#!/bin/bash #=============================================================================== # Kong API Gateway 配置脚本 # # 配置所有微服务的路由规则 #=============================================================================== set -e KONG_ADMIN_URL="${KONG_ADMIN_URL:-http://localhost:8001}" echo "配置 Kong API Gateway..." # 等待 Kong 就绪 until curl -s "$KONG_ADMIN_URL" > /dev/null; do echo "等待 Kong Admin API..." sleep 2 done echo "Kong Admin API 就绪" #=============================================================================== # 创建服务 #=============================================================================== echo "创建服务..." # User Service curl -s -X POST "$KONG_ADMIN_URL/services" \ -d "name=user-service" \ -d "url=http://user-service:3001" || true # Payment Service curl -s -X POST "$KONG_ADMIN_URL/services" \ -d "name=payment-service" \ -d "url=http://payment-service:3002" || true # Knowledge Service curl -s -X POST "$KONG_ADMIN_URL/services" \ -d "name=knowledge-service" \ -d "url=http://knowledge-service:3003" || true # Conversation Service curl -s -X POST "$KONG_ADMIN_URL/services" \ -d "name=conversation-service" \ -d "url=http://conversation-service:3004" || true # Evolution Service curl -s -X POST "$KONG_ADMIN_URL/services" \ -d "name=evolution-service" \ -d "url=http://evolution-service:3005" || true #=============================================================================== # 创建路由 #=============================================================================== echo "创建路由..." # User Service 路由 curl -s -X POST "$KONG_ADMIN_URL/services/user-service/routes" \ -d "name=user-route" \ -d "paths[]=/v1/users" \ -d "paths[]=/v1/auth" \ -d "strip_path=false" || true # Payment Service 路由 curl -s -X POST "$KONG_ADMIN_URL/services/payment-service/routes" \ -d "name=payment-route" \ -d "paths[]=/v1/payments" \ -d "paths[]=/v1/balance" \ -d "strip_path=false" || true # Knowledge Service 路由 curl -s -X POST "$KONG_ADMIN_URL/services/knowledge-service/routes" \ -d "name=knowledge-route" \ -d "paths[]=/v1/knowledge" \ -d "strip_path=false" || true # Conversation Service 路由 curl -s -X POST "$KONG_ADMIN_URL/services/conversation-service/routes" \ -d "name=conversation-route" \ -d "paths[]=/v1/conversations" \ -d "strip_path=false" || true # Evolution Service 路由 (管理后台) curl -s -X POST "$KONG_ADMIN_URL/services/evolution-service/routes" \ -d "name=evolution-route" \ -d "paths[]=/v1/evolution" \ -d "paths[]=/v1/memory" \ -d "strip_path=false" || true # Admin 认证路由 curl -s -X POST "$KONG_ADMIN_URL/services/evolution-service/routes" \ -d "name=admin-auth-route" \ -d "paths[]=/v1/admin" \ -d "strip_path=false" || true #=============================================================================== # 配置插件 #=============================================================================== echo "配置插件..." # 全局限流 curl -s -X POST "$KONG_ADMIN_URL/plugins" \ -d "name=rate-limiting" \ -d "config.minute=100" \ -d "config.policy=local" || true # 全局 CORS curl -s -X POST "$KONG_ADMIN_URL/plugins" \ -d "name=cors" \ -d "config.origins=*" \ -d "config.methods=GET,POST,PUT,DELETE,OPTIONS,PATCH" \ -d "config.headers=Accept,Authorization,Content-Type,X-User-Id,X-Request-Id" \ -d "config.credentials=true" \ -d "config.max_age=3600" || true # 请求日志 curl -s -X POST "$KONG_ADMIN_URL/plugins" \ -d "name=file-log" \ -d "config.path=/tmp/kong-access.log" || true # IP 限制 (可选,针对敏感接口) # curl -s -X POST "$KONG_ADMIN_URL/services/evolution-service/plugins" \ # -d "name=ip-restriction" \ # -d "config.allow=127.0.0.1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" || true echo "" echo "Kong 配置完成!" echo "" echo "已配置的服务:" curl -s "$KONG_ADMIN_URL/services" | python3 -c "import sys,json; data=json.load(sys.stdin); print('\n'.join([' - ' + s['name'] for s in data.get('data',[])]))" 2>/dev/null || echo " (需要 python3 来格式化输出)" echo "" echo "已配置的路由:" curl -s "$KONG_ADMIN_URL/routes" | python3 -c "import sys,json; data=json.load(sys.stdin); print('\n'.join([' - ' + r['name'] + ': ' + ','.join(r.get('paths',[])) for r in data.get('data',[])]))" 2>/dev/null || echo " (需要 python3 来格式化输出)"