Closed ofg closed 5 years ago
Follow Steps here. Use centos 1.0.3 kong image
I am running into some issues with this myself. It looks like something may have changed on the CE version side. This https://www.jerney.io/secure-apis-kong-keycloak-1/ does not relly work for me as expected either. In my case when I introduce KONG-PLUGINS=oidc
environment variable, all other plugins in my kong cluster disappear leaving only oidc plugin in the custom plugin tab section of plugins tab (Konga UI). If remove this KONG-PLUGINS=oidc
all other plugins come up. I have even tried KONG-PLUGINS=bundled,oidc
as adviced by some other folks in the websphere, to no avail. This time around my pods just hang.
So I gave a shot again a few minutes after I wrote my notes by looking at this documentation closely
plugins
Comma-separated list of names of plugins this node should load. By default, only plugins bundled in official distributions are loaded via the bundled keyword.
Loading a plugin does not enable it by default, but only instructs Kong to load its source code, and allows to configure the plugin via the various related Admin API endpoints.
The specified name(s) will be substituted as such in the Lua namespace: kong.plugins.{name}.*.
When the off keyword is specified as the only value, no plugins will be loaded.
bundled and plugin names can be mixed together, as the following examples suggest:
plugins=bundled,custom-auth,custom-log will include the bundled plugins plus two custom ones
plugins=custom-auth,custom-log will only include the custom-auth and custom-log plugins.
plugins=off will not include any plugins
Note: Kong will not start if some plugins were previously configured (i.e. have rows in the database) and are not specified in this list. Before disabling a plugin, ensure all instances of it are removed before restarting Kong.
Note: Limiting the amount of available plugins can improve P99 latency when experiencing LRU churning in the database cache (i.e. when the configured mem_cache_size is full.
Default: bundled
and got everything working.
I am setting: KONG_PLUGINS=bundled,oidc
and works as expected, since 0.14. KONGunderscore
PLUGINS not dash
.
This is also good plugin which is based on oidc and resty https://bitbucket.org/gt_tech/jwks_aware_oauth_jwt_access_token_validator/src/master/
I solved the issue: While installing the plugin name is kong-oidc
, for activation at startup the plugin name is oidc
. It works with this Dockerfile
FROM kong:1.0.3
ENV KONG_PLUGINS=bundled,kong-spec-expose,oidc
# install Kong's Spec Expose plugin
RUN luarocks install kong-spec-expose
# install kong-oidc plugin from https://github.com/nokia/kong-oidc/
RUN luarocks install kong-oidc
After installing the plugin on top of kong:1.0.3 docker container I get the following error during startup:
The plugin
kong-spec-expose
is working normally and can be configured / used.I have installed
kong-oidc
plugin in kong:1.0.3 docker container with following Dockerfile:docker build -t kong:oidc-test .
give the following build output:Any hints?