Docker image won't stand up when KONG_PLUGINS is set

[JonathanLorimer]

I am using this script to startup kong from a docker container. Whenever the environment variable KONG_PLUGINS is set the image doesn't load properly; if I run docker ps I can't see it. However, the postgres image is fine. Additionally, when I do not have the KONG_PLUGINS env var set, the docker image starts up just fine, but then I am obviously not able to configure my custom plugin.

#!/usr/bin/env bash

dOcker network create sb-public-api-net

docker run -d --name sb-api-db \
              --network=sb-public-api-net \
               -p 5432:5432 \
               -e "POSTGRES_USER=kong" \
               -e "POSTGRES_DB=kong" \
               postgres:9.6

sleep 10 #This is to give the postgres db time to spin up in the container

docker run --rm \
     --network=sb-public-api-net \
     -e "KONG_DATABASE=postgres" \
     -e "KONG_PG_HOST=sb-api-db" \
     kong:latest kong migrations bootstrap

path=`pwd`
pluginPath=${path/scripts/plugins}

docker run -d --name smartbuildings-public-api \
     --network=sb-public-api-net \
     -e "KONG_DATABASE=postgres" \
     -e "KONG_PG_HOST=sb-api-db" \
     -e "KONG_UPTSTREAM_URL=127.0.0.1" \
     -e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
     -e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
     -e "KONG_PROXY_ERROR_LOG=/dev/stderr" \
     -e "KONG_ADMIN_ERROR_LOG=/dev/stderr" \
     -e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
     -e "KONG_LUA_PACKAGE_PATH=/externals/?.lua;;" \
     -e "KONG_PLUGINS=bundled,permission-middleware" \
     -e "KONG_LOG_LEVEL=debug" \
     -v "$pluginPath:/externals/kong/plugins" \
     -p 8000:8000 \
     -p 8443:8443 \
     -p 8001:8001 \
     -p 8444:8444 \
     kong:latest

If anyone has any idea why this might be happening, their help would be greatly appreciated.

[JonathanLorimer]

As another note, when I go into the docker image via docker exec and change etc/kong/kong.conf manually, then run kong start -c /etc/kong/kong.conf --vv the output only shows plugins = {"bundled"}. However, when i run kong reload -c /etc/kong/kong.conf --vv I see plugins = {"bundled","permission-middleware"}, but obviously the kong instance doesn't start because one is already running (I get this error Error: /usr/local/share/lua/5.1/kong/cmd/start.lua:24: Kong is already running in /usr/local/kong)

[JonathanLorimer]

Okay, I seem to have resolved the issue where my custom plugin wasn't being loaded on kong reload. However, now when I do a kong reload with the verbose flag it DOES show that my custom plugin is loaded, but when I query the admin endpoint it only shows the bundled plugin. Additionally, if I try to run my config, which I am using the terraform provider for, I get an error message like this

Error: Error applying plan:

1 error occurred:
    * kong_plugin.permission-middleware: 1 error occurred:
    * kong_plugin.permission-middleware: failed to create kong plugin: &{permission-middleware <nil> <nil> <nil>  map[second:5 hour:1000] 0xc000497468} error: could not create plugin, err: {"message":"schema violation (name: plugin 'permission-middleware' not enabled; add it to the 'plugins' configuration property)","name":"schema violation","fields":{"name":"plugin 'permission-middleware' not enabled; add it to the 'plugins' configuration property"},"code":2}

What is the difference between the plugins property that is output from kong reload -c etc/kong/kong.conf --vv and the plugins property that is output from querying the admin endpoint?

[JonathanLorimer]

Turns out it was an error with the Lua script in my plugin. It might be a good idea to log an error when the docker image doesn't build correctly? Or to note that one should run docker logs <container-id> if the docker image doesn't build correctly.

[hutchic]

We've developed / released some tooling that can assist with this going forward pongo