hailin
/
iconsulting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor(kong): use DB-less mode with declarative config 

- Remove kong-database, kong-migrations, kong-init services
- Use KONG_DATABASE=off with declarative config file
- Add kong/kong.yml with all services, routes, and plugins
- Remove kong_data volume (no longer needed)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
hailin 2026-01-09 19:36:06 -08:00
parent fd4f23accc
commit b4a84b76fc
3 changed files with 222 additions and 231 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
docker-compose.yml
View File

@ -81,65 +81,24 @@ services:
- iconsulting-network - iconsulting-network
#============================================================================= #=============================================================================
# Kong API 网关 # Kong API 网关 (DB-less 模式)
#============================================================================= #=============================================================================
kong-database:
image: postgres:15-alpine
container_name: iconsulting-kong-db
restart: unless-stopped
environment:
POSTGRES_USER: kong
POSTGRES_PASSWORD: kong
POSTGRES_DB: kong
volumes:
- kong_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U kong"]
interval: 10s
timeout: 5s
retries: 5
networks:
- iconsulting-network
kong-migrations:
image: kong:3.4
container_name: iconsulting-kong-migrations
command: kong migrations bootstrap
depends_on:
kong-database:
condition: service_healthy
environment:
KONG_DATABASE: postgres
KONG_PG_HOST: kong-database
KONG_PG_USER: kong
KONG_PG_PASSWORD: kong
KONG_PG_DATABASE: kong
networks:
- iconsulting-network
restart: on-failure
kong: kong:
image: kong:3.4 image: kong:3.4
container_name: iconsulting-kong container_name: iconsulting-kong
restart: unless-stopped restart: unless-stopped
depends_on:
kong-database:
condition: service_healthy
kong-migrations:
condition: service_completed_successfully
environment: environment:
KONG_DATABASE: postgres KONG_DATABASE: "off"
KONG_PG_HOST: kong-database KONG_DECLARATIVE_CONFIG: /etc/kong/kong.yml
KONG_PG_USER: kong
KONG_PG_PASSWORD: kong
KONG_PG_DATABASE: kong
KONG_PROXY_ACCESS_LOG: /dev/stdout KONG_PROXY_ACCESS_LOG: /dev/stdout
KONG_ADMIN_ACCESS_LOG: /dev/stdout KONG_ADMIN_ACCESS_LOG: /dev/stdout
KONG_PROXY_ERROR_LOG: /dev/stderr KONG_PROXY_ERROR_LOG: /dev/stderr
KONG_ADMIN_ERROR_LOG: /dev/stderr KONG_ADMIN_ERROR_LOG: /dev/stderr
KONG_ADMIN_LISTEN: 0.0.0.0:8001 KONG_ADMIN_LISTEN: 0.0.0.0:8001
KONG_PROXY_LISTEN: 0.0.0.0:8000, 0.0.0.0:8443 ssl KONG_PROXY_LISTEN: 0.0.0.0:8000, 0.0.0.0:8443 ssl
volumes:
- ./kong/kong.yml:/etc/kong/kong.yml:ro
ports: ports:
- "8000:8000" # Proxy - "8000:8000" # Proxy
- "8443:8443" # Proxy SSL - "8443:8443" # Proxy SSL
@ -152,22 +111,6 @@ services:
networks: networks:
- iconsulting-network - iconsulting-network
# Kong 配置初始化 - 使用统一的初始化脚本
kong-init:
image: curlimages/curl:latest
container_name: iconsulting-kong-init
depends_on:
kong:
condition: service_healthy
volumes:
- ./kong/init-kong.sh:/init-kong.sh:ro
environment:
KONG_ADMIN_URL: http://kong:8001
command: ["/bin/sh", "/init-kong.sh"]
networks:
- iconsulting-network
restart: on-failure:3
#============================================================================= #=============================================================================
# 后端微服务 # 后端微服务
#============================================================================= #=============================================================================
@ -375,5 +318,3 @@ volumes:
driver: local driver: local
neo4j_logs: neo4j_logs:
driver: local driver: local
kong_data:
driver: local

167
kong/init-kong.sh
View File

@ -1,167 +0,0 @@
#!/bin/sh
#===============================================================================
# Kong API Gateway 初始化脚本
#
# 配置所有微服务的路由和全局插件
# 此脚本可在容器内或主机上运行
#
# 用法:
# 在 Docker 容器内: KONG_ADMIN_URL=http://kong:8001 ./init-kong.sh
# 在主机上: KONG_ADMIN_URL=http://localhost:8001 ./init-kong.sh
#===============================================================================
set -e
KONG_ADMIN_URL="${KONG_ADMIN_URL:-http://kong:8001}"
echo "=============================================="
echo "Kong API Gateway Configuration"
echo "Admin URL: $KONG_ADMIN_URL"
echo "=============================================="
# 等待 Kong 就绪
echo ""
echo "Waiting for Kong to be ready..."
max_retries=30
retry_count=0
until curl -s "$KONG_ADMIN_URL/status" > /dev/null 2>&1; do
retry_count=$((retry_count + 1))
if [ $retry_count -ge $max_retries ]; then
echo "ERROR: Kong is not ready after $max_retries attempts"
exit 1
fi
echo " Attempt $retry_count/$max_retries - Kong is not ready yet..."
sleep 2
done
echo "Kong is ready!"
#===============================================================================
# 创建服务和路由
#===============================================================================
echo ""
echo "Configuring services and routes..."
# User Service - 用户认证和管理
echo " [1/5] user-service..."
curl -s -X PUT "$KONG_ADMIN_URL/services/user-service" \
-d url=http://user-service:3001 \
-d connect_timeout=60000 \
-d write_timeout=60000 \
-d read_timeout=60000 > /dev/null
curl -s -X PUT "$KONG_ADMIN_URL/services/user-service/routes/user-routes" \
-d "paths[]=/api/v1/users" \
-d "paths[]=/api/v1/auth" \
-d strip_path=false \
-d preserve_host=true > /dev/null
# Payment Service - 支付处理
echo " [2/5] payment-service..."
curl -s -X PUT "$KONG_ADMIN_URL/services/payment-service" \
-d url=http://payment-service:3002 \
-d connect_timeout=60000 \
-d write_timeout=60000 \
-d read_timeout=60000 > /dev/null
curl -s -X PUT "$KONG_ADMIN_URL/services/payment-service/routes/payment-routes" \
-d "paths[]=/api/v1/payments" \
-d "paths[]=/api/v1/subscriptions" \
-d strip_path=false \
-d preserve_host=true > /dev/null
# Knowledge Service - 知识库
echo " [3/5] knowledge-service..."
curl -s -X PUT "$KONG_ADMIN_URL/services/knowledge-service" \
-d url=http://knowledge-service:3003 \
-d connect_timeout=60000 \
-d write_timeout=60000 \
-d read_timeout=60000 > /dev/null
curl -s -X PUT "$KONG_ADMIN_URL/services/knowledge-service/routes/knowledge-routes" \
-d "paths[]=/api/v1/knowledge" \
-d strip_path=false \
-d preserve_host=true > /dev/null
# Conversation Service - 对话服务 (需要更长的超时)
echo " [4/5] conversation-service..."
curl -s -X PUT "$KONG_ADMIN_URL/services/conversation-service" \
-d url=http://conversation-service:3004 \
-d connect_timeout=60000 \
-d write_timeout=120000 \
-d read_timeout=120000 > /dev/null
curl -s -X PUT "$KONG_ADMIN_URL/services/conversation-service/routes/conversation-routes" \
-d "paths[]=/api/v1/conversations" \
-d "paths[]=/api/v1/messages" \
-d strip_path=false \
-d preserve_host=true > /dev/null
# Evolution Service - 进化服务
echo " [5/5] evolution-service..."
curl -s -X PUT "$KONG_ADMIN_URL/services/evolution-service" \
-d url=http://evolution-service:3005 \
-d connect_timeout=60000 \
-d write_timeout=60000 \
-d read_timeout=60000 > /dev/null
curl -s -X PUT "$KONG_ADMIN_URL/services/evolution-service/routes/evolution-routes" \
-d "paths[]=/api/v1/evolution" \
-d strip_path=false \
-d preserve_host=true > /dev/null
#===============================================================================
# 配置全局插件
#===============================================================================
echo ""
echo "Configuring global plugins..."
# 检查 CORS 插件是否已存在
cors_exists=$(curl -s "$KONG_ADMIN_URL/plugins" | grep -c '"name":"cors"' || true)
if [ "$cors_exists" = "0" ]; then
echo " Adding CORS plugin..."
curl -s -X POST "$KONG_ADMIN_URL/plugins" \
-d name=cors \
-d "config.origins[]=https://iconsulting.szaiai.com" \
-d "config.origins[]=http://localhost:5173" \
-d "config.origins[]=http://localhost:3000" \
-d "config.methods[]=GET" \
-d "config.methods[]=POST" \
-d "config.methods[]=PUT" \
-d "config.methods[]=PATCH" \
-d "config.methods[]=DELETE" \
-d "config.methods[]=OPTIONS" \
-d "config.headers[]=Accept" \
-d "config.headers[]=Accept-Version" \
-d "config.headers[]=Content-Type" \
-d "config.headers[]=Content-Length" \
-d "config.headers[]=Authorization" \
-d "config.headers[]=X-User-Id" \
-d "config.headers[]=X-Request-Id" \
-d "config.exposed_headers[]=X-Request-Id" \
-d config.credentials=true \
-d config.max_age=3600 > /dev/null
else
echo " CORS plugin already exists, skipping..."
fi
#===============================================================================
# 显示配置结果
#===============================================================================
echo ""
echo "=============================================="
echo "Kong configuration completed!"
echo "=============================================="
echo ""
echo "Services:"
curl -s "$KONG_ADMIN_URL/services" 2>/dev/null | \
grep -o '"name":"[^"]*"' | sed 's/"name":"//g; s/"//g' | \
while read name; do echo " - $name"; done
echo ""
echo "Routes:"
curl -s "$KONG_ADMIN_URL/routes" 2>/dev/null | \
grep -o '"name":"[^"]*"' | sed 's/"name":"//g; s/"//g' | \
while read name; do echo " - $name"; done
echo ""
echo "Plugins:"
curl -s "$KONG_ADMIN_URL/plugins" 2>/dev/null | \
grep -o '"name":"[^"]*"' | sed 's/"name":"//g; s/"//g' | \
while read name; do echo " - $name"; done
echo ""

217
kong/kong.yml Normal file
View File

@ -0,0 +1,217 @@
#===============================================================================
# Kong API Gateway 声明式配置
#
# 此文件定义所有服务、路由和插件配置
# 可用于 DB-less 模式或作为配置参考文档
#
# 服务架构:
# - user-service: 用户认证和管理 (3001)
# - payment-service: 支付处理 (3002)
# - knowledge-service: 知识库服务 (3003)
# - conversation-service: 对话服务 (3004)
# - evolution-service: 进化服务 (3005)
#
#===============================================================================
_format_version: "3.0"
_transform: true
#===============================================================================
# 服务和路由定义
#===============================================================================
services:
#-----------------------------------------------------------------------------
# User Service - 用户认证和管理
#-----------------------------------------------------------------------------
- name: user-service
url: http://user-service:3001
connect_timeout: 60000
write_timeout: 60000
read_timeout: 60000
retries: 3
routes:
- name: user-routes
paths:
- /api/v1/users
- /api/v1/auth
strip_path: false
preserve_host: true
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
#-----------------------------------------------------------------------------
# Payment Service - 支付处理
#-----------------------------------------------------------------------------
- name: payment-service
url: http://payment-service:3002
connect_timeout: 60000
write_timeout: 60000
read_timeout: 60000
retries: 3
routes:
- name: payment-routes
paths:
- /api/v1/payments
- /api/v1/subscriptions
strip_path: false
preserve_host: true
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
#-----------------------------------------------------------------------------
# Knowledge Service - 知识库服务
#-----------------------------------------------------------------------------
- name: knowledge-service
url: http://knowledge-service:3003
connect_timeout: 60000
write_timeout: 60000
read_timeout: 60000
retries: 3
routes:
- name: knowledge-routes
paths:
- /api/v1/knowledge
strip_path: false
preserve_host: true
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
#-----------------------------------------------------------------------------
# Conversation Service - 对话服务
# 注意: 需要更长的超时时间以支持 AI 流式响应
#-----------------------------------------------------------------------------
- name: conversation-service
url: http://conversation-service:3004
connect_timeout: 60000
write_timeout: 120000
read_timeout: 120000
retries: 2
routes:
- name: conversation-routes
paths:
- /api/v1/conversations
- /api/v1/messages
strip_path: false
preserve_host: true
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
#-----------------------------------------------------------------------------
# Evolution Service - 进化服务
#-----------------------------------------------------------------------------
- name: evolution-service
url: http://evolution-service:3005
connect_timeout: 60000
write_timeout: 60000
read_timeout: 60000
retries: 3
routes:
- name: evolution-routes
paths:
- /api/v1/evolution
strip_path: false
preserve_host: true
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
#===============================================================================
# 全局插件配置
#===============================================================================
plugins:
#-----------------------------------------------------------------------------
# CORS - 跨域资源共享
#-----------------------------------------------------------------------------
- name: cors
config:
origins:
- https://iconsulting.szaiai.com
- http://localhost:5173
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Content-Type
- Content-Length
- Authorization
- X-User-Id
- X-Request-Id
exposed_headers:
- X-Request-Id
credentials: true
max_age: 3600
preflight_continue: false
#-----------------------------------------------------------------------------
# Request Transformer - 添加请求头
#-----------------------------------------------------------------------------
# - name: request-transformer
# config:
# add:
# headers:
# - X-Kong-Proxy: "true"
#-----------------------------------------------------------------------------
# Rate Limiting - 请求限流 (可选)
#-----------------------------------------------------------------------------
# - name: rate-limiting
# config:
# minute: 100
# hour: 1000
# policy: local
# fault_tolerant: true
# hide_client_headers: false
#-----------------------------------------------------------------------------
# Request Size Limiting - 请求大小限制
#-----------------------------------------------------------------------------
# - name: request-size-limiting
# config:
# allowed_payload_size: 10
# size_unit: megabytes
#===============================================================================
# 消费者配置 (用于认证)
#===============================================================================
# consumers:
# - username: web-client
# keyauth_credentials:
# - key: your-api-key-here
# - username: admin-client
# keyauth_credentials:
# - key: your-admin-api-key-here