Automating Kong api gateway setup with Terraform

Automating Kong api gateway setup with Terraform

This post is part of the tutorial series about using Kong api gateway in your technology stack.

In this part of tutorial we will go through the steps of automating Kong api platform setup. Using the commands we manually did in the previous tutorial part.

We will follow the infrastructure as a code pattern, which will allow us to recreate this setup every time we need it in the future.

What will we build?

By the end of this tutorial you will have a set of Terraform scripts to automatically provision and setup Kong api gateway instance on Digital Ocean platform.

It will become useful set for the future Kong tutorials on Popularowl as you can recreate the fresh Kong api gateway automatically, within minutes.

You can find the source code of files created in this tutorials on GitHub.

Prerequisites

1. Automated VM creation

In our tutorials we aim for showing real world setup and configuration even while building proof of concept projects. This includes automation and infrastructure as code. It allows for reusability, time saving and reducing errors while building the cloud VMs.

In the previous tutorial, we documented the steps to use Terraform for a basic cloud VM setup.

Following steps are built on the foundations of this basic setup. You can get it from GitHub or visit the actual totorial to build your own.

2. Install Kong and datastore

In this step we are going to use shell script from files directory.

Add the following shell commands to files/setup.sh:

# update and install dependencies
apt-get update
apt-get install -y apt-transport-https curl lsb-core

# linux opend files limit setup
ulimit -n 4096

# setup postgresql database
# create kong db user & kong database
apt-get install -y postgresql postgresql-contrib
su - postgres -c "createuser -s kong"
sudo -u postgres psql -c "ALTER USER kong WITH PASSWORD 'kong';"
su - postgres -c "createdb kong"

# install the Kong api gateway
echo "deb https://kong.bintray.com/kong-deb `lsb_release -sc` main" | sudo tee -a /etc/apt/sources.list
curl -o bintray.key https://bintray.com/user/downloadSubjectPublicKey?username=bintray
apt-key add bintray.key
apt-get update
apt-get install -y kong

# bootstrap & start Kong
cd /etc/kong &&
cp /tmp/kong.conf /etc/kong/kong.conf
kong migrations bootstrap [-c kong.conf]
kong start [-c kong.conf]

# setup debian firewall
# only allow ports 22 & 8000
apt-get -y install ufw
ufw status verbose
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow 22
ufw allow 8000
ufw allow 8001
yes | ufw enable

The steps in this script will install PostgreSQL server, setup the db user, database and permissions, install Kong and configure the firewall.

3. Kong configuration file

In files directory create another file called files/kong.conf. It will hold configuration settings for Kong api gateway.

database = postgres

pg_host = 127.0.0.1
pg_port = 5432
pg_timeout = 5000

pg_user = kong
pg_password = kong
pg_database = kong

4. Instruct Terraform to copy files

Next, we have to instruct Terraform to copy the files to new VM.

We use file provisioner to accomplish this. Add the following to main.tf

# copy the files
provisioner "file" {
source = "files/kong.conf"
destination = "/tmp/kong.conf"
}

provisioner "file" {
source = "files/setup.sh"
destination = "/tmp/setup.sh"
}
...

5. Update Terraform exec steps

Now we can update the remote-exec provisioner steps to run setup.sh after the VM setup is done.

Update main.tf

# run all the necessary commands via ssh shell 
provisioner "remote-exec" {
inline = [
# update & install dependencies
"apt-get update",
"chmod 755 /tmp/setup.sh",
"/tmp/setup.sh"
]
}
...

6. Destroy and Recreate Kong api gateway

After you make all the changes, run terraform destroy and terraform plan followed by terraform apply again.

You will see Terraform deleting the previous VM and creating the new VM with updated setup within minutes.

Summary

We have now created a simple Terraform project which allows us to quickly spin up Kong api gateway for future tutorial parts.

All the source code for files we have created / update in the above steps you can find on GitHub.

Similar posts: