转载

Kong v0.9.0 RC3发布

Kong是在客户端和（微）服务间转发API通信的API网关，通过插件扩展功能。Kong有两个主要组件：

Kong Server ：基于nginx的服务器，用来接收API请求。
Apache Cassandra ：用来存储操作数据。

你可以通过增加更多Kong Server机器对Kong服务进行水平扩展，通过前置的负载均衡器向这些机器分发请求。根据文档描述，两个Cassandra节点就足以支撑绝大多数情况，但如果网络非常拥挤，可以考虑适当增加更多节点。

对于开源社区来说，Kong 中最诱人的一个特性是可以通过插件扩展已有功能，这些插件在 API 请求响应循环的生命周期中被执行。插件使用 Lua 编写，而且 Kong 还有如下几个基础功能：

HTTP 基本认证
密钥认证
CORS（ Cross-origin Resource Sharing，跨域资源共享）
TCP/UDP
文件日志
API 请求限流
请求转发
nginx 监控

Kong v0.9.0 RC3发布

更新日志

这个版本的主要焦点是Kong的新的CLI。与一个简单的配置文件,新设置环境变量支持,新命令,以及一个新的翻译,新的CLI给Kong用户提供了更多的强大功能和灵活性,允许更容易集成在您的部署工作流,以及更好的测试开发人员和插件作者。此外,包括一些新的插件和性能改进以及一些bug修复。

改变

New CLI, with new commands and refined arguments. This new CLI uses the resty-cliinterpreter (see lua-resty-cli) instead of LuaJIT. As a result, the resty executable must be available in your $PATH (resty-cli is shipped in the OpenResty bundle) as well as the bin/kong executable. Kong does not rely on Luarocks installing the bin/kong executable anymore. This change of behavior is taken care of if you are using one of the official Kong packages.
Kong uses a new configuration file, with an easier syntax than the previous YAML file.
New arguments for the CLI, such as verbose, debug and tracing flags. We also avoid requiring the configuration file as an argument to each command as per the previous CLI.
Customization of the Nginx configuration can now be taken care of using two different approaches: with a custom Nginx configuration template and using kong start --template <file>, or by usingkong compile to generate the Kong Nginx sub-configuration, and include it in a custom Nginx instance.
Plugins:
- Rate Limiting: the continue_on_error property is now called cluster_fault_tolerant.
- Response Rate Limiting: the continue_on_error property is now calledcluster_fault_tolerant.

新增

Support for overriding configuration settings with environment variables.
Support for SSL connections between Kong and PostgreSQL. #1425
Ability to apply plugins with more granularity: per-consumer, and global plugins are now possible. #1403
New kong check command: validates a Kong configuration file.
Better version check for third-party dependencies (OpenResty, Serf, dnsmasq). #1307
Ability to configure the validation depth of database SSL certificates from the configuration file.#1420
request_host: internationalized url support; utf-8 domain names through punycode support and paths through %-encoding. #1300
Implements caching locks when fetching database configuration (APIs, Plugins...) to avoid dog pile effect on cold nodes. #1402
Internal locks when for datastore requests. Now Kong will only trigger maximum one request per node to the datastore when requesting a specific entity, which prevents the Dogpile effect. #1402
Plugins:
- New bot-detection plugin: protect your APIs by detecting and rejecting common bots and crawlers. #1413
- correlation-id: new "tracker" generator, identifying requests per worker and connection. #1288
- request/response-transformer: ability to add strings including colon characters. #1353
- rate-limiting: support for new rate-limiting policies (cluster, local and redis), and for a newlimit_by property to force rate-limiting by consumer, credential or ip.
- response-rate-limiting: support for new rate-limiting policies (cluster, local and redis), and for a new limit_by property to force rate-limiting by consumer, credential or ip.
- galileo: performance improvements of ALF serialization. ALFs are not discarded when exceeding 20MBs anymore. #1463
- statsd: new upstream_stream latency metric. #1466
- datadog: new upstream_stream latency metric and tagging support for each metric. #1473

移除

We now use lua-resty-jit-uuid for UUID generation, which is a pure Lua implementation of RFC 4122. As a result, libuuid is not a dependency of Kong anymore.

Bug修复

Sensitive configuration settings are not printed to stdout anymore. #1256
Fixed bug that caused nodes to remove themselves from the database when they attempted to join the cluster. #1437
Plugins:
- request-size-limiting: use proper constant for MB units while setting the size limit. #1416
- OAuth2: security and config validation fixes. #1409 #1112
- request/response-transformer: better validation of fields provided without a value. #1399
- JWT: handle some edge-cases that could result in HTTP 500 errors. #1362

internal

new test suite using resty-cli and removing the need to monkey-patch the ngx global.

custom assertions and new helper methods (wait_until()) to gracefully fail in case of timeout.

increase atomicity of the testing environment.

lighter testing instance, only running 1 worker and not using dnsmasq by default.