Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Kong manager not connecting to kong admin API #719

Open
andresmorago opened this issue Aug 30, 2024 · 6 comments
Open

Kong manager not connecting to kong admin API #719

andresmorago opened this issue Aug 30, 2024 · 6 comments
Labels
pending author feedback Waiting for the issue author to get back to a maintainer with findings, more details, etc...

Comments

@andresmorago
Copy link

Hello everyone,

I'm currently deploying a Docker Compose setup on my server, and I'm facing issues with accessing Kong Manager. It seems like the port mapping in my docker-compose.yml file isn't working correctly.

The primary goal is to access Kong Manager from a remote machine. Kong is running on my server, and I've customized the mapped ports. However, Kong Manager still tries to access port 8001 using my server's external IP instead of routing through Docker.

Here is the error that i see on the web page

image

as well as in the console
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://172.30.19.123:8001/workspaces?size=1000. (Reason: CORS request did not succeed). Status code: (null).

Here is my current docker-compose.yml

services:
  kong-database:
    image: postgres:13
    container_name: kong-database
    restart: unless-stopped
    networks:
      - subred_fcv_04
    environment:
      POSTGRES_USER: kong
      POSTGRES_DB: kong
      POSTGRES_PASSWORD: kongpass
    volumes:
      - ./kong_db:/var/lib/postgresql/data

  kong-gateway:
    image: kong/kong-gateway:3.7.1.2
    container_name: kong-gateway
    restart: unless-stopped
    networks:
      - subred_fcv_01
      - subred_fcv_04
      - subred_fcv_03

    ports:
      - "28000:8000" #Takes incoming HTTP traffic from Consumers, and forwards it to upstream Services.
      - "28002:8002" #Kong Manager (GUI). Listens for HTTP traffic.

    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-database
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: kongpass
      KONG_PROXY_ACCESS_LOG: /dev/stdout
      KONG_ADMIN_ACCESS_LOG: /dev/stdout
      KONG_PROXY_ERROR_LOG: /dev/stderr
      KONG_ADMIN_ERROR_LOG: /dev/stderr
      KONG_ADMIN_LISTEN: 0.0.0.0:8001
#      KONG_ADMIN_GUI_LISTEN: http://0.0.0.0:8002     
      KONG_ADMIN_GUI_URL: http://0.0.0.0:8002
#      KONG_ADMIN_GUI_URL: "*"
#      KONG_ADMIN_GUI_PATH: /

    command: kong migrations bootstrap
    depends_on:
      - kong-database
    volumes:
      - ./kong_data:/app/logs

  konga:
    image: pantsel/konga
    container_name: konga
    restart: unless-stopped
    networks:
      - subred_fcv_04  
    ports:
      - "1337:1337"
    depends_on:
      - kong-gateway
    volumes:
      - ./konga:/app/kongadata

volumes:
  kong_data:
  kong_db:
  konga:

networks:
  subred_fcv_01:
    external: true
  subred_fcv_04:
    external: true
  subred_fcv_03:
    external: true
    
@andresmorago andresmorago changed the title Kong manager not conneting to kong admin API c Aug 30, 2024
@andresmorago andresmorago changed the title c Kong manager not connecting to kong admin API Aug 30, 2024
@teneous
Copy link

teneous commented Sep 11, 2024

I have the same issue, if I use this config, it works well .

kong:
    image: kong:latest
    ports:
      - "8000:8000"   # Proxy Port 
      - "8001:8001"  # Admin API
      - "8002:8002"   # Admin WEB
      - "8444:8444"   # SSL WEB
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-database
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: kong
      KONG_ADMIN_LISTEN: 0.0.0.0:8001, 0.0.0.0:8444 ssl
      KONG_ADMIN_GUI_PATH: '/'
      KONG_ADMIN_GUI_URL: http://localhost:8002/manager
      KONG_PROXY_ACCESS_LOG: /var/log/kong/access.log
      KONG_PROXY_ERROR_LOG: /var/log/kong/error.log
      KONG_ADMIN_ACCESS_LOG: /var/log/kong/admin_access.log
      KONG_ADMIN_ERROR_LOG: /var/log/kong/admin_error.log

if I change 8002 to 18002, the admin page won't show any data.

  kong:
    image: kong:latest
    ports:
      - "18000:8000"   # Proxy Port 
      - "18001:8001"  # Admin API
      - "18002:8002"   # Admin WEB
      - "18444:8444"   # SSL WEB
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-database
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: kong
      KONG_ADMIN_LISTEN: 0.0.0.0:8001, 0.0.0.0:8444 ssl
      KONG_ADMIN_GUI_PATH: '/'
      KONG_ADMIN_GUI_URL: http://localhost:8002/manager
      KONG_PROXY_ACCESS_LOG: /var/log/kong/access.log
      KONG_PROXY_ERROR_LOG: /var/log/kong/error.log
      KONG_ADMIN_ACCESS_LOG: /var/log/kong/admin_access.log
      KONG_ADMIN_ERROR_LOG: /var/log/kong/admin_error.log
image

@teneous
Copy link

teneous commented Sep 11, 2024

I have the same issue, if I use this config, it works well .

kong:
    image: kong:latest
    ports:
      - "8000:8000"   # Proxy Port 
      - "8001:8001"  # Admin API
      - "8002:8002"   # Admin WEB
      - "8444:8444"   # SSL WEB
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-database
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: kong
      KONG_ADMIN_LISTEN: 0.0.0.0:8001, 0.0.0.0:8444 ssl
      KONG_ADMIN_GUI_PATH: '/'
      KONG_ADMIN_GUI_URL: http://localhost:8002/manager
      KONG_PROXY_ACCESS_LOG: /var/log/kong/access.log
      KONG_PROXY_ERROR_LOG: /var/log/kong/error.log
      KONG_ADMIN_ACCESS_LOG: /var/log/kong/admin_access.log
      KONG_ADMIN_ERROR_LOG: /var/log/kong/admin_error.log

if I change 8002 to 18002, the admin page won't show any data.

  kong:
    image: kong:latest
    ports:
      - "18000:8000"   # Proxy Port 
      - "18001:8001"  # Admin API
      - "18002:8002"   # Admin WEB
      - "18444:8444"   # SSL WEB
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-database
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: kong
      KONG_ADMIN_LISTEN: 0.0.0.0:8001, 0.0.0.0:8444 ssl
      KONG_ADMIN_GUI_PATH: '/'
      KONG_ADMIN_GUI_URL: http://localhost:8002/manager
      KONG_PROXY_ACCESS_LOG: /var/log/kong/access.log
      KONG_PROXY_ERROR_LOG: /var/log/kong/error.log
      KONG_ADMIN_ACCESS_LOG: /var/log/kong/admin_access.log
      KONG_ADMIN_ERROR_LOG: /var/log/kong/admin_error.log
image

At final, I found the reason. when you wanna use another port instead of 8002 and 8001. You have to add this line

  kong:
    image: kong:latest
    ports:
      - "18000:8000"   # Proxy Port 
      - "18001:8001"  # Admin API
      - "18002:8002"   # Admin WEB
      - "18444:8444"   # SSL WEB
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-database
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: kong
      KONG_ADMIN_LISTEN: 0.0.0.0:8001, 0.0.0.0:8444 ssl
      KONG_ADMIN_GUI_PATH: '/'
      KONG_ADMIN_GUI_API_URL: http://localhost:18001  # this is very important , it helps manger to fetch data 
      KONG_ADMIN_GUI_URL: http://localhost:18002/manager  # this is to specify the access url
      KONG_PROXY_ACCESS_LOG: /var/log/kong/access.log
      KONG_PROXY_ERROR_LOG: /var/log/kong/error.log
      KONG_ADMIN_ACCESS_LOG: /var/log/kong/admin_access.log
      KONG_ADMIN_ERROR_LOG: /var/log/kong/admin_error.log
    volumes:
      - ./logs:/var/log/kong

check official reference at here : https://github.com/Kong/kong/blob/master/kong.conf.default

image image

@chobits
Copy link

chobits commented Sep 23, 2024

hi @andresmorago , do you think @teneous 's solution could work for you?

@nowNick nowNick added the pending author feedback Waiting for the issue author to get back to a maintainer with findings, more details, etc... label Sep 30, 2024
@wurst44
Copy link

wurst44 commented Oct 8, 2024

I am facing a similar CORS problem when using docker compose and a reverse proxy that issues a cert for a single TDL over 443. I can override the ports by using KONG_ADMIN_GUI_API_URL (else the GUI wants to connect to 8444) but the GUI won't connect to the API with 405 method not allowed. My nginx reverse proxy is pointing to the GUI on 8002.

image

KONG_PROXY_LISTEN: "${KONG_PROXY_LISTEN:-0.0.0.0:8076}"
KONG_ADMIN_LISTEN: "${KONG_ADMIN_LISTEN:-0.0.0.0:8001}"
KONG_ADMIN_GUI_LISTEN: "${KONG_ADMIN_GUI_LISTEN:-0.0.0.0:8002}"
KONG_ADMIN_GUI_API_URL: https://kong.test.com
# KONG_ADMIN_GUI_URL: http://localhost:8002/manager  

Has anybody this constellation working?

@timkrest
Copy link

If you’re enabling SSL, make sure to add certificates to the following environment variables:

KONG_SSL_CERT: "/path/to/kong.crt"
KONG_SSL_CERT_KEY: "/path/to/kong.key"
KONG_ADMIN_SSL_CERT: "/path/to/kong.crt"
KONG_ADMIN_SSL_CERT_KEY: "/path/to/kong.key"
KONG_ADMIN_GUI_SSL_CERT: "/path/to/kong.crt"
KONG_ADMIN_GUI_SSL_CERT_KEY: "/path/to/kong.key"

@malvinpratama
Copy link

can we not expose admin api port and KONG_ADMIN_GUI_API_URL use internal network docker like http://service_name:admin_api_port ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
pending author feedback Waiting for the issue author to get back to a maintainer with findings, more details, etc...
Projects
None yet
Development

No branches or pull requests

7 participants