginx_conf = /usr/local/kong/nginx.conf 5 | anonymous_reports = true 6 | lua_code_cache = on 7 | serf_path = serf 8 | nginx_kong_conf = /usr/local/kong/nginx-kong.conf 9 | nginx_err_logs = /usr/local/openresty/nginx/logs/error.log 10 | log_level = notice 11 | proxy_listen = 0.0.0.0:8000 12 | lua_ssl_verify_depth = 1 13 | admin_listen = 0.0.0.0:8001 14 | serf_log = /usr/local/kong/logs/serf.log 15 | dnsmasq_pid = /usr/local/kong/pids/dnsmasq.pid 16 | nginx_worker_processes = auto 17 | proxy_ip = 0.0.0.0 18 | cluster_profile = wan 19 | pg_ssl = false 20 | pg_database = kong 21 | lua_package_path = ?/init.lua;./kong/?.lua 22 | proxy_port = 8000 23 | serf_node_id = /usr/local/kong/serf/serf.id 24 | admin_ip = 0.0.0.0 25 | kong_conf = /usr/local/kong/kong.conf 26 | admin_port = 8001 27 | prefix = /usr/local/kong 28 | cluster_listen = 0.0.0.0:7946 29 | pg_host = kong-database 30 | pg_port = 5432 31 | cluster_ttl_on_failure = 3600 32 | nginx_daemon = off 33 | serf_pid = /usr/local/kong/pids/serf.pid 34 | nginx_optimizations = true 35 | pg_user = kong 36 | pg_ssl_verify = false 37 | database = postgres 38 | serf_event = /usr/local/kong/serf/serf_event.sh 39 | mem_cache_size = 128m 40 | cluster_listen_rpc = 127.0.0.1:7373 41 | -------------------------------------------------------------------------------- /circle.yml: -------------------------------------------------------------------------------- 1 | machine: 2 | environment: 3 | PROJECT_NAME: orangesys 4 | CLOUDSDK_COMPUTE_ZONE: asia-northeast1-c 5 | pre: 6 | - curl -sSL https://s3.amazonaws.com/circle-downloads/install-circleci-docker.sh | bash -s -- 1.10.0 7 | - sudo pip install docker-compose==1.8.0 8 | timezone: 9 | Asia/Tokyo 10 | services: 11 | - docker 12 | 13 | dependencies: 14 | cache_directories: 15 | - "~/docker" 16 | 17 | pre: 18 | - git tag 19 | - docker info 20 | - docker-compose version 21 | post: 22 | - ./build.sh 23 | - docker images 24 | 25 | test: 26 | override: 27 | - sudo service postgresql stop 28 | - sudo apt-get remove -y postgresql* 29 | - docker-compose up -d 30 | - sleep 5 31 | - ./check.sh 32 | - docker-compose stop 33 | - docker-compose rm -f 34 | 35 | general: 36 | branches: 37 | ignore: 38 | - /^(?!master).*$/ 39 | deployment: 40 | release: 41 | tag: /^v[0-9]+(\.[0-9]+)*/ 42 | owner: orangesys 43 | commands: 44 | - sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update 45 | - echo $GCLOUD_SERVICE_KEY | base64 --decode -i > ${HOME}/account-auth.json 46 | - sudo /opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file ${HOME}/account-auth.json 47 | - sudo /opt/google-cloud-sdk/bin/gcloud config set project $PROJECT_NAME 48 | - docker login -e $DOCKER_EMAIL -u $DOCKER_USER -p $DOCKER_PASS 49 | - docker push orangesys/alpine-kong 50 | - docker logout 51 | - docker login -e $DOCKER_EMAIL -u $DOCKER_USER -p $DOCKER_PASS quay.io 52 | - ./deploy.sh 53 | - curl -X POST 'https://hooks.microbadger.com/images/orangesys/alpine-kong/TXpYCFhbor1JfoHpi07GvS_rPjs=' 54 | -------------------------------------------------------------------------------- /0.10.3/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM openresty/openresty:1.11.2.1-alpine 2 | MAINTAINER gavin zhou 3 | 4 | ENV LUAROCKS_VERSION=2.4.1 \ 5 | KONG_VERSION=0.10.3 \ 6 | SERF_VERSION=0.8.1 \ 7 | OPENRESTY_PREFIX=/usr/local/openresty 8 | 9 | RUN echo "==> Installing dependencies..." \ 10 | && apk update \ 11 | && apk add --virtual .build-deps \ 12 | make gcc musl-dev curl wget git unzip openssl-dev \ 13 | && apk add openssl dnsmasq perl \ 14 | && apk add --upgrade gd busybox libxslt libxml2 \ 15 | && apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/community dumb-init \ 16 | && echo "==> Configuring LuaRocks..." \ 17 | && mkdir -p /root/luarocks \ 18 | && cd /root/luarocks \ 19 | && curl -sSL http://keplerproject.github.io/luarocks/releases/luarocks-${LUAROCKS_VERSION}.tar.gz |tar -xz \ 20 | && cd luarocks* \ 21 | && ./configure \ 22 | --with-lua=$OPENRESTY_PREFIX/luajit \ 23 | --lua-suffix=jit-2.1.0-beta2 \ 24 | --with-lua-include=$OPENRESTY_PREFIX/luajit/include/luajit-2.1 \ 25 | && make build && make install \ 26 | && echo "==> Finishing..." \ 27 | && echo "==> Installing kong dependencies..." \ 28 | && wget -q https://releases.hashicorp.com/serf/${SERF_VERSION}/serf_${SERF_VERSION}_linux_amd64.zip \ 29 | && unzip serf*.zip && mv serf /usr/bin/ && rm serf*.zip \ 30 | && luarocks install https://raw.githubusercontent.com/Mashape/kong/${KONG_VERSION}/kong-${KONG_VERSION}-0.rockspec \ 31 | && ln -sf $OPENRESTY_PREFIX/bin/resty /usr/local/bin/resty \ 32 | && ln -sf $OPENRESTY_PREFIX/nginx/sbin/nginx /usr/local/bin/nginx \ 33 | && curl -sSL -o /usr/local/bin/kong https://raw.githubusercontent.com/Mashape/kong/${KONG_VERSION}/bin/kong \ 34 | && chmod +x /usr/local/bin/kong && mkdir -p /etc/kong \ 35 | && curl -sSL -o /etc/kong/kong.conf.default https://raw.githubusercontent.com/Mashape/kong/${KONG_VERSION}/kong.conf.default \ 36 | && apk del .build-deps \ 37 | && echo "user=root" >> /etc/dnsmasq.conf \ 38 | && rm -rf /var/cache/apk/* /root/luarocks 39 | 40 | COPY docker-entrypoint.sh /docker-entrypoint.sh 41 | ENTRYPOINT ["/docker-entrypoint.sh"] 42 | 43 | EXPOSE 8000 8443 8001 7946 44 | CMD ["kong", "start"] 45 | -------------------------------------------------------------------------------- /conf/nginx.template: -------------------------------------------------------------------------------- 1 | # This is a custom nginx configuration template for Kong specs 2 | 3 | worker_processes ${{NGINX_WORKER_PROCESSES}}; 4 | daemon ${{NGINX_DAEMON}}; 5 | 6 | pid pids/nginx.pid; # mandatory even for custom config templates 7 | error_log /usr/local/openresty/nginx/logs/error.log ${{LOG_LEVEL}}; 8 | 9 | events { 10 | worker_connections 1024; 11 | multi_accept on; 12 | } 13 | 14 | http { 15 | resolver ${{DNS_RESOLVER}} ipv6=off; 16 | charset UTF-8; 17 | 18 | gzip on; 19 | gzip_http_version 1.1; 20 | gzip_vary on; 21 | gzip_comp_level 6; 22 | gzip_proxied any; 23 | gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js; 24 | gzip_buffers 16 8k; 25 | 26 | proxy_cache_path /tmp/cache keys_zone=mem_cache_zone:25m loader_threshold=300 loader_files=200 max_size=100m; 27 | 28 | error_log /usr/local/openresty/nginx/logs/error.log ${{LOG_LEVEL}}; 29 | access_log /usr/local/openresty/nginx/logs/access.log; 30 | 31 | > if anonymous_reports then 32 | ${{SYSLOG_REPORTS}} 33 | > end 34 | 35 | client_max_body_size 0; 36 | proxy_ssl_server_name on; 37 | underscores_in_headers on; 38 | 39 | real_ip_header X-Forwarded-For; 40 | set_real_ip_from 0.0.0.0/0; 41 | real_ip_recursive on; 42 | 43 | reset_timedout_connection on; 44 | tcp_nopush on; 45 | tcp_nodelay on; 46 | keepalive_timeout 65; 47 | types_hash_max_size 2048; 48 | server_tokens off; 49 | 50 | lua_package_path '${{LUA_PACKAGE_PATH}};;'; 51 | lua_package_cpath '${{LUA_PACKAGE_CPATH}};;'; 52 | lua_code_cache ${{LUA_CODE_CACHE}}; 53 | lua_max_running_timers 4096; 54 | lua_max_pending_timers 16384; 55 | lua_shared_dict kong 4m; 56 | lua_shared_dict cache ${{MEM_CACHE_SIZE}}; 57 | lua_shared_dict cache_locks 100k; 58 | lua_shared_dict cassandra 1m; 59 | lua_shared_dict cassandra_prepared 5m; 60 | lua_socket_log_errors off; 61 | > if lua_ssl_trusted_certificate then 62 | lua_ssl_trusted_certificate '${{lua_ssl_trusted_certificate}}'; 63 | > end 64 | 65 | init_by_lua_block { 66 | require 'resty.core' 67 | kong = require 'kong' 68 | kong.init() 69 | } 70 | 71 | init_worker_by_lua_block { 72 | kong.init_worker() 73 | } 74 | 75 | server { 76 | server_name kong; 77 | 78 | listen ${{PROXY_LISTEN}}; 79 | error_page 404 408 411 412 413 414 417 /kong_error_handler; 80 | error_page 500 502 503 504 /kong_error_handler; 81 | 82 | > if ssl then 83 | listen ${{PROXY_LISTEN_SSL}} ssl; 84 | ssl_certificate ${{SSL_CERT}}; 85 | ssl_certificate_key ${{SSL_CERT_KEY}}; 86 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 87 | ssl_certificate_by_lua_block { 88 | kong.ssl_certificate() 89 | } 90 | > end 91 | 92 | location / { 93 | set $upstream_host nil; 94 | set $upstream_url nil; 95 | 96 | access_by_lua_block { 97 | kong.access() 98 | } 99 | 100 | proxy_set_header X-Real-IP $remote_addr; 101 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 102 | proxy_set_header X-Forwarded-Proto $scheme; 103 | proxy_set_header Host $upstream_host; 104 | proxy_pass_header Server; 105 | proxy_pass $upstream_url; 106 | 107 | proxy_buffering on; 108 | proxy_buffer_size 128k; 109 | proxy_buffers 4 256k; 110 | proxy_busy_buffers_size 256k; 111 | 112 | proxy_cache mem_cache_zone; 113 | proxy_cache_valid 200 302 1m; 114 | proxy_cache_key "$scheme://$host$request_uri$is_args$args"; 115 | proxy_cache_min_uses 1; 116 | proxy_cache_valid 404 1m; 117 | add_header X-Cache-Status $upstream_cache_status; 118 | proxy_cache_use_stale error timeout invalid_header http_500 http_502 http_503 http_504; 119 | 120 | header_filter_by_lua_block { 121 | kong.header_filter() 122 | } 123 | 124 | body_filter_by_lua_block { 125 | kong.body_filter() 126 | } 127 | 128 | log_by_lua_block { 129 | kong.log() 130 | } 131 | } 132 | 133 | location = /kong_error_handler { 134 | internal; 135 | content_by_lua_block { 136 | require('kong.core.error_handlers')(ngx) 137 | } 138 | } 139 | } 140 | 141 | server { 142 | server_name kong_admin; 143 | listen ${{ADMIN_LISTEN}}; 144 | 145 | client_max_body_size 10m; 146 | client_body_buffer_size 10m; 147 | 148 | location / { 149 | default_type application/json; 150 | content_by_lua_block { 151 | ngx.header['Access-Control-Allow-Origin'] = '*' 152 | if ngx.req.get_method() == 'OPTIONS' then 153 | ngx.header['Access-Control-Allow-Methods'] = 'GET,HEAD,PUT,PATCH,POST,DELETE' 154 | ngx.header['Access-Control-Allow-Headers'] = 'Content-Type' 155 | ngx.exit(204) 156 | end 157 | 158 | require('lapis').serve('kong.api') 159 | } 160 | } 161 | 162 | location /nginx_status { 163 | internal; 164 | access_log off; 165 | stub_status; 166 | } 167 | 168 | location /healthcheck { 169 | return 200 'Orangesys apiGateway is healthy'; 170 | access_log off; 171 | } 172 | 173 | location = /_.gif { 174 | empty_gif; 175 | access_log off; 176 | } 177 | 178 | location /robots.txt { 179 | return 200 'User-agent: *\nDisallow: /'; 180 | } 181 | } 182 | } 183 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![CircleCI](https://circleci.com/gh/orangesys/alpine-kong.svg?style=svg)](https://circleci.com/gh/orangesys/alpine-kong) 2 | [![Docker Pulls](https://img.shields.io/docker/pulls/orangesys/alpine-kong.svg)](https://hub.docker.com/r/orangesys/alpine-kong/) 3 | [![](https://images.microbadger.com/badges/image/orangesys/alpine-kong.svg)](https://microbadger.com/images/orangesys/alpine-kong "Get your own image badge on microbadger.com") 4 | [![](https://images.microbadger.com/badges/version/orangesys/alpine-kong.svg)](https://microbadger.com/images/orangesys/alpine-kong "Get your own version badge on microbadger.com") 5 | [![Docker Repository on Quay](https://quay.io/repository/orangesys/alpine-kong/status?token=15718857-a9c3-4902-a079-dbd1b2506063 "Docker Repository on Quay")](https://quay.io/repository/orangesys/alpine-kong) 6 | 7 | # Kong in Docker 8 | 9 | This is the official Docker image for [Kong][kong-site-url]. 10 | 11 | orangesys/alpine-kong with [dumb-init](https://github.com/Yelp/dumb-init) installed and used as default ENTRYPOINT. 12 | 13 | ## Run kong in Kubernetes 14 | You can run Kubernetes use [helm charts](https://github.com/orangesys/charts/tree/master/kong) for this 15 | 16 | 17 | You can use this image like you would use any other base image, just 18 | don't override ENTRYPOINT or run `dumb-init` yourself. 19 | 20 | ## Run docker compose 21 | ```shell 22 | git clone https://github.com/orangesys/alpine-kong.git 23 | docker-compose up -d 24 | ``` 25 | 26 | # Supported tags and respective `Dockerfile` links 27 | 28 | - `0.9.3` - *([Dockerfile](https://raw.githubusercontent.com/orangesys/alpine-kong/v0.9.3/0.9.3/Dockerfile))* 29 | - `0.9.4` - *([Dockerfile](https://raw.githubusercontent.com/orangesys/alpine-kong/v0.9.4/0.9.4/Dockerfile))* 30 | - `0.9.5` - *([Dockerfile](https://raw.githubusercontent.com/orangesys/alpine-kong/v0.9.5/0.9.5/Dockerfile))* 31 | - `0.9.6` - *([Dockerfile](https://raw.githubusercontent.com/orangesys/alpine-kong/v0.9.6/0.9.6/Dockerfile))* 32 | - `0.9.7` - *([Dockerfile](https://raw.githubusercontent.com/orangesys/alpine-kong/v0.9.7/0.9.7/Dockerfile))* 33 | - `0.9.8` - *([Dockerfile](https://raw.githubusercontent.com/orangesys/alpine-kong/v0.9.8/0.9.8/Dockerfile))* 34 | - `0.9.9` - *([Dockerfile](https://raw.githubusercontent.com/orangesys/alpine-kong/v0.9.9/0.9.9/Dockerfile))* 35 | - `0.10.0` - *([Dockerfile](https://raw.githubusercontent.com/orangesys/alpine-kong/v0.10.0/0.10.0/Dockerfile))* 36 | - `0.10.1` - *([Dockerfile](https://raw.githubusercontent.com/orangesys/alpine-kong/v0.10.1/0.10.1/Dockerfile))* 37 | 38 | # What is Kong? 39 | 40 | Kong was built to secure, manage and extend Microservices & APIs. If you're building for web, mobile or IoT (Internet of Things) you will likely end up needing to implement common functionality on top of your actual software. Kong can help by acting as a gateway for any HTTP resource while providing logging, authentication and other functionality through plugins. 41 | 42 | Powered by NGINX and Cassandra with a focus on high performance and reliability, Kong runs in production at Mashape where it has handled billions of API requests for over ten thousand APIs. 43 | 44 | Kong's documentation can be found at [getkong.org/docs][kong-docs-url]. 45 | 46 | # How to use this image 47 | 48 | First, Kong requires a running Cassandra or PostgreSQL cluster before it starts. You can either use the official Cassandra/PostgreSQL containers, or use your own. 49 | 50 | ## 1. Link Kong to either a Cassandra or PostgreSQL container 51 | 52 | It's up to you to decide which datastore between Cassandra or PostgreSQL you want to use, since Kong supports both. 53 | 54 | ### Cassandra 55 | 56 | Start a Cassandra container by executing: 57 | 58 | ```shell 59 | $ docker run -d --name kong-database \ 60 | -p 9042:9042 \ 61 | cassandra:2.2 62 | ``` 63 | 64 | ### Postgres 65 | 66 | Start a PostgreSQL container by executing: 67 | 68 | ```shell 69 | docker run -d --name kong-database \ 70 | -p 5432:5432 \ 71 | -e "POSTGRES_USER=kong" \ 72 | -e "POSTGRES_DB=kong" \ 73 | postgres:9.4 74 | ``` 75 | 76 | ### Start Kong 77 | 78 | Once the database is running, we can start a Kong container and link it to the database container, and configuring the `DATABASE` environment variable with either `cassandra` or `postgres` depending on which database you decided to use: 79 | 80 | ```shell 81 | $ docker run -d --name kong \ 82 | -e "DATABASE=cassandra" \ 83 | --link kong-database:kong-database \ 84 | -p 8000:8000 \ 85 | -p 8443:8443 \ 86 | -p 8001:8001 \ 87 | -p 7946:7946 \ 88 | -p 7946:7946/udp \ 89 | --security-opt seccomp:unconfined \ 90 | orangesys/alpine-kong:0.7.0 91 | ``` 92 | 93 | **Note:** If Docker complains that `--security-opt` is an invalid option, just remove it and re-execute the command (it was introduced in Docker 1.3). 94 | 95 | If everything went well, and if you created your container with the default ports, Kong should be listening on your host's `8000` ([proxy][kong-docs-proxy-port]), `8443` ([proxy SSL][kong-docs-proxy-ssl-port]) and `8001` ([admin api][kong-docs-admin-api-port]) ports. Port `7946` ([cluster][kong-docs-cluster-port]) is being used only by other Kong nodes. 96 | 97 | You can now read the docs at [getkong.org/docs][kong-docs-url] to learn more about Kong. 98 | 99 | ## 2. Use Kong with a custom configuration (and a custom Cassandra/PostgreSQL cluster) 100 | 101 | This container stores the [Kong configuration file](http://getkong.org/docs/latest/configuration/) in a [Data Volume][docker-data-volume]. You can store this file on your host (name it `kong.yml` and place it in a directory) and mount it as a volume by doing so: 102 | 103 | ```shell 104 | $ docker run -d \ 105 | -v /path/to/your/kong/configuration/directory/:/etc/kong/ \ 106 | -p 8000:8000 \ 107 | -p 8443:8443 \ 108 | -p 8001:8001 \ 109 | -p 7946:7946 \ 110 | -p 7946:7946/udp \ 111 | --security-opt seccomp:unconfined \ 112 | --name kong \ 113 | orangesys/alpine-kong:0.7.0 114 | ``` 115 | 116 | When attached this way you can edit your configuration file from your host machine and restart your container. You can also make the container point to a different Cassandra/PostgreSQL instance, so no need to link it to a Cassandra/PostgreSQL container. 117 | 118 | ## Reload Kong in a running container 119 | 120 | If you change your custom configuration, you can reload Kong (without downtime) by issuing: 121 | 122 | ```shell 123 | $ docker exec -it kong kong reload 124 | ``` 125 | 126 | This will run the [`kong reload`][kong-docs-reload] command in your container. 127 | 128 | # User Feedback 129 | 130 | ## Issues 131 | 132 | If you have any problems with or questions about this image, please contact us through a [GitHub issue][github-new-issue]. 133 | 134 | ## Contributing 135 | 136 | You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. 137 | 138 | Before you start to code, we recommend discussing your plans through a [GitHub issue][github-new-issue], especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. 139 | 140 | [kong-site-url]: http://getkong.org 141 | [kong-docs-url]: http://getkong.org/docs 142 | [kong-docs-proxy-port]: http://getkong.org/docs/latest/configuration/#proxy_port 143 | [kong-docs-proxy-ssl-port]: http://getkong.org/docs/latest/configuration/#proxy_listen_ssl 144 | [kong-docs-admin-api-port]: http://getkong.org/docs/latest/configuration/#admin_api_port 145 | [kong-docs-cluster-port]: http://getkong.org/docs/latest/configuration/#cluster_listen 146 | [kong-docs-reload]: http://getkong.org/docs/latest/cli/#reload 147 | 148 | [github-new-issue]: https://github.com/Mashape/docker-kong/issues/new 149 | [docker-data-volume]: https://docs.docker.com/userguide/dockervolumes/ 150 | --------------------------------------------------------------------------------