From 075b5e7d0bc6b1114d96288785d1e26ca5c5f9b8 Mon Sep 17 00:00:00 2001 From: lena-larionova Date: Tue, 17 Dec 2024 23:59:53 -0800 Subject: [PATCH] add env variables to konnect prereq; combine validation for rate limiting and proxy caching --- app/_how-tos/get-started-with-gateway.md | 64 +++++++-------------- app/_includes/how-tos/steps/ping-gateway.md | 27 +++++++++ app/_includes/prereqs/products/konnect.md | 16 ++++-- app/_landing_pages/gateway.yaml | 14 +---- 4 files changed, 62 insertions(+), 59 deletions(-) create mode 100644 app/_includes/how-tos/steps/ping-gateway.md diff --git a/app/_how-tos/get-started-with-gateway.md b/app/_how-tos/get-started-with-gateway.md index 3be018e55..8417f3b9f 100644 --- a/app/_how-tos/get-started-with-gateway.md +++ b/app/_how-tos/get-started-with-gateway.md @@ -63,19 +63,7 @@ cleanup: ## 1. Check that {{site.base_gateway}} is running -We'll be using decK for this tutorial, so let's check that {{site.base_gateway}} is running and that decK can access it: - -```sh -deck gateway ping -``` - -If everything is running, then you should get the following response: - -```sh -Successfully connected to Kong! -Kong version: 3.9.0.0 -``` -{:.no-copy-code} +{% include how-tos/steps/ping-gateway.md %} ## 2. Create a Service @@ -157,30 +145,14 @@ entities: In this example, you configured a limit of 5 requests per minute for all Routes, Services, and Consumers. -### Validate rate limiting - -After configuring rate limiting, you can verify that it was configured correctly and is working -by sending more requests than allowed in the configured time limit. - -[Sync your decK file](#apply-configuration) again, then run the following command to quickly send 6 mock requests: - -```sh -for _ in {1..6}; do curl -s -i localhost:8000/mock/anything; echo; sleep 1; done -``` - -After the 6th request, you should receive a 429 "API rate limit exceeded" error: -``` -{ - "message": "API rate limit exceeded" -} -``` +We'll validate that this worked in the next step, but first let's set up caching. ## 4. Enable caching One of the ways Kong delivers performance is through caching. The [Proxy Cache plugin](/plugins/proxy-cache/) accelerates performance by caching responses based on configurable response codes, content types, and request methods. -When caching is enabled, upstream Services are not bogged down with repetitive requests, +When caching is enabled, upstream services are not bogged down with repetitive requests, because {{site.base_gateway}} responds on their behalf with cached results. Let's enable the Proxy Cache plugin globally: @@ -196,7 +168,7 @@ entities: - 200 content_type: - application/json - cache_ttl: 5 + cache_ttl: 30 strategy: memory append_to_existing_section: true {% endentity_examples %} @@ -204,42 +176,48 @@ append_to_existing_section: true This configures a Proxy Cache plugin with the following attributes: * {{site.base_gateway}} will cache all `GET` requests that result in response codes of `200` * It will also cache responses with the `Content-Type` headers that *equal* `application/json` -* `cache_ttl` instructs the plugin to flush values after 5 seconds +* `cache_ttl` instructs the plugin to flush values after 30 seconds * `config.strategy=memory` specifies the backing data store for cached responses. More information on `strategy` can be found in the [parameter reference](/plugins/proxy-cache/reference/) for the Proxy Cache plugin. -### Validate proxy caching +### Validate proxy caching and rate limiting -You can check that the Proxy Cache plugin is working by sending `GET` requests and examining +You can check that the Rate Limiting and Proxy Cache plugins are working by sending `GET` requests and examining the returned headers. -[Sync your decK file](#apply-configuration), then make an initial request to the `/mock` Route. -The Proxy Cache plugin returns status -information headers prefixed with `X-Cache`, so you can use `grep` to filter for that information: +[Sync your decK file](#apply-configuration) again, then run the following command to quickly send 6 mock requests. +The Proxy Cache plugin returns status information headers prefixed with `X-Cache`, so you can use `grep` to filter for that information: -``` -curl -i -s -XGET http://localhost:8000/mock/anything | grep X-Cache +```sh +for _ in {1..6}; do curl -s -i localhost:8000/mock/anything; echo; sleep 1; done | grep -E 'X-Cache|HTTP/1.1' ``` On the initial request, there should be no cached responses, and the headers will indicate this with -`X-Cache-Status: Miss`. +`X-Cache-Status: Miss`: ``` +HTTP/1.1 200 OK X-Cache-Key: c9e1d4c8e5fd8209a5969eb3b0e85bc6 X-Cache-Status: Miss ``` {:.no-copy-code} -Within 5 seconds of the initial request, repeat the command to send an identical request. The -headers will indicate a cache `Hit`: +Subsequent responses will be cached and show `X-Cache-Status: Hit`: ``` +HTTP/1.1 200 OK X-Cache-Key: c9e1d4c8e5fd8209a5969eb3b0e85bc6 X-Cache-Status: Hit ``` {:.no-copy-code} +After the 6th request, you should receive a 429 error, which means your requests were rate limited according to the policy: +``` +HTTP/1.1 429 Too Many Requests +``` +{:.no-copy-code} + ## 5. Enable authentication Authentication is the process of verifying that the requester has permissions to access a resource. diff --git a/app/_includes/how-tos/steps/ping-gateway.md b/app/_includes/how-tos/steps/ping-gateway.md new file mode 100644 index 000000000..4a75c5232 --- /dev/null +++ b/app/_includes/how-tos/steps/ping-gateway.md @@ -0,0 +1,27 @@ +{% assign konnect_token = site.data.entity_examples.config.konnect_variables.pat.placeholder %} + +We'll be using decK for this tutorial, so let's check that {{site.base_gateway}} is running and that decK can access it: + +```sh +deck gateway ping +``` +{: data-deployment-topology="on-prem" } +```bash +deck gateway ping \ + --konnect-token ${{konnect_token}} \ + --konnect-control-plane-name $KONNECT_CP_NAME +``` +{: data-deployment-topology="konnect" } + +If everything is running, then you should get the following response: + +```sh +Successfully connected to Kong! +Kong version: 3.9.0.0 +``` +{: data-deployment-topology="on-prem" .no-copy-code} + +``` +Successfully Konnected to the Kong organization! +``` +{: data-deployment-topology="konnect" .no-copy-code} \ No newline at end of file diff --git a/app/_includes/prereqs/products/konnect.md b/app/_includes/prereqs/products/konnect.md index 7b4f422eb..6b02fa814 100644 --- a/app/_includes/prereqs/products/konnect.md +++ b/app/_includes/prereqs/products/konnect.md @@ -5,11 +5,19 @@ This is a Konnect tutorial. If you don't have a Konnect account, you can get started quickly with our [onboarding wizard](https://konghq.com/products/kong-konnect/register?utm_medium=referral&utm_source=docs). -The following Konnect items are required to complete this tutorial: +1. The following Konnect items are required to complete this tutorial: -* Personal access token (PAT): Create a new personal access token by opening the [Konnect PAT page](https://cloud.konghq.com/global/account/tokens) and selecting **Generate Token**. -* Control plane: You can use an existing control plane or [create a new one](https://cloud.konghq.com/us/gateway-manager/create-control-plane) to use for this tutorial. -* Control plane ID: You can see your control plane ID by selecting a control plane from the [Gateway Manager](https://cloud.konghq.com/us/gateway-manager/) in Konnect. + * Personal access token (PAT): Create a new personal access token by opening the [Konnect PAT page](https://cloud.konghq.com/global/account/tokens) and selecting **Generate Token**. + * Control Plane: You can use an existing Control Plane or [create a new one](https://cloud.konghq.com/us/gateway-manager/create-control-plane) to use for this tutorial. + * Control Plane ID: You can see your Control Plane ID by selecting a Control Plane from the [Gateway Manager](https://cloud.konghq.com/us/gateway-manager/) in Konnect. + * A Data Plane node running on `localhost:8000` (default): You can set up Data Plane nodes for your Control Plane from the [Gateway Manager](https://cloud.konghq.com/us/gateway-manager/) in Konnect. + +2. Set the personal access token and the Control Plane ID as environment variables: + + ```sh + export KONNECT_TOKEN=your-token + export KONNECT_CP_NAME=your-control-plane-name + ``` {% endcapture %} diff --git a/app/_landing_pages/gateway.yaml b/app/_landing_pages/gateway.yaml index d2aed3a77..4c3cd8a1f 100644 --- a/app/_landing_pages/gateway.yaml +++ b/app/_landing_pages/gateway.yaml @@ -55,25 +55,15 @@ rows: type: h2 text: "More ways to get started" columns: - - blocks: - - type: card - config: - title: Start with Konnect - description: Let Kong manage your control plane for you - icon: https://raw.githubusercontent.com/Kong/docs.konghq.com/4fe28d484696339fa19ced4230e72ecd1ff97bda/app/assets/images/icons/kong-gradient.svg - cta: - text: - url: https://docs.konghq.com/konnect/getting-started/ - align: end - blocks: - type: card config: title: Try out the Gateway with Docker - description: Using a local container, learn how to use core Gateway capabilities, including rate limiting, authentication, and load balancing + description: Learn how to use core Gateway capabilities, including rate limiting, caching, authentication, and load balancing icon: /assets/icons/graduation.svg cta: text: - url: https://docs.konghq.com/gateway/latest/get-started/ + url: /how-to/get-started-with-gateway/ align: end - blocks: - type: card