Kong Gateway Enterprise [ARCHIVE]

1.3-x

Kong Konnect Platform
Kong Gateway
Deployment
Installation

PermalinkInstall Kong Enterprise on CentOS

PermalinkIntroduction

This guide walks through downloading, installing, and starting Kong Enterprise on CentOS

The configuration shown in this guide is intended as an example. Depending on your environment, you may need to make modifications and take measures to properly conclude the installation and configuration.

Kong supports both PostgreSQL 9.5+ and Cassandra 3.11.* as its datastore. This guide provides steps to configure PostgreSQL. For assistance in setting up Cassandra, please contact your Sales or Support representative.

PermalinkPrerequisites

To complete this installation you will need:

A supported CentOS system with root equivalent access.
You have signed up for a paid Enterprise subscription and received a license.json file from Kong.

PermalinkStep 1. Prepare to Install Kong Enterprise and Download the License File

PermalinkDownload RPM file

To install Kong Gateway versions 1.3.x and earlier, open a support case to request an authenticated time-sensitive URL.
Click the URL to download your Kong Gateway installation package.
Copy the RPM file to your home directory on the CentOS system.

PermalinkDownload your Kong Enterprise License

Kong Gateway requires a license to run.

If you have lost access to your license.json file but still have a valid license for Kong Gateway, open a support case to request the file.

Download the license.json file you received from Kong Support.

Open the file and ensure it’s in proper JSON format:

 {"license":{"signature":"91e6dd9716d12ffsn4a5ckkb16a556dbebdbc4d0a66d9b2c53f8c8d717eb93dd2bdbe2cb3ef51c20806f14345128907da35","payload":{"customer":"Kong Inc","license_creation_date":"2019-05-07","product_subscription":"Kong Enterprise Edition","admin_seats":"5","support_plan":"None","license_expiration_date":"2021-04-01","license_key":"00Q1K00000zuUAwUAM_a1V1K000005kRhuUAE"},"version":1}}

Securely copy the license file to your home directory on the CentOS system:
```
 $ scp license.json <centos username>@<server>:~
```

PermalinkResult

You should now have two files in your home directory on the target CentOS system:

Either the Kong RPM or Kong Yum repo file.
The license file license.json

PermalinkStep 2. Install Kong Enterprise

Install EPEL (Extra Packages for Enterprise Linux), if not already installed:
```
 $ sudo yum install epel-release
```
Execute a command similar to the following, using the appropriate RPM file name you downloaded.
```
 $ sudo yum install kong-enterprise-edition-1.3.el7.noarch.rpm
```
Note: Your version may be different based on when you obtained the rpm

PermalinkCopy the License File

Copy the license file from your home directory to the /etc/kong directory:

$ sudo cp license.json /etc/kong/license.json

PermalinkStep 3. Setup PostgreSQL

Install PostgreSQL.

Follow the instructions avaialble at https://www.postgresql.org/download/linux/redhat/ to install a supported version of PostgreSQL. Kong supports version 9.5 and higher. As an example, you can run a command set similar to:
```
 $ sudo yum install https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
 $ sudo yum install postgresql96
 $ sudo yum install postgresql96-server
```

Initialize the PostgreSQL database and enable automatic start.

 $ sudo /usr/pgsql-9.6/bin/postgresql96-setup initdb
 $ sudo systemctl enable postgresql-9.6
 $ sudo systemctl start postgresql-9.6

Switch to PostgreSQL user and launch PostgreSQL.
```
 $ sudo -i -u postgres
 $ psql
```
Create a Kong database with a username and password.

⚠️Note: Make sure the username and password for the Kong Database are kept safe. This example uses a simple username and password for illustration purposes only. Note the database name, username and password for later.
```
 $ psql> CREATE USER kong; CREATE DATABASE kong OWNER kong; ALTER USER kong WITH password 'kong';
```
Exit from PostgreSQL and return to your terminal account.
```
 $ psql> \q
 $ exit
```

Edit the the PostgreSQL configuration file /var/lib/pgsql/9.6/data/pg_hba.conf using your preferred editor.

Under IPv4 local connections replace ident with md5:

Protocol	Type	Database	User	Address	Method
IPv4 local	host	all	all	127.0.0.1/32	md5
IPv6 local	host	all	all	1/128	ident

PostgreSQL uses ident authentication by default. To allow the kong user to communicate with the database locally, change the authentication method to md5 by modifying the PostgreSQL configuration file.

Restart PostgreSQL.

 $ sudo systemctl restart postgresql-9.6

PermalinkStep 4. Modify Kong’s configuration file to work with PostgreSQL

Make a copy of Kong’s default configuration file.

 $ sudo cp /etc/kong/kong.conf.default /etc/kong/kong.conf

Uncomment and update the PostgreSQL database properties in /etc/kong/kong.conf using your preferred text editor. Replace pg_user, pg_password and pg_database with the values:
```
 pg_user = kong
 pg_password = kong
 pg_database = kong
```

PermalinkStep 5. Seed the Super Admin password and bootstrap Kong

Setting a password for the Super Admin before initial start-up is strongly recommended. This will permit the use of RBAC (Role Based Access Control) at a later time, if needed.

Create an environment variable with the desired Super Admin password and store the password in a safe place. Run migrations to prepare the Kong database:
```
 $ sudo KONG_PASSWORD=<password-only-you-know> /usr/local/bin/kong migrations bootstrap -c /etc/kong/kong.conf
```

Start Kong Enterprise:

 $ sudo /usr/local/bin/kong start -c /etc/kong/kong.conf

Verify Kong Enterprise is working:

 $ curl -i -X GET --url http://localhost:8001/services

You should receive a HTTP/1.1 200 OK message.

PermalinkStep 6. Finalize your Configuration and Verify Kong was Successfully installed:

PermalinkEnable and Configure Kong Manager

To access Kong Enterprise’s Graphical User Interface, Kong Manager, update the admin_gui_url property in /etc/kong/kong.conf file to the DNS, or IP address, of the CentOS system. For example:
```
 admin_gui_url = http://<DNSorIP>:8002
```
This setting needs to resolve to a network path that will reach the CentOS host.
It is necessary to update the administration API setting to listen on the needed network interfaces on the CentOS host. A setting of 0.0.0.0:8001 will listen on port 8001 on all available network interfaces.
```
 admin_listen = 0.0.0.0:8001, 0.0.0.0:8444 ssl
```

You may also list network interfaces separately as in this example:

 admin_listen = 0.0.0.0:8001, 0.0.0.0:8444 ssl, 127.0.0.1:8001, 127.0.0.1:8444 ssl

Restart Kong for the setting to take effect:
```
 $ sudo /usr/local/bin/kong restart
```
You may now access Kong Manager on port 8002.

PermalinkEnable the Developer Portal

Kong Enterprise’s Developer Portal can be enabled by setting the portal property to on and setting the portal_gui_host property to the DNS, or IP address, of the CentOS system. For example:
```
 portal = on
 portal_gui_host = <DNSorIP>:8003
```
Restart Kong for the setting to take effect:
```
 $ sudo /usr/local/bin/kong restart
```
The final step is to enable the Developer Portal. To do this, execute the following command, updating DNSorIP to reflect the IP or valid DNS for the CentOS system.
```
 $ curl -X PATCH http://<DNSorIP>:8001/workspaces/default   --data "config.portal=true"
```
You can now access the Developer Portal on the default workspace with a URL like:
```
 http://<DNSorIP>:8003/default
```

PermalinkTroubleshooting

If you did not receive an HTTP/1.1 200 OK message, or need assistance completing your setup, reach out to your Kong Support contact or go to the Support Portal.

PermalinkNext Steps

Check out Kong Enterprise’s series of Getting Started guides to get the most out of Kong Enterprise.