Kong Proof-of-Concept using Minikube
How to build a proof-of-concept in about 15 minutes
This guide is an update to a previous story of mine.
Why another guide? Because it addresses the same issue in a simpler way.
Generally speaking, simplifying is the art of distilling information. It’s all about organizing ideas and concepts to extract only the meaningful parts.
This guide will get you to a working example of setting up an API gateway from scratch which will use JWT with ACL to authorize a user to reach an endpoint. For other parts, you can refer to the excellent Kong documentation.
“Simplicity is the ultimate sophistication.” Leonardo da Vinci (1452–1519)
Context: Investigating different API gateways
At Sumup we want to investigate differents API Gateways, the context is that we are building API services and need to allow or restrict certain calls based on roles, using auth tokens like JWTs, rate limiting and so on. In short we want some gateway for microservices requests that handle load balancing, logging, authentication, rate-limiting, transformations, and more through plugins. Of course this should be able to scale.
@limoges and me decided to build a quick proof-of-concept to showcase the capabilities of a tool like Kong. This article was built and reviewed with his help.
For more info about plugins and integrations, you can check out the Kong Hub.
Building a showcase for Kong
Before going further with the API Gateway discussions, we wanted to create a proof-of-concept to educate ourselves on the problem space and tools available.
This guide is a short example on how to use setup Kong with a sample application. At SumUp, we are running application in Kubernetes and so we wanted the proof-of-concept to be setup on a Kubernetes cluster.
This proof-of-concept will help us explore all the non-functional requirements of our API Gateway.
On a serious note, this is not a production-ready environment, just a quick and dirty way to create a developer sandbox which they could use to develop.
