### Install and start demo app Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/mesh/deploy-mesh-on-konnect.md Install the demo application dependencies and start the application on its default port. This prepares the application for mesh integration. ```sh npm install --prefix=app/ npm start --prefix=app/ ``` -------------------------------- ### Clone Mockbin Repository and Setup Source: https://github.com/kong/developer.konghq.com/blob/main/app/insomnia/self-hosted-mocks.md Clone the mockbin repository, navigate into it, copy the sample environment file, install fnm (or nvm/n/volta), set the Node.js version, and install npm dependencies. ```bash git clone https://github.com/Kong/mockbin.git ./mockbin cd mockbin cp .env.sample .env brew install fnm fnm use npm install ``` -------------------------------- ### Start {{site.base_gateway}} with Trusted CA (On-Premises) Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/configure-mtls-for-http-log.md Start {{site.base_gateway}} using the quickstart script, mounting a CA certificate and configuring it as trusted for outbound TLS connections. This is for on-premises deployments. ```bash curl -Ls https://get.konghq.com/quickstart | bash -s -- \ -e KONG_LICENSE_DATA \ -v "$(pwd)/ca.crt:/etc/ssl/certs/ca.crt" \ -e KONG_LUA_SSL_TRUSTED_CERTIFICATE="/etc/ssl/certs/ca.crt, system" ``` -------------------------------- ### Set up Python Virtual Environment and Install Dependencies Source: https://github.com/kong/developer.konghq.com/blob/main/app/_cookbooks/voice-ai-observability.md Create and activate a Python virtual environment, then install necessary packages including OpenAI, OpenTelemetry, and httpx instrumentation. This setup is required for the demo script. ```bash python3 -m venv .venv source .venv/bin/activate pip install 'openai>=1.0.0' 'opentelemetry-api>=1.27.0' 'opentelemetry-sdk>=1.27.0' 'opentelemetry-exporter-otlp-proto-http>=1.27.0' 'opentelemetry-instrumentation-httpx>=0.48b0' ``` -------------------------------- ### Example plugin installation status output Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/operator/operator-dataplane-custom-plugins.md The expected JSON output when verifying the plugin installation status. ```json [ { "conditions": [ { "lastTransitionTime": "2024-10-09T19:39:39Z", "message": "plugin successfully saved in cluster as ConfigMap", "observedGeneration": 1, "reason": "Ready", "status": "True", "type": "Accepted" } ], "underlyingConfigMapName": "custom-plugin-myheader-hnzf9" } ] ``` -------------------------------- ### Download and install {{site.mesh_product_name}} Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/mesh/mesh-get-started-universal-3-kv.md Download the {{site.mesh_product_name}} installer script and execute it to install the binaries. ```bash curl --location https://developer.konghq.com/mesh/installer.sh | sh - ``` -------------------------------- ### Launch Kong Gateway Quickstart Source: https://github.com/kong/developer.konghq.com/blob/main/app/gateway/quickstart-reference.md Starts a local instance of Kong Gateway using Docker. Requires Docker to be running and the KONG_LICENSE_DATA environment variable to be set. ```sh curl -Ls https://get.konghq.com/quickstart | bash -s -- \ -e KONG_LICENSE_DATA ``` -------------------------------- ### Start Kong Gateway with Keyring Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/encrypt-sensitive-data-in-kong-gateway-with-keyring.md Launch the Kong Gateway container using the quickstart script and the configured environment variables. ```bash curl -Ls https://get.konghq.com/quickstart | bash -s -- -e KONG_LICENSE_DATA \ -e KONG_KEYRING_ENABLED \ -e KONG_KEYRING_STRATEGY \ -e KONG_KEYRING_RECOVERY_PUBLIC_KEY ``` -------------------------------- ### Launch AI Gateway Quickstart Source: https://github.com/kong/developer.konghq.com/blob/main/app/gateway/quickstart-reference.md Starts a demo instance of Kong Gateway configured with the AI Proxy plugin. Prompts for an AI provider API key during execution. ```sh curl -Ls https://get.konghq.com/ai | bash -s -- -e KONG_LICENSE_DATA ``` -------------------------------- ### Start Kong Gateway with Basic Auth Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/enable-basic-auth-on-kong-manager.md Use the quickstart script to launch Kong Gateway with RBAC and basic authentication enabled. ```bash curl -Ls get.konghq.com/quickstart | bash -s -- -e "KONG_LICENSE_DATA" \ -e "KONG_ENFORCE_RBAC=on" \ -e "KONG_ADMIN_GUI_AUTH=basic-auth" \ -e "KONG_PASSWORD=kong" \ -e 'KONG_ADMIN_GUI_SESSION_CONF={"secret":"kong"}' ``` -------------------------------- ### HTTP Request Examples Source: https://github.com/kong/developer.konghq.com/blob/main/app/gateway/routing/traditional.md Illustrates example HTTP requests that would match a route configured with GET and HEAD methods. ```http GET / HTTP/1.1 Host: ... ``` ```http HEAD /resource HTTP/1.1 Host: ... ``` -------------------------------- ### Verify plugin installation Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/custom-plugins/plugin-dev-add-plugin-testing.md Commands to run migrations, start the gateway, and verify the plugin via the Admin API. ```sh kms ``` ```sh curl -s localhost:8001 | \ jq '.plugins.available_on_server."my-plugin"' ``` ```json { "priority": 1000, "version": "0.0.1" } ``` -------------------------------- ### Start {{site.base_gateway}} with Trusted CA (Konnect) Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/configure-mtls-for-http-log.md Start {{site.base_gateway}} using the quickstart script with a Konnect token, mounting a CA certificate and configuring it as trusted for outbound TLS connections. This is for Konnect deployments. ```bash curl -Ls https://get.konghq.com/quickstart | bash -s -- -k $KONNECT_TOKEN \ -v "$(pwd)/ca.crt:/etc/ssl/certs/ca.crt" \ -e KONG_LUA_SSL_TRUSTED_CERTIFICATE="/etc/ssl/certs/ca.crt, system" \ --deck-output ``` -------------------------------- ### Example `runtimes.yaml` Structure Source: https://github.com/kong/developer.konghq.com/blob/main/tools/automated-tests/README.md Defines runtime configurations for different deployment models and products, including version-specific environment variables, setup, cleanup, and reset commands. ```yaml on-prem: gateway: versions: ... env: ... setup: ... cleanup: ... reset: ... ai-gateway: versions: ... env: ... setup: ... cleanup: ... reset: ... operator: setup: ... cleanup: ... reset: ... konnect: gateway: setup: ... cleanup: ... reset: ... event-gateway: setup: ... cleanup: ... reset: ... ``` -------------------------------- ### Install kongctl with Installation Script Source: https://github.com/kong/developer.konghq.com/blob/main/app/_includes/tools/kongctl/install/linux.md Use this command to automatically download, verify, and install the kongctl binary. Ensure the installation directory is in your PATH. ```bash curl -fsSL https://get.konghq.com/kongctl | sh ``` -------------------------------- ### Start Mock API Server Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/mcp/aggregate-mcp-tools.md Download and start a mock Express-based API server for testing. This API simulates a small marketplace with user and order endpoints. Verify it's running by sending a GET request to http://localhost:3000. ```sh curl -s -o api.js "https://gist.githubusercontent.com/subnetmarco/5ddb23876f9ce7165df17f9216f75cce/raw/a44a947d69e6f597465050cc595b6abf4db2fbea/api.js" npm install express node api.js ``` ```sh curl -X GET http://localhost:3000 ``` ```text {"name":"Sample Users API"}% ``` -------------------------------- ### Initialize Declarative Configuration Source: https://github.com/kong/developer.konghq.com/blob/main/app/gateway/db-less-mode.md Use the `kong config init` command to generate a `kong.yml` file containing example {{site.base_gateway}} entity definitions. This file serves as the starting point for managing your configuration declaratively. ```bash kong config init ``` -------------------------------- ### Install {{site.operator_product_name}} Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/operator/operator-get-started-dev-portal-1-install.md Installs the {{site.operator_product_name}} using Helm. This command assumes you have Helm installed and configured. ```bash {% include prereqs/products/operator.md raw=true v_maj=2 %} ``` -------------------------------- ### Port Mapping Example Source: https://github.com/kong/developer.konghq.com/blob/main/app/event-gateway/architecture.md Illustrates how to map proxy ports to Kafka broker ports. This method is easier for getting started but not recommended for production due to limited flexibility. ```text 10.0.0.1:9092 → kafka1:9092 (bootstrap port) 10.0.0.1:9093 → kafka1:9092 10.0.0.1:9094 → kafka2:9092 10.0.0.1:9095 → kafka3:9092 ``` -------------------------------- ### Install {{site.kic_product_name}} with Helm Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/mesh/use-kong-as-delegated-gateway.md Installs the Kong Ingress Controller using Helm into the `kong` namespace. Ensure Helm is installed and configured. ```sh helm install kong kong/ingress -n kong --create-namespace ``` -------------------------------- ### Deploy example service Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/operator/operator-dataplane-custom-plugins.md Apply the example service configuration to the cluster. ```bash kubectl apply -f {{site.links.web}}/assets/kubernetes-ingress-controller/examples/echo-service.yaml ``` -------------------------------- ### Run Quickstart with RBAC Source: https://github.com/kong/developer.konghq.com/blob/main/app/_includes/prereqs/products/gateway.md Execute the quickstart script with specific environment variables to enable RBAC and basic authentication. ```bash curl -Ls get.konghq.com/quickstart | bash -s -- -e "KONG_LICENSE_DATA" \ -e "KONG_ENFORCE_RBAC=on" \ -e "KONG_ADMIN_GUI_AUTH=basic-auth" \ -e "KONG_PASSWORD=kong" \ -e 'KONG_ADMIN_GUI_SESSION_CONF={"secret":"kong", "cookie_lifetime":300000, "cookie_renew":200000, "cookie_name":"kong_cookie", "cookie_secure":false, "cookie_samesite": "off"}' ``` -------------------------------- ### Install a Kongctl Extension Source: https://github.com/kong/developer.konghq.com/blob/main/app/_includes/kongctl/help/install/index.md Use this command to install a kongctl CLI extension. No special setup is required beyond having kongctl installed. ```bash kongctl install extension ``` -------------------------------- ### Run Quickstart Script Source: https://github.com/kong/developer.konghq.com/blob/main/app/_includes/prereqs/products/gateway.md Execute the quickstart script to deploy Kong Gateway with an enterprise license. ```bash curl -Ls https://get.konghq.com/quickstart | bash -s -- -e KONG_LICENSE_DATA {% if include.env_variables %}\{% endif %}{% for variable in include.env_variables %} -e {{variable.name}}{% if variable.value %}={{variable.value}}{% endif %}{% unless forloop.last %} \{% endunless %}{% endfor %} ``` -------------------------------- ### Start and verify Kong Gateway Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/configure-datastore.md Start the Kong service and verify the installation via the Admin API. ```sh sudo -E kong start ``` ```sh curl -i http://localhost:8001 ``` -------------------------------- ### Start Ollama Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/ai-gateway/compare-llm-models-accuracy.md Starts an Ollama Docker container. Ensure Ollama is installed and running locally before executing this command. ```bash docker run -d -v ollama:/root/.ollama -p 11434:11434 --name ollama ollama/ollama ``` -------------------------------- ### Set up Python environment and install dependencies Source: https://github.com/kong/developer.konghq.com/blob/main/app/_cookbooks/basic-llm-routing.md Create a virtual environment and install the necessary Python packages for the demo script. This ensures compatibility with Python 3.11+. ```bash python3 -m venv .venv source .venv/bin/activate pip install 'openai>=1.0.0' ``` -------------------------------- ### Install Observability Stack with kumactl Source: https://github.com/kong/developer.konghq.com/blob/main/app/mesh/observability.md Installs the built-in observability stack for {{site.mesh_product_name}} on Kubernetes. This setup is intended for testing purposes. ```sh kumactl install observability | kubectl apply -f - ``` -------------------------------- ### Confirm Transparent Proxy Installation Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/mesh/mesh-get-started-universal-4-demo-app.md Checks the last line of the installation log to confirm that the transparent proxy setup completed successfully. This is a verification step after running the installation command. ```sh tail -n1 /demo/logs-transparent-proxy-install-demo-app.log ``` -------------------------------- ### Install Dependencies and Run Locally Source: https://github.com/kong/developer.konghq.com/blob/main/README.md Installs project dependencies, sets up the environment file, and builds the site while watching for changes. Ensure the VITE_PORTAL_API_URL is set in your .env file. ```bash make install cp .env.example .env make run ``` -------------------------------- ### Example Event for KongConfigurationApplyFailed Source: https://github.com/kong/developer.konghq.com/blob/main/app/kubernetes-ingress-controller/observability/events.md This is an example of the output from `kubectl get events`. It shows a `KongConfigurationApplyFailed` event for an Ingress, detailing the invalid configuration. ```text NAMESPACE LAST SEEN TYPE REASON OBJECT MESSAGE default 35m Warning KongConfigurationApplyFailed ingress/httpbin invalid methods: cannot set 'methods' when 'protocols' is 'grpc' or 'grpcs' ``` -------------------------------- ### Get Request Start Time Source: https://github.com/kong/developer.konghq.com/blob/main/app/_references/gateway/pdk/reference/3.15/kong.request.md Retrieve the request start time in Unix epoch milliseconds. This function can be used in multiple request phases. ```lua kong.request.get_start_time() -- 1649960273000 ``` -------------------------------- ### Get KonnectGatewayControlPlane Status Source: https://github.com/kong/developer.konghq.com/blob/main/app/operator/migrate/konnectextension-konnectid-to-konnectgatewaycontrolplane.md Example output showing a successfully reconciled KonnectGatewayControlPlane. ```text NAME PROGRAMMED ID ORGID gateway-control-plane True 6f7c4caa-XXXX-XXXX-XXXX-XXXXXXXXXXXX 82dc54ec-XXXX-XXXX-XXXX-XXXXXXXXXXXX ``` -------------------------------- ### Create values.yaml for KIC Installation Source: https://github.com/kong/developer.konghq.com/blob/main/app/_includes/prereqs/products/kic.md Generates a `values.yaml` file for Helm to customize the KIC installation. This example includes configurations for Konnect, gateway settings, and license integration. ```yaml cat < values.yaml controller: ingressController: image: tag: "3.5" env: feature_gates: "FillIDs=true" konnect: license: enabled: true enabled: true controlPlaneID: "$CONTROL_PLANE_ID" tlsClientCertSecretName: konnect-client-tls apiHostname: "us.kic.api.konghq.com" gateway: image: repository: kong{% if prereqs.enterprise %}/kong-gateway{% endif %} tag: "{% if prereqs.enterprise %}{{site.data.gateway_latest.release}}{% else %}{{ site.latest_gateway_oss_version }}{% endif %}"{% if prereqs.kubernetes.gateway_env or is_konnect or use_kong_license %} env:{% for env in prereqs.kubernetes.gateway_env %} {{ env[0] }}: '{{ env[1] }}'{% endfor %}{% endif %}{% if use_kong_license %} LICENSE_DATA: valueFrom: secretKeyRef: name: kong-enterprise-license key: license{% endif %}{% if is_konnect %} konnect_mode: 'on' vitals: "off" cluster_mtls: pki cluster_telemetry_endpoint: "$CONTROL_PLANE_TELEMETRY:443" cluster_telemetry_server_name: "$CONTROL_PLANE_TELEMETRY" cluster_cert: /etc/secrets/konnect-client-tls/tls.crt cluster_cert_key: /etc/secrets/konnect-client-tls/tls.key lua_ssl_trusted_certificate: system proxy_access_log: "off" dns_stale_ttl: "3600" secretVolumes: - konnect-client-tls{% endif %}{% if prereqs.kubernetes.gateway_custom_env %} customEnv:{% for env in prereqs.kubernetes.gateway_custom_env %} {{ env[0] }}: '{{ env[1] }}'{% endfor %}{% endif %} EOF ``` -------------------------------- ### Initialize Plugin Directory Source: https://github.com/kong/developer.konghq.com/blob/main/app/custom-plugins/javascript.md Navigate to the plugin directory and install local dependencies. ```sh cd /usr/local/kong/js-plugins/ npm install ``` -------------------------------- ### Access DeGraphQL Route with GET Arguments Source: https://github.com/kong/developer.konghq.com/blob/main/app/_kong_plugins/degraphql/index.md Example of how to access a DeGraphQL route configured with GET arguments using curl. Query variables are appended to the request URL. ```bash curl "http://localhost:8000/api/repo?owner=kong&name=kuma" \ --header "Authorization: Bearer $GITHUB_TOKEN" ``` -------------------------------- ### Example response with a set variable Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/insomnia/write-pre-request-scripts.md This is an example JSON response received after sending a GET request to an endpoint that uses the `flightNumber` environment variable set by a pre-request script. ```json { "number": "KA0285", "route_id": "LHR-SFO", "scheduled_arrival": "2024-04-03T11:10:00Z", "scheduled_departure": "2024-04-03T22:15:00Z" } ``` -------------------------------- ### Create an example Service Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/gateway-hybrid-setup.md Create a test Service named `example-service` that points to `http://httpbin.konghq.com`. This is done by sending a POST request to the Control Plane's Admin API. ```bash curl -i -X POST http://localhost:8001/services/ \ --header "Accept: application/json" \ --header "Content-Type: application/json" \ --data '{ "name": "example-service", "url": "http://httpbin.konghq.com" }' ``` -------------------------------- ### Example: Caching API Key Credentials Source: https://github.com/kong/developer.konghq.com/blob/main/app/custom-plugins/daos.lua.md This example demonstrates how to use `kong.cache:get` to cache API key credentials, reducing the need for repeated data store lookups. ```APIDOC ## Example: Caching API Key Credentials ### Description This example shows how to retrieve an API key credential from the cache or load it from the data store if it's not found, then cache it for future requests. ### `handler.lua` Snippet ```lua local CustomHandler = { VERSION = "1.0.0", PRIORITY = 10, } local kong = kong local function load_credential(key) local credential, err = kong.db.keyauth_credentials:select_by_key(key) if not credential then return nil, err end return credential end function CustomHandler:access(config) -- retrieve the apikey from the request querystring local key = kong.request.get_query_arg("apikey") local credential_cache_key = kong.db.keyauth_credentials:cache_key(key) -- We are using cache.get to first check if the apikey has been already -- stored into the in-memory cache. If it's not, then we lookup the datastore -- and return the credential object. Internally cache.get will save the value -- in-memory, and then return the credential. local credential, err = kong.cache:get(credential_cache_key, nil, load_credential, credential_cache_key) if err then kong.log.err(err) return kong.response.exit(500, { message = "Unexpected error" }) end if not credential then -- no credentials in cache nor datastore return kong.response.exit(401, { message = "Invalid authentication credentials" }) end -- ... rest of the access logic ... end return CustomHandler ``` ``` -------------------------------- ### Enable OIDC via Docker Quickstart Source: https://github.com/kong/developer.konghq.com/blob/main/app/gateway/kong-manager/openid-connect.md Use the quickstart script to deploy Kong with RBAC and OpenID Connect authentication enabled. ```bash curl -Ls get.konghq.com/quickstart | bash -s -- \ -e "KONG_LICENSE_DATA" \ -e "KONG_ENFORCE_RBAC=on" \ -e "KONG_PASSWORD=kong" \ -e "KONG_ADMIN_GUI_AUTH=openid-connect" \ -e 'KONG_ADMIN_GUI_AUTH_CONF={ "issuer": "ISSUER_URL", "client_id": ["YOUR_CLIENT_ID"], "client_secret": ["YOUR_CLIENT_SECRET"],"authenticated_groups_claim": ["groups"], "redirect_uri": ["http://localhost:8001/auth"], "login_redirect_uri": ["http://localhost:8002"], "logout_redirect_uri": ["http://localhost:8002"], "scopes": ["openid","profile","email","offline_access"], "authorization_endpoint": "http://localhost:8080" }' ``` -------------------------------- ### Run Konnect Quickstart Script Source: https://github.com/kong/developer.konghq.com/blob/main/app/_includes/prereqs/products/konnect.md Use the quickstart script to provision a Konnect Control Plane and Data Plane, and configure your environment. This script requires your Konnect PAT. ```bash curl -Ls https://get.konghq.com/quickstart | bash -s -- -k $KONNECT_TOKEN {% for variable in include.env_variables %} -e {{ variable.name }}{% if variable.value %}={{ variable.value }}{% endif %}{% endfor %}{% if include.ports %} {% for port in include.ports %} -p {{ port }}{% endfor %} {% endif %} --deck-output ``` -------------------------------- ### Example API Endpoint Call Source: https://github.com/kong/developer.konghq.com/blob/main/docs/support/TEMPLATE.md This snippet shows a basic example of how to make a POST request to a local API endpoint using curl. Ensure the endpoint and port are correct for your setup. ```bash curl -X POST http://localhost:8001/endpoint ``` -------------------------------- ### kongctl install skills help Source: https://github.com/kong/developer.konghq.com/blob/main/app/kongctl/install/skills.md Displays help information for the `kongctl install skills` command. ```bash kongctl install skills --help ``` -------------------------------- ### Example Kong Configuration Source: https://github.com/kong/developer.konghq.com/blob/main/app/deck/file/kong2tf.md This is a comprehensive example of a Kong configuration, including services, routes, plugins, and upstreams with health checks. It shows how to define various components of an API gateway setup. ```yaml username: null redis_database: 0 redis_host: null redis_password: null redis_port: 6379 redis_server_name: null redis_ssl: false redis_ssl_verify: false redis_timeout: 2000 redis_username: null second: null sync_rate: -1 year: null enabled: true id: bf7626c4-8383-4cda-b3f3-80fa75bd2121 name: rate-limiting protocols: - grpc - grpcs - http - https username: alice - custom_id: bob456 id: b2e8673d-8ed5-49cf-be9c-b3c93640c7a6 tags: - bob username: bob plugins: - config: anonymous: null hide_credentials: false key_in_body: false key_in_header: true key_in_query: true key_names: - apikey-global realm: null run_on_preflight: true enabled: true id: 600c38c5-da4b-4ec5-b3b8-70fc279a6503 name: key-auth protocols: - grpc - grpcs - http - https - ws - wss - config: anonymous: null hide_credentials: false key_in_body: false key_in_header: true key_in_query: true key_names: - apikey-in-route realm: null run_on_preflight: true enabled: true id: efa261d5-7978-4c8f-84e5-c6b0387ba37c name: key-auth protocols: - grpc - grpcs - http - https - ws - wss route: route-in-service service: httpbin routes: - https_redirect_status_code: 426 id: 7a8141cc-aade-49b2-a6c0-a95b624c1b6f name: route-standalone path_handling: v0 paths: - "/" preserve_host: false protocols: - http - https regex_priority: 0 request_buffering: true response_buffering: true strip_path: true services: - connect_timeout: 60000 enabled: true host: httpbin.konghq.com id: 0cc39546-f5c9-4aae-898c-c63ef5b4a33b name: httpbin plugins: - config: anonymous: null hide_credentials: false key_in_body: false key_in_header: true key_in_query: true key_names: - apikey-service realm: null run_on_preflight: true enabled: true id: 44a6f30a-23d6-4522-9ce8-f56243a054e3 name: key-auth protocols: - grpc - grpcs - http - https - ws - wss port: 443 protocol: https read_timeout: 60000 retries: 5 routes: - https_redirect_status_code: 426 id: 9ac61ee8-4de7-4d75-82af-b7624ec5fb33 name: route-in-service path_handling: v0 paths: - "/" preserve_host: false protocols: - http - https regex_priority: 0 request_buffering: true response_buffering: true strip_path: true write_timeout: 60000 upstreams: - algorithm: round-robin hash_fallback: none hash_on: none hash_on_cookie_path: "/" healthchecks: active: concurrency: 10 healthy: http_statuses: - 200 - 302 interval: 0 successes: 0 http_path: "/" https_verify_certificate: true timeout: 1 type: http unhealthy: http_failures: 0 http_statuses: - 429 - 404 - 500 - 501 - 502 - 503 - 504 - 505 interval: 0 tcp_failures: 0 timeouts: 0 passive: healthy: http_statuses: - 200 - 201 - 202 - 203 - 204 - 205 - 206 - 207 - 208 - 226 - 300 - 301 - 302 - 303 - 304 - 305 - 306 - 307 - 308 successes: 0 type: http unhealthy: http_failures: 0 http_statuses: - 429 - 500 - 503 tcp_failures: 0 timeouts: 0 threshold: 0 id: d8432ca0-b6c5-4c82-bad8-924c56fb2d04 name: my-upstream slots: 10000 targets: - id: eca40df5-a499-4611-86e8-b377d1b3acdb target: a.example.com:443 weight: 100 - id: 69f683b9-796f-4117-8461-7bc0a21e5d53 target: b.example.com:443 weight: 100 use_srv_name: false vaults: - config: prefix: none id: 5370372e-9bab-47c9-a8de-b6af35cfb170 name: env prefix: my-env-vault ``` -------------------------------- ### Run Kong Quickstart Script Source: https://github.com/kong/developer.konghq.com/blob/main/app/_cookbooks/llm-cost-optimization.md Execute the quickstart script to provision a Konnect Control Plane and local Data Plane. Ensure your Konnect token and desired Control Plane name are exported. ```bash export KONNECT_CONTROL_PLANE_NAME='llm-cost-optimization-recipe' curl -Ls https://get.konghq.com/quickstart | \ bash -s -- -k $KONNECT_TOKEN \ -e KONG_NGINX_WORKER_PROCESSES=1 \ --deck-output ``` -------------------------------- ### Create an example Route Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/gateway-hybrid-setup.md Create a Route named `example-route` that matches requests to the `/mock` path and associates it with the `example-service`. This is configured via a POST request to the Control Plane's Admin API. ```bash curl -i -X POST http://localhost:8001/services/example-service/routes/ \ --header "Accept: application/json" \ --header "Content-Type: application/json" \ --data '{ "name": "example-route", "paths": [ "/mock" ] }' ``` -------------------------------- ### Install {{site.mesh_product_name}} Binaries Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/mesh/mesh-get-started-universal-1-install.md Download and install the {{site.mesh_product_name}} binaries. Ensure you specify the desired version. ```sh curl -L https://developer.konghq.com/mesh/installer.sh | VERSION={{site.data.mesh_latest.version}} sh - ``` -------------------------------- ### Get KonnectExtension Status Source: https://github.com/kong/developer.konghq.com/blob/main/app/operator/migrate/konnectextension-konnectid-to-konnectgatewaycontrolplane.md Example output showing both old and new KonnectExtensions listed, with the new one ready. ```text NAME READY my-konnect-config True my-konnect-config-1 True ``` -------------------------------- ### GET /status Source: https://github.com/kong/developer.konghq.com/blob/main/app/_kong_plugins/ai-prompt-compressor/index.md Returns information about the currently loaded LLMLingua model and device settings (for example, CPU or GPU). ```APIDOC ## GET /status ### Description Returns information about the currently loaded LLMLingua model and device settings (for example, CPU or GPU). ### Method GET ### Endpoint /status ### Response #### Success Response (200) - **model_name** (string) - The name of the loaded LLMLingua model. - **device** (string) - The device being used for compression (e.g., "cpu", "cuda"). - **version** (string) - The version of the LLMLingua model. #### Response Example ```json { "model_name": "llmlingua-13b", "device": "cuda", "version": "1.2.0" } ``` ``` -------------------------------- ### Create example service and route Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/configure-mtls-for-http-log.md Define an example service named 'example-service' with a URL and an associated route named 'example-route' that matches the '/anything' path. ```yaml entities: services: - name: example-service url: https://httpbin.konghq.com routes: - name: example-route paths: - /anything ``` -------------------------------- ### Initialize the database with migrations Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/store-the-gateway-database-credentials-with-aws-secrets-manager.md Run the bootstrap migration command to prepare the database schema. ```sh docker run --rm \ --network=kong-net \ -e "KONG_DATABASE=postgres" \ -e "KONG_PG_HOST=kong-database" \ -e KONG_PG_USER \ -e KONG_PG_PASSWORD \ kong/kong-gateway:latest kong migrations bootstrap ``` -------------------------------- ### Quickstart Script Parameters Source: https://github.com/kong/developer.konghq.com/blob/main/app/gateway/quickstart-reference.md Various flags and parameters to customize the quickstart script execution. ```sh curl -Ls https://get.konghq.com/quickstart | bash -s -- -h ``` ```sh curl -Ls https://get.konghq.com/quickstart | bash -s -- \ -e KONG_LICENSE_DATA \ -D ``` ```sh curl -Ls https://get.konghq.com/quickstart | bash -s -- \ -e KONG_LICENSE_DATA \ -m ``` ```sh curl -Ls https://get.konghq.com/quickstart | bash -s -- \ -e KONG_LICENSE_DATA \ -e KONG_ENFORCE_RBAC=on ``` ```sh curl -Ls https://get.konghq.com/quickstart | bash -s -- \ -e KONG_LICENSE_DATA \ -e AZURE_CLIENT_SECRET ``` -------------------------------- ### API Usage with HMAC Authentication Source: https://github.com/kong/developer.konghq.com/blob/main/app/_kong_plugins/hmac-auth/index.md Examples of `GET` requests to API endpoints for managing HMAC credentials associated with Consumers. ```APIDOC ## Use the API with the HMAC Authentication plugin The following table describes how you can send `GET` requests to the API endpoints to get information about Consumers associated with the HMAC Authentication plugin: ### Paginate through `hmac-auth` credentials - **Endpoint:** `/hmac-auths` - **Description:** Retrieve a paginated list of all HMAC credentials for all Consumers. ### Filter `hmac-auth` credentials by Consumer - **Endpoint:** `/consumers/{usernameOrId}/hmac-auth` - **Description:** Retrieve HMAC credentials filtered by a specific Consumer. ### Retrieve Consumer associated with an HMAC credential - **Endpoint:** `/hmac-auths/{hmacUsernameOrId}/consumer` - **Description:** Get the Consumer details associated with a specific HMAC credential. ``` -------------------------------- ### Run OPA local server Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/block-unauthorized-requests-with-opa.md Starts a local OPA server for testing policies. Ensure OPA is installed first. ```sh opa run -s ``` -------------------------------- ### Enable RBAC via Quickstart Source: https://github.com/kong/developer.konghq.com/blob/main/app/_gateway_entities/rbac.md Uses a shell script to initialize a Kong Gateway instance with RBAC enforced, basic authentication, and session configuration. ```bash curl -Ls get.konghq.com/quickstart | bash -s -- -e "KONG_LICENSE_DATA" \ -e "KONG_ENFORCE_RBAC=on" \ -e "KONG_ADMIN_GUI_AUTH=basic-auth" \ -e "KONG_PASSWORD=kong" \ -e 'KONG_ADMIN_GUI_SESSION_CONF={"secret":"kong", "cookie_lifetime":300000, "cookie_renew":200000, "cookie_name":"kong_cookie", "cookie_secure":false, "cookie_samesite": "off"}' ``` -------------------------------- ### Create a sample Protobuf definition Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/use-grpc-web.md Use this command to create a Protobuf file for gRPC services. This example defines a 'HelloService' with various RPC methods. ```sh echo 'syntax = "proto2"; package hello; service HelloService { rpc SayHello(HelloRequest) returns (HelloResponse); rpc LotsOfReplies(HelloRequest) returns (stream HelloResponse); rpc LotsOfGreetings(stream HelloRequest) returns (HelloResponse); rpc BidiHello(stream HelloRequest) returns (stream HelloResponse); } message HelloRequest { optional string greeting = 1; } message HelloResponse { required string reply = 1; } ' > hello.proto ``` -------------------------------- ### Validate Key Authentication Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/dev-portal/enable-key-auth-for-dev-portal.md Send a GET request to the example-route with your key auth credentials in the 'apikey' header to validate the setup. ```yaml url: /anything method: GET status_code: 200 headers: - "apikey: $CREDENTIALS" display_headers: true ``` -------------------------------- ### Provision Event Gateway data plane Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/event-gateway/configure-sasl-plain-backend-cluster-auth.md Runs the quickstart script to provision the local data plane. ```bash curl -Ls https://get.konghq.com/event-gateway | bash -s -- -k $KONNECT_TOKEN -N kafka_event_gateway ``` -------------------------------- ### Provision Konnect Control Plane and Data Plane Source: https://github.com/kong/developer.konghq.com/blob/main/app/_cookbooks/model-based-routing.md Use the quickstart script to provision a Konnect Control Plane and a local Data Plane. Ensure your Konnect PAT is exported. ```bash export KONNECT_CONTROL_PLANE_NAME='model-based-routing-recipe' curl -Ls https://get.konghq.com/quickstart | bash -s -- -k $KONNECT_TOKEN --deck-output ``` -------------------------------- ### Example event output Source: https://github.com/kong/developer.konghq.com/blob/main/app/kubernetes-ingress-controller/fallback-configuration.md Sample output showing a successful fallback configuration event. ```text NAMESPACE LAST SEEN TYPE REASON OBJECT MESSAGE kong 4m26s Normal FallbackKongConfigurationSucceeded pod/kong-controller-7f4fd47bb7-zdktb successfully applied fallback Kong configuration to https://192.168.194.11:8444 ``` -------------------------------- ### Validate Outbound DNS Resolver Configuration Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/dedicated-cloud-gateways/outbound-dns-resolver.md After configuring the resolver, validate the setup by issuing a GET request to the private-dns endpoint. This confirms that the configuration has been applied successfully. ```APIDOC ## GET /v2/cloud-gateways/networks/$KONNECT_NETWORK_ID/private-dns ### Description Retrieves the list of private DNS configurations for a network. ### Method GET ### Endpoint /v2/cloud-gateways/networks/$KONNECT_NETWORK_ID/private-dns ### Response #### Success Response (200) - **id** (string) - The ID of the private DNS configuration. - **name** (string) - The name of the private DNS configuration. - **private_dns_attachment_config** (object) - The configuration details of the private DNS attachment. ``` -------------------------------- ### Create a sample Protobuf definition Source: https://github.com/kong/developer.konghq.com/blob/main/app/_how-tos/gateway/use-grpc-gateway.md Generates a hello-gateway.proto file with HTTP bindings for a gRPC service. ```sh echo 'syntax = "proto3"; package hello; service HelloService { rpc SayHello(HelloRequest) returns (HelloResponse) { option (google.api.http) = { get: "/v1/messages/{name}" additional_bindings { get: "/v1/messages/legacy/{name=**}" } post: "/v1/messages/" body: "*" }; } } // The request message containing the name. message HelloRequest { string name = 1; } // The response message containing the greeting message HelloResponse { string message = 1; }' > hello-gateway.proto ``` -------------------------------- ### Property Node: Error on Invalid Get Output Source: https://github.com/kong/developer.konghq.com/blob/main/app/_kong_plugins/datakit/index.md This example shows an error scenario where a property node attempts to access a field of the output, which is not supported for property nodes. ```yaml - name: GET_ROUTE_ID type: property property: kong.router.route # error! property output doesn't allow field access outputs: id: response.body ``` -------------------------------- ### Deploy Example Application on Kubernetes Source: https://github.com/kong/developer.konghq.com/blob/main/app/_mesh_policies/meshopa/index.md Apply the sample application manifest to your Kubernetes cluster. ```sh kubectl apply -f https://bit.ly/demokuma ``` -------------------------------- ### Property Node: Get Route Property Source: https://github.com/kong/developer.konghq.com/blob/main/app/_kong_plugins/datakit/index.md Use a property node to retrieve a value, such as the current router route object, and map it to an output. This example maps the route to `response.body`. ```yaml - name: GET_ROUTE type: property property: kong.router.route output: response.body ``` -------------------------------- ### Install All Skills Source: https://github.com/kong/developer.konghq.com/blob/main/app/_includes/skills/quick_install.md Use this command to add all available skills from the default repository. Ensure you have the correct repository slug configured. ```bash npx skills add {{ site.skills_repo_slug }} ``` -------------------------------- ### Attempt to Get Upstream Named 'auth' Source: https://github.com/kong/developer.konghq.com/blob/main/app/_support/code-10-error-invalid-unique-name.md This example demonstrates the curl command used to attempt to retrieve an upstream named 'auth', which triggers the 'invalid unique name' error. ```bash curl http://localhost:8001/upstreams/auth ``` -------------------------------- ### Configure DNS Server Domain (Kubernetes) Source: https://github.com/kong/developer.konghq.com/blob/main/app/assets/mesh/raw/UPGRADE.md If your `dnsServer.domain` is configured to start with a dot, remove the leading dot to ensure valid hostname generation. This example shows the corrected configuration. ```yaml dnsServer: domain: mesh # was: .mesh ```