usrbinkat/DockerComposeInstall.md

## docker-compose.yaml
version: "3"
networks:
  kong-ee:
volumes:
  certs:
    driver: local
  redis_data:
    driver: local

services:
  ###############################################################################
  redis:
    image: docker.io/bitnami/redis:6.2
    container_name: redis
    hostname: redis
    restart: always
    environment:
      ALLOW_EMPTY_PASSWORD: "yes"
      REDIS_DISABLE_COMMANDS: "FLUSHDB,FLUSHALL"
    ports:
      - '6379:6379'
    volumes:
      - 'redis_data:/bitnami/redis/data'
    networks:
      - kong-ee

  ###############################################################################
  postgres:
    hostname: postgres
    image: docker.io/library/postgres:13
    restart: always
    container_name: postgres
    ports:
      - 5432:5432
    networks:
      - kong-ee
    healthcheck:
      test: [ "CMD", "pg_isready", "-U", "kong" ]
      interval: 10s
      timeout: 5s
      retries: 10
    environment:
      POSTGRES_DB: kong
      POSTGRES_USER: kong
      POSTGRES_PASSWORD: kong
      POSTGRES_HOST_AUTH_METHOD: trust

  ###############################################################################
  bootstrap:
    hostname: bootstrap
    container_name: bootstrap
    image: docker.io/kong/kong-gateway:2.4-alpine
    command: "kong migrations bootstrap ; kong migrations up ; kong migrations finish"
    depends_on:
      postgres:
        condition: service_healthy
    environment:
      KONG_AUDIT_LOG: "on"
      KONG_PASSWORD: ${KONG_PASSWORD:-password}
      KONG_LOG_LEVEL: debug
      KONG_DATABASE: "postgres"
      KONG_PG_HOST: postgres
      KONG_PG_USER: ${KONG_PG_USER:-kong}
      KONG_PG_PASSWORD: ${KONG_PG_PASSWORD:-kong}
      KONG_PG_DATABASE: ${KONG_PG_DATABASE:-kong}
      KONG_LICENSE_DATA: ${KONG_LICENSE_DATA}
    links:
      - postgres:postgres
    networks:
      - kong-ee
    restart: on-failure

  ###############################################################################
  certs:
    hostname: certs
    container_name: certs
    image: docker.io/kong/kong-gateway:2.4-alpine
    user: "${KONG_USER:-root}"
    restart: "no"
    command: "kong hybrid gen_cert /usr/local/kong/certs/cluster.crt /usr/local/kong/certs/cluster.key"
    networks:
      - kong-ee
    depends_on:
      - bootstrap
    volumes:
      - 'certs:/usr/local/kong/certs:z'

  ###############################################################################
  cp:
    hostname: cp
    container_name: cp
    image: kong/kong-gateway:2.4-alpine
    user: "${KONG_USER:-root}"
    restart: on-failure
    networks:
      - kong-ee
    depends_on:
      - redis
      - certs
      - postgres
      - bootstrap
    ports:
      - "8001:8001/tcp"
      - "8002:8002/tcp"
      - "8003:8003/tcp"
      - "8004:8004/tcp"
      - "8005:8005/tcp"
      - "8006:8006/tcp"
      - "8444:8444/tcp"
      - "8445:8445/tcp"
      - "8446:8446/tcp"
      - "8447:8447/tcp"
    environment:
      KONG_ROLE: control_plane
      KONG_PASSWORD: ${KONG_PASSWORD:-password}
      KONG_SMTP_MOCK: "on"
      KONG_ENFORCE_RBAC: "on"
      KONG_LICENSE_DATA: ${KONG_LICENSE_DATA}
      KONG_ADMIN_GUI_AUTH: basic-auth
      KONG_ADMIN_LISTEN: "0.0.0.0:8001, 0.0.0.0:8444 ssl"
      KONG_ADMIN_GUI_URL: http://kong.plutarch.codectl.lab:8002
      KONG_ADMIN_GUI_LISTEN: "0.0.0.0:8002, 0.0.0.0:8445 ssl"
      KONG_ADMIN_GUI_SESSION_CONF: '{"storage": "kong", "secret": "mysecretpassword", "cookie_name": "admin_session", "cookie_samesite":"off", "cookie_secure":false}'
      KONG_ADMIN_ACCESS_LOG: "/dev/stdout"
      KONG_ADMIN_ERROR_LOG: "/dev/stderr"
      KONG_PORTAL: "on"
      KONG_PORTAL_AUTH: basic-auth
      KONG_PORTAL_API_URL: http://kong.plutarch.codectl.lab:8004
      KONG_PORTAL_API_LISTEN: "0.0.0.0:8004, 0.0.0.0:8447 ssl"
      KONG_PORTAL_GUI_HOST: kong.plutarch.codectl.lab:8003
      KONG_PORTAL_GUI_LISTEN: "0.0.0.0:8003, 0.0.0.0:8446 ssl"
      KONG_PORTAL_GUI_PROTOCOL: http
      KONG_PORTAL_SESSION_CONF: '{"storage": "kong", "secret": "mysecretpassword", "cookie_name": "portal_session", "cookie_samesite":"off", "cookie_secure": false}'
      KONG_PORTAL_EMAILS_REPLY_TO: noreply@local.host
      KONG_PORTAL_EMAILS_FROM: noreply@local.host
      KONG_LOG_LEVEL: debug
      KONG_AUDIT_LOG: "on"
      KONG_PG_HOST: postgres
      KONG_PG_USER: ${KONG_PG_USER:-kong}
      KONG_PG_PASSWORD: ${KONG_PG_PASSWORD:-kong}
      KONG_PG_DATABASE: ${KONG_PG_DATABASE:-kong}
      KONG_DATABASE: "postgres"
      KONG_LUA_SSL_TRUSTED_CERTIFICATE: /usr/local/kong/certs/cluster.crt
      KONG_CLUSTER_CERT_KEY: /usr/local/kong/certs/cluster.key
      KONG_CLUSTER_CERT: /usr/local/kong/certs/cluster.crt
      KONG_PORTAL_API_ACCESS_LOG: "/dev/stderr"
      KONG_PORTAL_API_ERROR_LOG: "/dev/stderr"
      KONG_ANONYMOUS_REPORTS: "off"
      KONG_VITALS: "on"
    volumes:
      - 'certs:/usr/local/kong/certs:ro'

  ###############################################################################
  dp:
    hostname: dp
    container_name: dp
    image: kong/kong-gateway:2.4-alpine
    user: "${KONG_USER:-root}"
    restart: on-failure
    networks:
      - kong-ee
    depends_on:
      - cp
      - redis
      - certs
      - postgres
      - bootstrap
    ports:
     - 8080:8080
     - 8443:8443
     - 8100:8100
    environment:
      KONG_ROLE: data_plane
      KONG_PORTAL: "off"
      KONG_DATABASE: "off"
      KONG_STATUS_LISTEN: 0.0.0.0:8100
      KONG_PROXY_LISTEN: "0.0.0.0:8080, 0.0.0.0:8443 ssl"
      KONG_CLUSTER_CONTROL_PLANE: kong.plutarch.codectl.lab:8005
      KONG_CLUSTER_TELEMETRY_ENDPOINT: kong.plutarch.codectl.lab:8006
      KONG_LUA_SSL_TRUSTED_CERTIFICATE: /usr/local/kong/certs/cluster.crt
      KONG_CLUSTER_CERT_KEY: /usr/local/kong/certs/cluster.key
      KONG_CLUSTER_CERT: /usr/local/kong/certs/cluster.crt
      KONG_LICENSE_DATA: ${KONG_LICENSE_DATA}
      KONG_PROXY_ACCESS_LOG: "/dev/stdout"
      KONG_PROXY_ERROR_LOG: "/dev/stderr"
      KONG_LOG_LEVEL: debug
      KONG_AUDIT_LOG: "on"
    volumes:
      - 'certs:/usr/local/kong/certs:ro'

## DockerComposeInstall.md

      
    Raw
  

              DockerComposeInstall.md
            
          
    Local Kong EE Hybrid Install with Docker-compose

Before


Confirm you have Docker and Docker compose installed

If you are on Mac you can install both with Get Docker Desktop for Mac


Create a environment var for you Kong License, KONG_LICENSE_DATA


Create a file with your json license


Create your environment variable KONG_LICENSE_DATA from the above file


export KONG_LICENSE_DATA=`cat /path/to/license.json`; 

Starting/Stopping Kong


From the parent directory of your docker-compose.yaml file

Start Kong with docker-compose

docker-compose up -d


Stop Kong with docker-compose, and 'maintain' state

docker-compose stop


Stop and Remove Kong and related containers with docker-compose

docker-compose down
	version: "3"
	networks:
	kong-ee:
	volumes:
	certs:
	driver: local
	redis_data:
	driver: local

	services:
	###############################################################################
	redis:
	image: docker.io/bitnami/redis:6.2
	container_name: redis
	hostname: redis
	restart: always
	environment:
	ALLOW_EMPTY_PASSWORD: "yes"
	REDIS_DISABLE_COMMANDS: "FLUSHDB,FLUSHALL"
	ports:
	- '6379:6379'
	volumes:
	- 'redis_data:/bitnami/redis/data'
	networks:
	- kong-ee

	###############################################################################
	postgres:
	hostname: postgres
	image: docker.io/library/postgres:13
	restart: always
	container_name: postgres
	ports:
	- 5432:5432
	networks:
	- kong-ee
	healthcheck:
	test: [ "CMD", "pg_isready", "-U", "kong" ]
	interval: 10s
	timeout: 5s
	retries: 10
	environment:
	POSTGRES_DB: kong
	POSTGRES_USER: kong
	POSTGRES_PASSWORD: kong
	POSTGRES_HOST_AUTH_METHOD: trust

	###############################################################################
	bootstrap:
	hostname: bootstrap
	container_name: bootstrap
	image: docker.io/kong/kong-gateway:2.4-alpine
	command: "kong migrations bootstrap ; kong migrations up ; kong migrations finish"
	depends_on:
	postgres:
	condition: service_healthy
	environment:
	KONG_AUDIT_LOG: "on"
	KONG_PASSWORD: ${KONG_PASSWORD:-password}
	KONG_LOG_LEVEL: debug
	KONG_DATABASE: "postgres"
	KONG_PG_HOST: postgres
	KONG_PG_USER: ${KONG_PG_USER:-kong}
	KONG_PG_PASSWORD: ${KONG_PG_PASSWORD:-kong}
	KONG_PG_DATABASE: ${KONG_PG_DATABASE:-kong}
	KONG_LICENSE_DATA: ${KONG_LICENSE_DATA}
	links:
	- postgres:postgres
	networks:
	- kong-ee
	restart: on-failure

	###############################################################################
	certs:
	hostname: certs
	container_name: certs
	image: docker.io/kong/kong-gateway:2.4-alpine
	user: "${KONG_USER:-root}"
	restart: "no"
	command: "kong hybrid gen_cert /usr/local/kong/certs/cluster.crt /usr/local/kong/certs/cluster.key"
	networks:
	- kong-ee
	depends_on:
	- bootstrap
	volumes:
	- 'certs:/usr/local/kong/certs:z'

	###############################################################################
	cp:
	hostname: cp
	container_name: cp
	image: kong/kong-gateway:2.4-alpine
	user: "${KONG_USER:-root}"
	restart: on-failure
	networks:
	- kong-ee
	depends_on:
	- redis
	- certs
	- postgres
	- bootstrap
	ports:
	- "8001:8001/tcp"
	- "8002:8002/tcp"
	- "8003:8003/tcp"
	- "8004:8004/tcp"
	- "8005:8005/tcp"
	- "8006:8006/tcp"
	- "8444:8444/tcp"
	- "8445:8445/tcp"
	- "8446:8446/tcp"
	- "8447:8447/tcp"
	environment:
	KONG_ROLE: control_plane
	KONG_PASSWORD: ${KONG_PASSWORD:-password}
	KONG_SMTP_MOCK: "on"
	KONG_ENFORCE_RBAC: "on"
	KONG_LICENSE_DATA: ${KONG_LICENSE_DATA}
	KONG_ADMIN_GUI_AUTH: basic-auth
	KONG_ADMIN_LISTEN: "0.0.0.0:8001, 0.0.0.0:8444 ssl"
	KONG_ADMIN_GUI_URL: http://kong.plutarch.codectl.lab:8002
	KONG_ADMIN_GUI_LISTEN: "0.0.0.0:8002, 0.0.0.0:8445 ssl"
	KONG_ADMIN_GUI_SESSION_CONF: '{"storage": "kong", "secret": "mysecretpassword", "cookie_name": "admin_session", "cookie_samesite":"off", "cookie_secure":false}'
	KONG_ADMIN_ACCESS_LOG: "/dev/stdout"
	KONG_ADMIN_ERROR_LOG: "/dev/stderr"
	KONG_PORTAL: "on"
	KONG_PORTAL_AUTH: basic-auth
	KONG_PORTAL_API_URL: http://kong.plutarch.codectl.lab:8004
	KONG_PORTAL_API_LISTEN: "0.0.0.0:8004, 0.0.0.0:8447 ssl"
	KONG_PORTAL_GUI_HOST: kong.plutarch.codectl.lab:8003
	KONG_PORTAL_GUI_LISTEN: "0.0.0.0:8003, 0.0.0.0:8446 ssl"
	KONG_PORTAL_GUI_PROTOCOL: http
	KONG_PORTAL_SESSION_CONF: '{"storage": "kong", "secret": "mysecretpassword", "cookie_name": "portal_session", "cookie_samesite":"off", "cookie_secure": false}'
	KONG_PORTAL_EMAILS_REPLY_TO: noreply@local.host
	KONG_PORTAL_EMAILS_FROM: noreply@local.host
	KONG_LOG_LEVEL: debug
	KONG_AUDIT_LOG: "on"
	KONG_PG_HOST: postgres
	KONG_PG_USER: ${KONG_PG_USER:-kong}
	KONG_PG_PASSWORD: ${KONG_PG_PASSWORD:-kong}
	KONG_PG_DATABASE: ${KONG_PG_DATABASE:-kong}
	KONG_DATABASE: "postgres"
	KONG_LUA_SSL_TRUSTED_CERTIFICATE: /usr/local/kong/certs/cluster.crt
	KONG_CLUSTER_CERT_KEY: /usr/local/kong/certs/cluster.key
	KONG_CLUSTER_CERT: /usr/local/kong/certs/cluster.crt
	KONG_PORTAL_API_ACCESS_LOG: "/dev/stderr"
	KONG_PORTAL_API_ERROR_LOG: "/dev/stderr"
	KONG_ANONYMOUS_REPORTS: "off"
	KONG_VITALS: "on"
	volumes:
	- 'certs:/usr/local/kong/certs:ro'

	###############################################################################
	dp:
	hostname: dp
	container_name: dp
	image: kong/kong-gateway:2.4-alpine
	user: "${KONG_USER:-root}"
	restart: on-failure
	networks:
	- kong-ee
	depends_on:
	- cp
	- redis
	- certs
	- postgres
	- bootstrap
	ports:
	- 8080:8080
	- 8443:8443
	- 8100:8100
	environment:
	KONG_ROLE: data_plane
	KONG_PORTAL: "off"
	KONG_DATABASE: "off"
	KONG_STATUS_LISTEN: 0.0.0.0:8100
	KONG_PROXY_LISTEN: "0.0.0.0:8080, 0.0.0.0:8443 ssl"
	KONG_CLUSTER_CONTROL_PLANE: kong.plutarch.codectl.lab:8005
	KONG_CLUSTER_TELEMETRY_ENDPOINT: kong.plutarch.codectl.lab:8006
	KONG_LUA_SSL_TRUSTED_CERTIFICATE: /usr/local/kong/certs/cluster.crt
	KONG_CLUSTER_CERT_KEY: /usr/local/kong/certs/cluster.key
	KONG_CLUSTER_CERT: /usr/local/kong/certs/cluster.crt
	KONG_LICENSE_DATA: ${KONG_LICENSE_DATA}
	KONG_PROXY_ACCESS_LOG: "/dev/stdout"
	KONG_PROXY_ERROR_LOG: "/dev/stderr"
	KONG_LOG_LEVEL: debug
	KONG_AUDIT_LOG: "on"
	volumes:
	- 'certs:/usr/local/kong/certs:ro'