This tutorial shows you how to create a custom Kong Gateway plugin with Go programming language. The sample plugin I created adds an extra layer for security between consumers and producers. The way it works is it identifies consumers through a consumer-key from a query string. Without this parameter, they'll get an error message.
About Kong Gateway Go Plugins
At Kong Summit 2019, Kong announced that users could develop plugins for Kong Gateway with Go programming language.
To dive deeper into how Kong supports Go programming, visit the Kong Gateway documentation.
Blog Post: Creating Your First Custom Lua Plugin for Kong Gateway >>
How I Built a Kong Gateway Go Plugin
I used declarative configuration (decK) to create my custom Go plugin for Kong Gateway.
In my file, I have services with routes and paths. It will redirect the https://reqres.in/api/users?page=2 URL.
At the same time, I have a custom plugin that will check the API key before the redirect occurs. It will run like a proxy service.
I'll start writing the plugin from my empty Go file called key-checker.go. I'll import the Go PDK file, which allows my Go plugin to access functionality provided by the Kong PDK. To use it, I'll add github.com/kong/go-pdk to the list of packages imported by my plugin.
Next, I'll create a struct for configuration to represent the config parameters in the config.yaml config file.
I need to add a function called "New." Doing this returns an interface.
After that, I'll create a func. In Go programming language, figure out the request and response handlers for the processing lifecycle. I'll make a func called "Access," which gets the requests and responds.
With Func (conf Config) Access(kong *pdk.PDK) type, I'm getting the key parameter from the URL, and I need the parameter in the config file. For example, apiKey := conf.Apikey. If there’s an error, the system will log it.
Docker File: Create a Builder Image and Copy
In the Docker file, I created a builder image and copied my local files into it.
After that, I got the files to build an image into the Kong image.
The Go plugin server's role is to dynamically load the Go plugins and execute their code on demand. Kong handles the go-pluginserver lifecycle. All it needs to know is where to find the go-pluginserver's executable.
In this case, I'll do this by running Docker images using the default path. Therefore, I don’t need an extra parameter. When you build a Kong plugin, you should use the same compiler version, configuration, environment variables, etc., with the Go plugin server. To guarantee consistency, I've built my custom Go plugin server in the same Docker image.
After that, copy the built files into the Kong image.
Run Related Comments on the Terminal
My plugin is ready to run as a container.
After that, I’m going to run the image as a container.
I’m defining some paths, such as plugins directory or configuration files directory. Now we can call our service, and we’ll get a response. It’s running as a container.
I'll call my proxy service. You should see that the proxy service didn’t work because there was an incorrect API key.
I'll try it with the actual API key.
Now you should have reached the correct JSON form of data.
This plugin works like middleware and tries to find the correct key for each request.
What Custom Plugins Will You Build With Go?
Kong Go plugins help enhance your API gateway. In my example, I've just begun to explore how plugins can allow Kong Gateway to gain expanded capabilities. If you'd like a more in-depth look at some of the things you can build, check out the following resources.
Once you've successfully set up Kong Gateway plugins with Go, you may find these other tutorials helpful:
- How to Use the Kong Gateway JWT Plugin for Service Authentication
- 4 Steps to Authorizing Services With the Kong Gateway OAuth2 Plugin
- Getting Started With Kuma Service Mesh
Have questions or want to stay in touch with the Kong community? Join us wherever you hang out: