DEV Community: Kelvin

New Standards for the Agent-Readable Website

Kelvin — Thu, 19 Feb 2026 00:51:25 +0000

Saw Garry Tan’s post.

Then ended up here:

https://x.com/flynnjamm/status/2023465136204419096?s=46

And I couldn’t stop thinking about one thing:

How do you sell to agents?

Not humans.

Not people clicking blue links.

Agents.

The shift is real

Search clicks are dropping.

Gartner says traditional search volume could fall ~25% by 2026.
Ahrefs saw ~34% lower CTR when Google AI Overviews show up.
Publisher referrals from Google are down ~30%+ globally.

People are getting answers without visiting sites.

SEO was built for clicks.

Agents are built for extraction.

Bots are everywhere

AI bot traffic is up 300%+ (Akamai).

More machines reading your site than humans.

But your site?

Still written for humans.

The actual problem

It’s never been easier to launch a site.

It’s also never been easier to launch one agents can’t understand.

We have pieces:

robots.txt
schema.org
OpenAPI
llms.txt

But no unified “AI-ready” standard.

No Lighthouse for agents.

The idea: ART

Agent Readiness Toolkit (ART)

Think Lighthouse, but for AI discoverability.

It would:

Audit how legible your site is to agents
Standardize a clean “agent contract”
Simulate what an LLM would extract
Give you an Agent Readiness Score

Because soon:

Your customer might never visit your site.

Your pricing page might be summarized somewhere else.

Your product might be recommended by a model.

In that world, ranking doesn’t matter.

Being extractable does.

SEO shaped the last 20 years.

Agent readiness might shape the next 20.

Integrate Automated AI Code Reviews to Raise Quality (and Morale)

Kelvin — Sun, 19 Oct 2025 10:16:27 +0000

Manual code reviews are crucial, but they can be slow and repetitive. Automated AI reviews handle the first pass — catching logic issues, style inconsistencies, and performance risks — so human reviewers can focus on design and intent.

🤖 What AI Code Review Does

Understands context, not just syntax
Goes beyond linting: spots logic errors, inefficiencies, and security pitfalls
Explains suggestions with inline comments and reasoning
Learns your codebase over time to match your standards

Result: faster reviews, consistent feedback, and happier developers.

⚙️ Typical Workflow

Trigger – A pull request opens.
Analyze – AI examines diffs, logic flow, and conventions.
Comment – Inline feedback appears (e.g. readability, test coverage, security).
Iterate – The system adapts to your coding style and improves over time.

🧩 Integrating with Bitbucket

You can integrate automated AI review using either Rovo Dev or Qodo (formerly Codium PR Agent).

Option A — Rovo Dev for Bitbucket

Rovo Dev adds contextual inline comments directly in pull requests — for example:

“The validation logic could be simplified by extracting the early access check into a separate condition for better readability.”

These insights help maintain clarity and consistency while catching potential issues early.

Setup:
Enable Rovo Dev for your Bitbucket workspace. Configure permissions so it can read pull requests and post inline comments.

⚠️ Note: Bitbucket currently has limited API and integration features compared to GitHub or GitLab. If your team is on those platforms, you’ll have access to richer automation hooks, inline comment threading, and workflow triggers.

Option B — Qodo PR Agent (Formerly Codium)

Use Qodo PR Agent for automated reviews directly inside your CI/CD workflow. It supports multiple providers including Bitbucket, GitHub, and GitLab — with the latter two offering more advanced review capabilities and analytics.

pipelines:
  pull-requests:
    '**':
      - step: &pr-agent
          name: PR Agent using Qodo
          services:
            - docker
          script:
            - docker run \
                -e CONFIG.GIT_PROVIDER=bitbucket \
                -e OPENAI.KEY=$OPENAI_API_KEY \
                -e OPENAI.API_TYPE=azure \
                -e OPENAI.API_VERSION=$OPEN_AI_API_VERSION \
                -e OPENAI.API_BASE=$OPEN_AI_BASE \
                -e CONFIG.MODEL=$MODEL \
                -e BITBUCKET.BEARER_TOKEN=$BITBUCKET_BEARER_TOKEN \
                codiumai/pr-agent:latest \
                --pr_url=https://bitbucket.org/$BITBUCKET_WORKSPACE/$BITBUCKET_REPO_SLUG/pull-requests/$BITBUCKET_PR_ID review

🧠 Use scoped Bitbucket tokens (read/write PRs and comments). Keep your API keys secure.

✅ What to Automate

Automate:

Readability and style suggestions
Dead code detection
Simple refactors
Security or null checks
Missing tests

Keep Human:

Architecture and performance trade-offs
API design and UX decisions
Privacy and compliance issues

🧠 Tips for Effective Use

Ignore generated or vendor code
Feed your style guides and lint rules into the model context
Use PR labels to control rule sets (e.g. security, refactor)
Encourage developers to upvote/downvote AI feedback for tuning

📈 Rollout Plan

Week	Action	Goal
1	Pilot on a small repo	Gather noise/accuracy feedback
2	Tune rules and thresholds	<10 AI comments/PR
3	Expand organization-wide	Track metrics

Metrics to Watch

PR lead time ↓ 30%
Post-merge fixes ↓
Reviewer fatigue ↓
Merge speed ↑

🧩 Example Comment

- .refine((data) => Object.values(data).includes(true), { message: 'At least one tour must be true' });
+ .refine((data) => {
+   // Allow early access updates without requiring tour completion
+   if (data.earlyAccessEnabled !== undefined) { ... }
+ });

💡 “Extract the early-access check into a named condition to improve readability.”

⚠️ Common Pitfalls

Don’t let AI merge code automatically
Avoid full write access tokens
Periodically retrain or tune rules
Don’t ignore false positives — feed them back for model improvement

💬 Final Thoughts

Automated AI reviews aren’t about replacing humans — they’re about amplifying them.
Integrate Rovo Dev or Qodo (formerly Codium) into your Bitbucket workflow to get instant, consistent feedback and spend more time writing great code instead of repetitive review comments.

💡 On GitHub or GitLab, you’ll unlock even more advanced integration options — deeper context analysis, comment threads, and richer analytics — making AI-assisted code review a seamless part of your DevOps pipeline.

🔗 Affiliate Support

Looking to collaborate or hire top independent developers?
Join me on Contra
— a network built for professionals who value flexibility and quality work.

Deploying cookiecutter-flask for free using pythonanywhere

Kelvin — Mon, 18 Dec 2023 04:56:50 +0000

Welcome! You are about to start on a journey about and how to deploy your cookiecutter-flask project for free in pythonanywhere.

Table of Content

Prerequisites
Project
How
- Setup pythonanywhere
- Zip project
- Upload project
- Unpack zip
- Install dependencies
- Edit WSGI
- Virtualenv
- Environment Variables
- Install Node.js
- Install Npm packages
- Running flask command
Support

In this articles, i won't talk to much about why choose flask framework over other framework. IMHO flask good enough for most project because of lightweight and easy to scale based on our requirements.

Prerequisites

Before jumping to how, you need to make sure you have:

Flask project ready to be deployed, you can create one here cookiecutter-flask
Pythonanywhere account

Project

For demonstration purpose i'll be using my own project that generated directly from cookiecutter-flask without any modification, you can check it here.

How

PythonAnywhere makes it easy to create and run Python programs in the cloud. To make it easier to understand we just treat pythonanywhere as another computer or server that we have limited access.

Here are the high level step by step on how to run our flask project in pythonanywhere:

Setup pythonanywhere web application
Zip the project
Upload zip.
Unzip project.
Install dependencies
Edit wsgi file
Virtualenv
Environment variable
Broken styling + Setup node.js
Execute necessary flask command.

Setup pythonanywhere

You need go to pythonanwhere dashboard and create web app

You should seen something like this.

Now you can click add new web app

Select python web framework

Select python version, any version would be fine i think but for this article i'll just choose python 3.10

No specific configuration required here, pythonanwhere will automatically bootstrap the flask project in the default directory.

After that you will be redirected to web application page

Now if you click the generated url you should be able to see 'hello from flask!'

Now we are ready to prepare to upload our code.

Zip project

To make the whole project portable and easier to access in pythonanywhere server it's better to zip the project.

You could do it from cli but i prefer to push all my code into github repository and download the zip from there.

Upload the zip

After we have zip file to upload we can go straight to pythonanywhere dashboard. Go to files, you will see something like this.

you can click mysite and upload your zip file from there.

After succesfully uploading your zip you will see your file in the list.

Unpack the zip

Still in the same screen, you can click open the bash console here button.

After few second you should be able to see the console screen.

now we can unzip the file using the following shell command

mv cookiecutter-flask-pythonanywhere-main.zip .. 
mv flask_app.py ..
cd ..
rm -rf mysite
unzip cookiecutter-flask-pythonanywhere-main.zip
mv cookiecutter-flask-pythonanywhere-main mysite
mv flask_app.py mysite

the command above basically unzip the project into mysite directory

Quick tips: ensure your website still up and showing hello from flask!

Installing dependencies

Open bash console again and go to my site

virtualenv venv
source venv/bin/activate
pip install -r requirements.txt

Now the installation process should be downloading.

Edit WSGI

Since now we have the code uploaded and python dependencies installed we can update or wsgi script to connect with our flask entrypoint file instead of the one created by pythonanywhere.

You can go to your web app and click WSGI configuration file

Now you can comment the last line so it look like this.

#from flask_app import app as application  # noqa
from autoapp import app as application

You can save and reload file.

you can try access the project url, but you will receive error

Something went wrong :-(

Where going to debug it in the next step.

Virtualenv

Go back to web application dashboard

Click error log.

Looks like pythonanywhere unable to locate our installed dependencies that we install before through virtualenv

To fix this we just need to setup virtualenv on our web application.

Go to web application and look for virtualenv
Enter the path where we install our project dependencies through virtualenv

/home/kelvinswarna/mysite/venv

Now you can try access the project website again and you should see different error.

2023-12-18 03:55:01,806: Error running WSGI application
2023-12-18 03:55:01,814: environs.EnvError: Environment variable "DATABASE_URL" not set
2023-12-18 03:55:01,814:   File "/var/www/kelvinswarna_pythonanywhere_com_wsgi.py", line 16, in <module>
2023-12-18 03:55:01,814:     from autoapp import app as application
2023-12-18 03:55:01,814: 
2023-12-18 03:55:01,815:   File "/home/kelvinswarna/mysite/autoapp.py", line 5, in <module>
2023-12-18 03:55:01,815:     app = create_app()
2023-12-18 03:55:01,815: 
2023-12-18 03:55:01,815:   File "/home/kelvinswarna/mysite/cookiecutterflask/app.py", line 27, in create_app
2023-12-18 03:55:01,815:     app.config.from_object(config_object)
2023-12-18 03:55:01,815: 
2023-12-18 03:55:01,815:   File "/home/kelvinswarna/mysite/venv/lib/python3.10/site-packages/flask/config.py", line 231, in from_object
2023-12-18 03:55:01,815:     obj = import_string(obj)
2023-12-18 03:55:01,816: 
2023-12-18 03:55:01,816:   File "/home/kelvinswarna/mysite/venv/lib/python3.10/site-packages/werkzeug/utils.py", line 595, in import_string
2023-12-18 03:55:01,816:     __import__(import_name)
2023-12-18 03:55:01,816: 
2023-12-18 03:55:01,816:   File "/home/kelvinswarna/mysite/cookiecutterflask/settings.py", line 16, in <module>
2023-12-18 03:55:01,816:     SQLALCHEMY_DATABASE_URI = env.str("DATABASE_URL")
2023-12-18 03:55:01,816: 
2023-12-18 03:55:01,816:   File "/home/kelvinswarna/mysite/venv/lib/python3.10/site-packages/environs/__init__.py", line 116, in method
2023-12-18 03:55:01,816:     raise EnvError('Environment variable "{}" not set'.format(proxied_key or parsed_key))
2023-12-18 03:55:01,816: ***************************************************
2023-12-18 03:55:01,817: If you're seeing an import error and don't know why,
2023-12-18 03:55:01,817: we have a dedicated help page to help you debug: 
2023-12-18 03:55:01,817: https://help.pythonanywhere.com/pages/DebuggingImportError/
2023-12-18 03:55:01,817: ***************************************************

It's related to environment variable, where going to fix it in the next step.

Environment Variable

There are some things we just shouldn’t share with our code. These are often configuration values that depend on the environment such as debugging flags or access tokens for APIs. Environment variables are a good solution and they are easy to consume in most programming languages.

To fix this we need open the bash console again and go to mysite we have environment variable template that we can use

cp .env.example .env

Now we can try access the project website again and you should able to see the actual website now.

However the ui is not looking good since the styling is broken.

Install Node.js

The cookiecutter-project is running using Flask-Static-Digest so we need node.js and webpack to generate our static asset.

Luckily pythonanywhere provide some quickstart guide if we want to install node to our server

We need open a new bash console and go to our root directory.
Will be something look like this

04:26 ~ $ ls
README.txt  cookiecutter-flask-pythonanywhere-main.zip  mysite
04:26 ~ $

now we can paste the command to download and install NVM

git clone --depth 1 https://github.com/creationix/nvm.git
source ~/nvm/nvm.sh

Now our server should have access to nvm and we can install node 18

nvm install 18

Now we can move on to the next step which actually install our npm packages.

Install Npm packages

Open a new bash console and go to mysite

npm install
npm run-script build

Running flask command

Open a new bash console and go to mysite

flask db init
flask db migrate
flask db upgrade

Troubleshoot

Coming Soon!

My first Node.js and GraphQL Course

Kelvin — Tue, 22 Nov 2022 01:03:46 +0000

Today, I'm delighted to announce that my first coding course, Getting started with GraphQL using Node.js officially been released and is available at Educative, Inc. I've spent a few months working on this on and off. Countless Fridays and Saturdays, here it is!

https://www.educative.io/collection/10370001/4741596194537472

The course is a beginner-friendly introduction to backend development using #graphql and #Nodejs. It's useful for anyone who wants do the extra mile from tutorials and get their hands dirty by making something practical. The course breakdown important concepts into uncomplicated and easy-to-digest pieces, often aided by illustrations and code playground.

Happy learning!

Write COBOL in 2020

Kelvin — Sat, 02 May 2020 03:11:37 +0000

Motivation

Recently i've read article about Urgent need of Cobol Programmers in the midst of COVID-19. I've surfed the internet to know more about the language. Based on the answer from internet a lot of people said ancient language like COBOL, PASCAL is bad. I decide to found out what's writing COBOL program looks like from developer who usually wrote program using much modern language (Python or Javascript).

What is COBOL?

COBOL is abbrevation for 'Common Business Oriented Language'. It was introduced since 1959 (61 Years Ago). COBOL was designed by CODASYL. It was created as part of a US Department of Defense effort to create a portable programming language for data processing. In the late 1950s, computer users and manufacturers were becoming concerned about the rising cost of programming. A 1959 survey had found that in any data processing installation, the programming cost US$800,000 on average and that translating programs to run on new hardware would cost $600,000. At a time when new programming languages were proliferating at an ever-increasing rate, the same survey suggested that if a common business-oriented language were used, conversion would be far cheaper and faster.

Evolution of COBOL

In 1959, COBOL was developed by CODASYL (Conference on Data Systems Language).
COBOL-61 was released in 1961 with some revisions.
In 1968, COBOL was approved by ANSI as a standard language for commercial use (COBOL-68).
It was again revised in 1974 and 1985 to develop subsequent versions named COBOL-74 and COBOL-85 respectively.
In 2002, Object-Oriented COBOL was released, which could use encapsulated objects as a normal part of COBOL programming.

Where COBOL is used?

Most of the system in US like Financial System, Social Security Administration, Department of Defense, Internal Revenue Service, the Majority of State Financial / Unemployment Systems and Numerous other Critical Systems is developed using COBOL.

Your first program

I think that's enough introduction about COBOL background and history. Let's start the real code.

How to install

To run COBOL on your local machine. You need GNU-COBOL. In this article I'll be showing how to install it on Mac OS. First you need homebrew installed. After that you can just execute

brew install gnu-cobol

To check whether the installation succeed or not, try run this command.

cobc --version

it should shown something like this

cobc (GnuCOBOL) 2.2.0
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Keisuke Nishida, Roger While, Ron Norman, Simon Sobisch, Edward Hart
Built     Apr 29 2020 00:06:51
Packaged  Sep 06 2017 18:48:43 UTC
C version "4.2.1 Compatible Apple LLVM 11.0.3 (clang-1103.0.32.59)"

Prepare your Text Editor

There's few different text-editor you can use to wrote COBOL Program like, HackEdit, OpenCobolIDE, etc. For the sake of simplicity, i'll just use Visual Studio Code.

Install COBOL Extension

Using Visual Studio Code you can just go to Extension Marketplace and install COBOL Plugin. The extension provide Syntax highlighting for COBOL, JCL, PL/I and MF directive files, this help us a lot understanding COBOL program.

Writing your first program in COBOL

Let's write some code below.

       IDENTIFICATION DIVISION.
       PROGRAM-ID. hello.
       AUTHOR. KELVIN.
       PROCEDURE DIVISION.
           DISPLAY "Hello World".
        STOP RUN.

and to run it

cobc -x hello.cob
./hello

The output should looks like this.

Hello World

Yes, this is your Hello World program using COBOL :).

Program Structure

Let's discuss about what's happening on our program. First take a look at this image.

A brief introduction of these image is given below −

Sections are the logical subdivision of program logic. A section is a collection of paragraphs.
Paragraphs are the subdivision of a section or division. It is either a user-defined or a predefined name followed by a period, and consists of zero or more sentences/entries.
Sentences are the combination of one or more statements. Sentences appear only in the Procedure division. A sentence must end with a period.
Statements are meaningful COBOL statements that perform some processing.
Characters are the lowest in the hierarchy and cannot be divisible.

Division

Identification Division

First and only the mandatory division of every COBOL program. The programmer and the compiler use this division to identify the program. In this division, PROGRAM-ID is the only mandatory paragraph. PROGRAM-ID specifies the program name that can consist 1 to 30 characters.

       IDENTIFICATION DIVISION.
       PROGRAM-ID. hello.

Procedure Division

In short, procedure division is used to include the logic of the program. It consists of executable statements that written by the progammer.
There must be at least one statement in the procedure division. The last statement to end the execution in this division is either STOP RUN or EXIT PROGRAM.

      PROCEDURE DIVISION.
           DISPLAY "Hello World".
        STOP RUN.

Conclussion

I've only tried wrote simple program in COBOL and saw other people code on internet. But here's few things i found compare to language that i used nowadays.

Bad Part:

A lot of reserved words, COBOL has over 300 keywords while Python only has 33 keywords. This lead to long list of reserved words to memorize.
Invent the wheel. Because there's no library concept in COBOL most of time you need to write your own libraries to do something you want. Also because of this everything is implemented as a keyword. for example when you want to support XML they introduce keywords like PARSE and RENDER.
Over-verbose syntax, when COBOL designed this kind of syntax was intended to make the code itself self documenting by using english like syntax so it readable for non-tecnical person but it ends up unmaintainable and uncomfortable for real programmer.

Good Part:

Less code to type, because a lot of reserved words, you only wrote data you're going to need and logic you're going to execute.
Performance. For many years COBOL compilers have been producing very high performance executables. Only native C and native Assembler beat COBOL on an IBM mainframe.

references:
https://softwareengineering.stackexchange.com/questions/112911/why-the-scorn-for-cobol
https://en.wikipedia.org/wiki/COBOL#Criticism_and_defense
https://devops.com/the-beauty-of-the-cobol-programming-language-v2/

[Python] Beautify your code using Auto-Formatter

Kelvin — Fri, 01 May 2020 02:25:35 +0000

What is Code Formatting?

Code formatting is effort to makes code easier to read by human by applying specific rules and conventions for line spacing, indents, spacing around operators, and so on see more details here. Formatting shouldn't affect the functionality of the code itself.

Linting vs Formatting?

On the other hand, linting is made to analyzes code for common syntactical, stylistic, and functional errors as well as unconventional programming practices that can lead to errors. Although there is a little overlap between formatting and linting, the two capabilities are complementary.)

Auto Formatter

An auto formatter is a tool to automatically format your code in a way it complies to the tool or any other standard it set. Normally there's 2 option when we want to integrate this tool on our workflow. First is through your favourite text-editor and second is using pre-commit hook. In this article i will explain more about the first option which integrate auto formatter in our text-editor for better code standard. Advantage of using auto formatter are :

You don't worry about low-level problems since it's fixed automatically
Reduces number of discussions or debate about code style so developer can focus writing actual code
Help new developers more familiar with the code base because the style is consistent
Less merge conflicts

If you have experience writing Golang and Javascript there's chance you're already using auto formatters like gofmt for Golang or prettier for JavaScript. Now the question, how we can do the same thing in Python?

In Python there are three auto-formatter available:

autopep8

autopep8 is an open source auto formatter built and made by several developers. It uses pycodestyle to analyze which parts of your code do not fit to the pep-guidelines and will try to fix them. As of the time of writing the project had around 3.3K stars (April 2020).

yapf

Yet another Python formatter is tool produced and maintained by Google. It has ~10.5K stars (April 2020) on GitHub. Yapf follow different approach compare with other auto formatter tools.

In essence, the algorithm takes the code and reformats it to the best formatting that conforms to the style guide, even if the original code didn't violate the style guide. Style remains consistent throughout the project and there's no point arguing about style in every code review.

black

The most popular auto formatter in Python. It has around ~15K stars on GitHub (April 2020). Black is loved because you don't need to configure anything in order to format your code. Javascript Prettier also follow this approach.

Get Started

In order to get started you just need to install one of package above.

autopep8

pip install autopep8
autopep8 --in-place --aggressive --aggressive <filename>

yapf

pip install yapf
yapf <filename>

black

pip install black
black <filename>

What is your favourite Python Auto-Formatter?. Let me know by adding comment below :)

Setup (Kong + Konga) as API Gateway

Kelvin — Thu, 09 Apr 2020 07:57:11 +0000

Welcome! You are about to start on a journey about and how to setup kong as an API Gateway for your infrastructure. In this second chapter, We are going to learn how to setup Kong and Konga. By the end of this series you are going to have your Kong and Konga running.

Table of Content

Api Gateway Series
Prerequisites
Kong
Konga
Repository
Support

In this articles, i won't talk to much about why choose kong compare to another product. Tl;dr is because kong is open-source, has good community thanks to Kong Hub and it can be easily run using Docker because they have prebuilt image.

Prerequisites

Before jumping to how, you need to make sure you have this installed:

Kong

To run kong via docker-compose we need to prepare docker-compose (Kong + DB) because we want to run kong using database. There's 2 database that currently supported by kong (PostgreSQL + Cassandra). In this articles i'm going to configure it using PostgreSQL. First let's configure Postgres services.

Dockerfile

FROM postgres:9.6

COPY docker-entrypoint.sh /usr/local/bin/

ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["postgres"]

If you're wondering why would we create our own postgres dockerfile instead directly using prebuilt images is because we need to load custom docker-entrypoint.sh which support create multiple initial user + database that later going to be used by (Kong + Konga), compare to prebuilt images where you can only create one user + one database. With this now our postgres can set environment like this:

environment:
 POSTGRES_USERS: username:password | username2:password 
 POSTGRES_DATABASES: dbname:username | dbname2:username2

Now let's continue wrote our docker-compose.yml, let's create services called db and kong-migrations. In db we build from context instead of images, to make all of our container portable and prevent hardcoded config we make environment to refer our own defined variable called KONG_DB_USERNAME, KONG_DB_PASSWORD, KONGA_DB_USERNAME and KONGA_DB_PASSWORD.

docker-compose.yml

version: '3.7'
services:
    db:
        build:
          context: postgres
        environment:
          POSTGRES_USERS: ${KONG_DB_USERNAME}:${KONG_DB_PASSWORD}|${KONGA_DB_USERNAME}:${KONGA_DB_PASSWORD}
          POSTGRES_DATABASES: ${KONG_DB_NAME}:${KONG_DB_USERNAME}|${KONGA_DB_NAME}:${KONGA_DB_USERNAME}
        volumes:
        - persist_volume:/var/lib/postgresql/data
        networks:
        - kong-net

    kong-migrations:
      image: kong:latest
      entrypoint: sh -c "sleep 10 && kong migrations bootstrap -v"
      environment:
        KONG_DATABASE: ${KONG_DATABASE}
        KONG_PG_HOST: ${KONG_DB_HOST}
        KONG_PG_DATABASE: ${KONG_DB_NAME}
        KONG_PG_USER: ${KONG_DB_USERNAME}
        KONG_PG_PASSWORD: ${KONG_DB_PASSWORD}
      depends_on:
      - db
      networks:
      - kong-net
      restart: on-failure

Before we run the actual kong we need to run kong migrations command first. Also if you're wondering why we add sleep on entrypoint it's because i encounter some issue before when i tried to follow tutorial from kong. Apparently this is because we tried to run migrations command but postgres container is not ready yet, to make it works i just add delay before executing migrations.

Don't forget to define network and volume at bottom or top part of docker-compose

volumes:
  persist_volume:

networks:
  kong-net:
    external: true

Before run we need to set required environment by postgres and kong

.env

# KONG SETTING
KONG_DB_NAME=db_kong
KONG_DB_USERNAME=konguser
KONG_DB_PASSWORD=kongpassword
KONG_DB_HOST=db
KONG_DB_PORT=5432

# KONGA SETTING
KONGA_DB_NAME=db_konga
KONGA_DB_USERNAME=kongauser
KONGA_DB_PASSWORD=kongapassword
KONGA_DB_HOST=db
KONGA_DB_PORT=5432

Now we can try run both container

docker network create kong-net
docker-compose up -d --build

Let's add more stuff, this time we add services called kong.
docker-compose.yml

    kong:
      image: kong:latest
      environment:
        KONG_DATABASE: ${KONG_DATABASE}
        KONG_PG_HOST: ${KONG_DB_HOST}
        KONG_PG_DATABASE: ${KONG_DB_NAME}
        KONG_PG_USER: ${KONG_DB_USERNAME}
        KONG_PG_PASSWORD: ${KONG_DB_PASSWORD}
        KONG_PROXY_ACCESS_LOG: ${KONG_PROXY_ACCESS_LOG}
        KONG_ADMIN_ACCESS_LOG: ${KONG_ADMIN_ACCESS_LOG}
        KONG_PROXY_ERROR_LOG: ${KONG_PROXY_ERROR_LOG}
        KONG_ADMIN_ERROR_LOG: ${KONG_ADMIN_ERROR_LOG}
        #KONG_ADMIN_LISTEN: ${KONG_ADMIN_LISTEN}
      restart: on-failure
      ports:
      - $KONG_PROXY_PORT:8000
      - $KONG_PROXY_SSL_PORT:8443
        #- $KONG_PROXY_ADMIN_API_PORT:8001
        #- $KONG_PROXY_ADMIN_SSL_API_PORT:8444
      networks:
      - kong-net

Don't forget to add more variable to our environment variable
.env

KONG_DATABASE=postgres
KONG_PROXY_ACCESS_LOG=/dev/stdout
KONG_ADMIN_ACCESS_LOG=/dev/stdout
KONG_PROXY_ERROR_LOG=/dev/stderr
KONG_ADMIN_ERROR_LOG=/dev/stderr
KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl

KONG_PROXY_PORT=8000
KONG_PROXY_SSL_PORT=8443
KONG_PROXY_ADMIN_API_PORT=8001
KONG_PROXY_ADMIN_SSL_API_PORT=8444

Now let's run the whole compose (Postgres + Kong migrations + Kong)

docker-compose up -d --build

Let's check our kong

curl -i http://localhost:8001/

You should get some JSON response.

Konga

Add Konga to Compose
Setup Kong LoopBack
Enable Key Auth Plugin
Add Konga as Consumer
Create API Key for Konga
Setup Connection

Some people might prefer interact with Kong Admin API through curl or Postman. But i'm more comfortable interacting through UI. Konga basically done this, they provide GUI for interacting with Kong Admin API.

Add Konga to Docker Compose

To setup Konga with Kong we need few more step, first we need to add Konga in our docker-compose and later we need to configure Kong Admin LoopBack.

Let's do the first step, add konga to our docker-compose.yml

    konga:
      image: pantsel/konga
      environment:
        TOKEN_SECRET: ${KONGA_TOKEN_SECRET}
        DB_ADAPTER: ${KONG_DATABASE}
        DB_HOST: ${KONGA_DB_HOST}
        DB_PORT: ${KONGA_DB_PORT}
        DB_DATABASE: ${KONGA_DB_NAME}
        DB_USER: ${KONGA_DB_USERNAME}
        DB_PASSWORD: ${KONGA_DB_PASSWORD}
        NODE_ENV: ${KONGA_ENV}
        KONGA_HOOK_TIMEOUT: 10000
      restart: on-failure
      ports:
      - $KONGA_PORT:1337
      depends_on:
      - db
      networks:
      - kong-net

And also don't forget to add more variable to .env

KONGA_TOKEN_SECRET=some-secret-token
KONGA_ENV=development
KONGA_PORT=9000

After everything configured now let's run our docker-compose again

docker-compose up -d --build

Now you can go to your browser and open http://localhost:9000/

Konga would ask you to configure some credentials (Username + Password) that required to access Konga Web. After that they going to prompt how we want to communicate with Kong there's 3 available option:

Default (Not Recommended): Konga would access the Kong Admin API directly
Key Auth (Recommended): Konga would access Kong Admin API that run behind Kong (Loop-Back API) using configured Api Key.
JWT (Recommended): Konga would access Kong Admin API that run behind Kong (Loop-Back API) using JWT by using shared key and secrets.

In this article i would use the second method using Key Auth. Before we setup connection let's go back to access our Kong Admin API. Currently Kong Admin API is publicly accessible for those anyone who has access to the url which is dangerous for production environment. Now we need to protect Kong Admin API by running it behind Kong using LoopBack.

Setup Kong LoopBack

Thanks to Kong's routing design it's possible to serve Admin API itself behind Kong proxy.

To configure this we need to following steps:

Add Kong Admin API as services: You can import postman collection that i already create before or simply copy-paste following commands:

curl --location --request POST 'http://localhost:8001/services/' \
--header 'Content-Type: application/json' \
--data-raw '{
    "name": "admin-api",
    "host": "localhost",
    "port": 8001
}'

Add Admin API route: To register route on Admin API Services we need either service name or service id, you can replace the following command below:

curl --location --request POST 'http://localhost:8001/services/{service_id|service_name}/routes' \
--header 'Content-Type: application/json' \
--data-raw '{
    "paths": ["/admin-api"]
}'

Now our Kong Admin API is running behind Kong Proxy, so in order to access it you need to :

curl localhost:8000/admin-api/

Enable Key Auth Plugin

Our Admin API already run behind kong, but is not secured yet. In order to protect Kong Admin API we need to enable key auth plugin at service level by doing this commands.

curl -X POST http://localhost:8001/services/{service_id|service_name}/plugins \
    --data "name=key-auth"

Add Konga as Consumer

Our Admin API already run behind kong, but is not secured yet. In order to protect Kong Admin API we need to enable key auth plugin at service level by doing this commands.

curl --location --request POST 'http://localhost:8001/consumers/' \
--form 'username=konga' \
--form 'custom_id=cebd360d-3de6-4f8f-81b2-31575fe9846a'

Create API Key for Konga

Using Consumer ID that generated when we're adding consumer, we will use that Consumer ID and generate API Key.

curl --location --request POST 'http://localhost:8001/consumers/e7b420e2-f200-40d0-9d1a-a0df359da56e/key-auth'

Setup Connection

Now we're already have all required component to setup Konga connection

Remember in picture above, because Kong and Konga are in the same network they can simply reach each other by using container name.

Repository

For those whose want simply clone it you can access this repository

FAQ

For those who encounter error below

Failed to seed User Error (E_UNKNOWN) :: Encountered an unexpected error
error: relation "public.konga_users" does not exist

this is due to failed migration of konga container, to fix this, run following instruction below:

Stop all containers

docker-compose down
docker system prune --volumes ## optional!

Modify .env and look for KONGA_ENV

KONGA_ENV=development

If it's configured using production, Konga will not perform db migrations which the cause of the error above. So development should work and will trigger user migration for Konga. Now you should able to access it on localhost:9000 if you still use the default configuration.

Support

If you find my articles or project is useful please support me through:

Thank you very much

Api Gateway series

if you like to know other series please check out below:
*Introduction
*Setup Kong (This Articles)

Introduction: API Gateway (Part 1)

Kelvin — Thu, 09 Apr 2020 01:14:23 +0000

Welcome! You are about to start on a journey about and how to setup kong as an API Gateway for your infrastructure. In this first chapter, you are going to learn what and why we need API Gateway. By the end of this chapter you are going know why API Gateway is important in Microservices Architecture.

Table of Content

Api Gateway Series
What is API Gateway
Why need API Gateway
API Gateway
API Gateway Solution

You may have heard the terms "API Gateways" or maybe the popular api gateway solution like Tyk, Apigee, Kong or Amazon AWS API Gateway. These come up a lot nowadays because a lot of company started adopting or migrating towards microservices architecture.

What is API Gateway?

API Gateway is middleware that sit between your client application and your server side application so all incoming request from client must be done through API Gateway. When you think about it, isn't API Gatway exactly like how reverse proxy works? Yes you could say API Gateway has some similiarity. Reverse Proxy is responsible to routing request from client to right server but API Gateway is operating at different layer, API Gateway is responsible to routing request from client to right application / services on the server. API Gateway also have other benefit that will we discussed later.

Why need API Gateway?

Before answering this question, let's take a look at this architecture.

This is represent how most monolith architecture works, you have client application it can be web or mobile and then you have one server side application serve as REST API containing all business logic and connected to database. These would be fine untill you introduce another REST API.

Now let's take a look another architecture.

Direct Client‑to‑Microservice Communication

In theory, a client could make requests to each of the microservices directly. Unfortunately, there are challenges and limitations with this option.

Inefficiency

When you have more than one REST API, the client start getting confused because now they need to know, if they need fetch list of shopping cart they need to request it from Shopping Cart Services, and repeat the same step for another functionality. This would make client application need to execute multiple HTTP request to render certain page and also this approach make client application much more complex.

Protocol

If you are working with REST API this would be fine untill you introduce server side application that use protocols that are not web‑friendly. Some might use Thrift binary RPC while another service might use the gRPC. Neither protocol is particularly web‑friendly.

Refactoring

Good software is always evolve. Over time we might want to change how the system is partitioned into services. For example, we might merge two services into one or split a service into two or more services. If clients communicate directly with each services, then performing this kind of refactoring can be extremely difficult.

API Gateway

To solve number of problem that might be happen using direct communication, we need a gateway.

Now client application is communicating through API Gateway, we gain several benefit.

Decoupling

By communicating through API Gateway, API gateways enable us to route based on path, hostname, headers, and other key information enabling us to decouple API used by client from actual services. With this renaming, reorganizing and splitting services is much easier especially if were dealing with client that we have no control over.

Performance

Using API Gateway we gain better performance. Because instead client join data manually from multiple services, data that required by client can be aggregated by the API Gateway itself.

Translation

When client request data to server through API Gateway. API Gateway will done something call protocol translation, so whatever protocol used by server (Thrift, gRPC, AMQP) it will endup translated before send to client, so client only dealing with understandable response.

Centralized

Authentication Logging, Rate Limiting, CORS and many other things can easily configured at API Gateway level so underlying service doesn't need to implement their own way.

Existing API Gateway Solution

Kong

Kong is an API gateway that is build on top of (NGINX). It has 2 type of product that is open source and enterprise. All essential features is available with the open-source version, while features like the Admin UI, Security, and developer portal only available on enterprise version.

Tyk.io

Simillar with Kong, Tyk is also has open source version. Tyk is more of a batteries included API Gateway. Authentication schemes like OIDC, OAuth2, Bearer Token, Basic Auth, Mutual TLS, HMAC are all supported out of the box without requiring plugins. It also has support for XML->JSON, JSON->XML, JSON Schema Validation.

Apigee

Oldest API Gateway listed here is Apigee. Founded in 2004 and acquired by Google in 2016. Apigee is not open source and is built on enterprise Java. Apigee focus was to turn legacy monoliths into APIs that can be consumed by third parties.

Amazon AWS API Gateway

Amazon as the biggest cloud vendor provide AWS API Gateway. AWS API Gateway is fully managed and can be deployed with a few clicks in the AWS portal.

Api Gateway series

if you like to know other series please check out below:

Introduction (This Articles)
Setup Kong