Today I will share with you how you can setup Kong Gateway 3.5 with PostgreSQL 16, both in Almalinux 9.
PostgreSQL 9
We going to start with PostgreSQL 16. The steps required as following:
- Install PostgreSQL 16
- Initialise PostgreSQL 16
- Add port 5432 into public zone
- Allow remote access to PostgreSQL 16.
- Enable and start the service.
- Create kong database, user and password.
I have the following script which I place it in user's home - ~/install-postgresql.
#!/bin/bash
echo "🚀 Downloading PostgreSQL 16..."
sudo dnf update -y
sudo dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm
echo "🚀 Installing PostgreSQL 16..."
sudo dnf install -y postgresql16 postgresql16-server
echo "🚀 Initialise DB for PostgreSQL 16..."
/usr/pgsql-16/bin/postgresql-16-setup initdb
echo "🚀 Configuring PostgreSQL 16 firewall..."
sudo firewall-cmd --zone=public --permanent --add-port=5432/tcp
sudo firewall-cmd --reload
echo "🚀 Configuring ph_hba.conf..."
echo "host all all 0.0.0.0/0 md5" >>/var/lib/pgsql/16/data/pg_hba.conf
echo "🚀 Configuring postgresql.conf..."
echo "listen_addresses = '*'" >>/var/lib/pgsql/16/data/postgresql.conf
echo "🚀 Enabling PostgreSQL 16 at startup..."
sudo systemctl enable postgresql-16
echo "🚀 Starting the PostgreSQL 16 service..."
sudo systemctl start postgresql-16
echo "🚀 Configuring kong database, user and password..."
POSTGRES_PASSWORD=$(echo $RANDOM | md5sum | head -c 20)
DB_EXISTS=$(sudo su - postgres -c "psql -lqt" | cut -d \| -f 1 | grep -w kong | wc -l) || true
if [[ $DB_EXISTS == 0 ]]; then
sudo su - postgres -c "psql -c \"CREATE USER kong WITH PASSWORD '$POSTGRES_PASSWORD';\" > /dev/null"
sudo su - postgres -c "psql -c \"CREATE DATABASE kong OWNER kong\" > /dev/null"
echo POSTGRES_PASSWORD > kong-database.pass
fi
Run the following command to start the installation and configuration:
cd ~
chmod +x install-postgresql
. ./install-postgresql
Copy the password in kong-database.pass and we will use it in the Kong configuration.
Kong Gateway
For Almalinux, we can use RHEL installer.
I have download it and place it in ~/installers/ directory - assuming you are in user's directory.
Then I have config/ directory which stored the kong configuration as following:
# Port
port_maps = 80:8000,443:8443
proxy_listen = 0.0.0.0:80 reuseport backlog=16384, 0.0.0.0:443 http2 ssl reuseport backlog=16384
admin_listen = 127.0.0.1:8001 reuseport backlog=16384, 127.0.0.1:8444 http2 ssl reuseport backlog=16384
# admin_listen = 0.0.0.0:8001
admin_gui_listen = 0.0.0.0:8002
headers = latency_tokens
nginx_http_client_max_body_size = 100m
nginx_http_client_body_buffer_size = 100m
# DATASTORE
database = postgres
pg_host = kong-db-node
pg_port = 5432
pg_timeout = 5000
pg_user = kong
pg_password =
pg_database = kong
pg_schema = public
Then I have the following script to install and setup Kong.
#!/bin/bash
# Parse command line arguments
while [[ $# -gt 0 ]]; do
key="$1"
case $key in
-k|--kong-ip)
KONG_DB_IP="$2"
shift # past argument
shift # past value
;;
*)
# unknown option
echo "Unknown option: $1"
return
;;
esac
done
# Check if required arguments are provided
if [ -z "$KONG_DB_IP" ]; then
echo "Error: Please provide Kong Database IP Address."
return
fi
echo "🚀 Installing Kong..."
yum install "$(dirname "$0")/installers/kong-3.5.0.el8.x86_64.rpm" -y
echo "🚀 Enabling at startup..."
systemctl enable kong
echo "🚀 Setup hostname..."
echo "$KONG_DB_IP kong-db-node" >> /etc/hosts
echo "🚀 Backup Configuration..."
cp /etc/kong/kong.conf /etc/kong/kong.conf.default
echo "🚀 Configuring..."
cp "$(dirname "$0")/config/kong.conf" /etc/kong/kong.conf
echo "🚀 Disable Proxy on localhost..."
echo "export no_proxy=localhost,127.0.0.1" >> /etc/environment
echo "⚠️ You need to update the kong database credential located in /etc/kong/kong.conf"
echo "⚠️ Then you are good to go to start the kong service"
Then you can the script:
cd ~/
chmod +x install-kong
. ./install-kong <database-ip>
Then open up the /etc/kong/kong.conf and update the password for kong database based on step in PostgreSQL 16 installation.
Once you are done, run the following command:
kong migrations bootstrap
kong kong migrations up && kong migrations finish
Update the firewall rules:
sudo firewall-cmd --zone=public --permanent --add-port=443/tcp
sudo firewall-cmd --zone=public --permanent --add-port=80/tcp
sudo firewall-cmd --zone=public --permanent --add-port=8000/tcp
sudo firewall-cmd --zone=public --permanent --add-port=8001/tcp
sudo firewall-cmd --zone=public --permanent --add-port=8002/tcp
sudo firewall-cmd --reload
Then start the kong service:
systemctl start kong
Now you can test your Kong:
curl -i -X GET --url http://localhost:8001/services
And open Kong Manager at http://localhost:8002.
It is advisable that Kong Manager only be access from limited IP address and exposing to the internet.
Photo by Rodion Kutsaiev on Unsplash
Top comments (0)