In the previous post, we have discussed about the API Gateway uses and detailed Kong API Gateway Installation process. We will proceed to register our API to KONG service and apply Kong plugins like Key Authentication and Rate-limiting on that API.

Lets break down the tutorial into two parts:

Part 1

  1. Set up the Flask API. Follow this repo.
  2. Register our Flask API as service in Kong.
  3. Register our endpoints of Flask API as routes in Kong.
  4. Create Consumers for our Kong service.

Part 2

  1. Apply Kong plugins on the services/routes/consumers.
    Detailed work on plugins are discussed in next part.

Set up the Flask API

We need an API to proceed further into the discussion. So, lets setup Flask API from this link. Steps needed to install are clearly mentioned in that git repo.

Else, you can proceed if you have an API without setting up the Flask API mentioned above.

http://localhost:5055 is the domain and port(service) and /api/v1/test1, /api/v1/test2 are the endpoints(routes) which are used to communicate with the Flask API.

Flask API with endpoints

Flask API with endpoints

Register our Flask API as service in Kong:

Kong restful framework makes our job easy for Administration purposes. One can check the registered services at http://localhost:8001/services

You can register our Flask API as service in Kong with the below query

curl -i -X POST \
--url http://localhost:8001/services/ \
--data 'name=testApi' \
--data 'url=http://localhost:5055'
Response: {“host”:”localhost”,”created_at”:1536467002,”connect_timeout”:60000,”id”:”d4079539–45d0–4798–96a8–6ac39d86b6cb”,”protocol”:”http”,”name”:”testApi”,”read_timeout”:60000,”port”:5055,”path”:null,”updated_at”:1536467002,”retries”:5,”write_timeout”:60000}

Service Registered

Service Registered


Register end points of Flask API as routes in KONG

We registered our Flask APIs domain and port as a service. The end points of Flask API are the key to communicate. So, lets register them as routes in Kong. One can check registered routes of the service at http://localhost:8001/routes

Register the route /api/v1/test1 to the service with the following query
curl -i -X POST \
--url http://localhost:8001/services/testApi/routes \
--data 'hosts[]=localhost' \
--data 'paths[]=/api/v1/test1' \
--data 'strip_path=false' \
--data 'methods[]=GET'

Response generated from the above query

Response generated from the above query

endpoint registered to the above service

endpoint registered to the above service

Same way, register the other endpoint too. Confirm the two endpoints here. Make sure that service id matches to their respective/routes.

Now our requests to API forwards through Kong Gateway at port 8000. since, Kong handles proxy requests on port :8000

Check our API response at 8000
curl -i -X GET \
--url http://localhost:8000/api/v1/test1 \
--header 'Host: localhost'
HTTP/1.1 200 OK

{"message":"first end point \"test1\" is called","status_code":200}

Create consumers for our service

Now we just registered our API to Kong. We will have consumers sending multiple requests to our Flask API when it goes to public. How can we set Security and control over API? It can be achieved by adding Kong plugins like Authentication and rate-limiting on services or routes. To test these Kong plugins, we need some consumers. We can register the consumers with username and id with the following query.

$ curl -X POST http://localhost:8001/consumers --data "username=consumer1" --data "custom_id=101"
$ curl -X POST http://localhost:8001/consumers --data "username=consumer2" --data "custom_id=102"

Consumers eager to access our service.

Consumers eager to access our service.

One can check registered consumers of the service(s)/route(s) at http://localhost:8001/consumers

Flask API registered to KONG service and follow this discussion about applying plugins like Key-Authentication and Rate-Limiting.

Installation of Kong has discussed in here.

Key Authentication and Rate Limiting plugins of Kong on Flask API