Kong Gateway HA Setup Across Two Sites (Active-Active or Active-Passive)

techhadoop

Kong Gateway HA Setup Across Two Sites (Active-Active or Active-Passive)

To set up Kong Gateway in High Availability (HA) mode across two sites, each with two servers, you need a shared database, load balancing, and synchronization between sites.

🔹 Deployment Overview

🔹 2 Sites: Each site has 2 Kong nodes
🔹 Database: Shared PostgreSQL or Cassandra for synchronization
🔹 Load Balancer: Needed at each site for traffic distribution
🔹 Service Discovery: DNS or Consul for routing

🔹 Architecture Options

1️. Active-Active (Multi-Region Load Balancing)

  • All four Kong nodes are active and share traffic
  • Requires database replication between sites
  • Needs global load balancing (GSLB)

2️. Active-Passive (Failover Setup)

  • Site 1 is active, Site 2 is standby
  • Failover handled by DNS or Load Balancer
  • PostgreSQL in replication mode

 Step-by-Step Kong Gateway HA Setup

1️. Install Kong on All Nodes

Install Kong on all four servers across the two sites:

curl -Lo kong.rpm “https://download.konghq.com/gateway-3.x-rpm/kong-3.x.el7.amd64.rpm”

sudo yum install -y kong.rpm

or for Debian-based systems:

curl -Lo kong.deb “https://download.konghq.com/gateway-3.x-ubuntu/kong-3.x.all.deb”

sudo dpkg -i kong.deb

2️. Setup Shared Database (PostgreSQL Recommended)

 Install PostgreSQL on a separate database cluster
Enable replication between Site 1 and Site 2

On the primary DB node (Site 1):

sudo -u postgres psql

CREATE USER kong WITH PASSWORD ‘kongpass’;

CREATE DATABASE kong OWNER kong;

On all Kong nodes, update kong.conf:

database = postgres

pg_host = <DB-PRIMARY-IP>

pg_port = 5432

pg_user = kong

pg_password = kongpass

Then, run migrations (only once):

kong migrations bootstrap

On replica DB node (Site 2): Enable PostgreSQL replication.

3️. Start Kong on All Nodes

After configuring kong.conf, start Kong on all four nodes:

kong start

Verify the setup:

kong health

4️. Configure Load Balancing for Kong Nodes

Each site should have a local load balancer (e.g., Nginx, HAProxy, AWS ELB, or F5) that distributes traffic to Kong nodes.

 HAProxy Config:

frontend kong_frontend

    bind *:8000

    default_backend kong_backend

backend kong_backend

    balance roundrobin

    server kong1 <KONG_NODE1>:8000 check

    server kong2 <KONG_NODE2>:8000 check

For Active-Active, use GSLB or Anycast to balance across regions.

For Active-Passive, failover is managed by health checks.

5️. Synchronize Configuration Across Sites

Use Kong Config Sync to keep both sites in sync:

kong config db_export kong.yaml

scp kong.yaml site2:/etc/kong/kong.yaml

kong config db_import kong.yaml

Alternatively, use deck (DecK) for automated sync:

deck dump –output kong-config.yaml

deck sync –state kong-config.yaml

6️. Monitor & Maintain HA Setup

Use Prometheus, Grafana, or Kong Manager for monitoring.
Enable health checks:

curl -i http://<kong-ip&gt;:8001/status

Set up PostgreSQL monitoring to detect failover events.

🚀 Final Setup Summary

2 sites, 2 Kong nodes per site
Shared PostgreSQL with replication
Local Load Balancer for each site
Global Load Balancer for Active-Active
–  Automated config sync using DecK

Leave a comment