Node-red on docker-compose with Kong gateway

I have aa docker-composes environment wheree all the services are routed and protected through a KONG gateway.

I recently added aa node-red service to the infrastructure but I can't seem to make it fully work.

The interface allows me to edit and deploy new flows, but I can keep getting the "Lost connection to the server" message, and I cannot ddebug on the web interface.

I suspect that it's a misssconfiguration on the kong route or service that might be blocking the wss traffic.

Anyone has any experience combining all this?

Or, you have done something in your flows that is causing node-red to crash and restart.

Is there any logging on this device?

Happens even with empty flows.
And the flows work. But can't do web debug and keep getting that "disconnected" message

Did you manage to configure Kong Gateway ?
I've been experimenting with it also a few months ago.

Im sharing my docker-compose file and Kong config .yml file (db-less).
Most of the Kong plugins are disabled and are just there for testing based on this Tutorial

docker-compose.yml

version: '3.3'


services:
  kong:
    image: kong
    volumes:
      - "./config:/usr/local/kong/declarative"

    environment:
      - KONG_DATABASE=off
      - KONG_DECLARATIVE_CONFIG=/usr/local/kong/declarative/kong.yml
      - KONG_PROXY_ACCESS_LOG=/dev/stdout
      - KONG_ADMIN_ACCESS_LOG=/dev/stdout
      - KONG_PROXY_ERROR_LOG=/dev/stderr
      - KONG_ADMIN_ERROR_LOG=/dev/stderr
      - KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl
      - KONG_LOG_LEVEL=debug
      - KONG_PLUGINS=bundled

    ports:
      - "8000:8000/tcp"
      - "127.0.0.1:7990:8001/tcp"
      - "8001:8001/tcp"
      - "8443:8443/tcp"
      - "127.0.0.1:8444:8444/tcp"

kong.yml (in ./config folder)

_format_version: "2.1"

services:

- name: nodered-server
  url: https://192.168.0.7:1880
  routes:
  - name: nodered
    paths:
    - /

consumers:
- username: user

basicauth_credentials:
- consumer: user
  username: Aladdin
  password: OpenSesame

keyauth_credentials:
- consumer: user
  key: abc


acls:
- consumer: user
  group: group1


plugins:

- name: request-size-limiting
  config: 
    allowed_payload_size: 1
    size_unit: kilobytes
    require_content_length: false
  enabled: false


- name: request-termination
  config: 
    status_code: 403
#    message: So long and thanks for all the fish!
    body: "{a:b}"
    content_type: "application/json; charset=utf-8"
    trigger: "q"
  enabled: false


- name: acl
  config: 
    allow:
    - group1
    hide_groups_header: true
  enabled: false


- name: basic-auth
  config: 
    hide_credentials: true
  enabled: false


- name: key-auth
  config: 
    key_names:
    - apikey
    key_in_body: false
    key_in_header: true
    key_in_query: true
    hide_credentials: false
    run_on_preflight: true
  enabled: false


- name: proxy-cache
  config: 
    response_code:
    - 200
    request_method:
    - GET
    - HEAD
    content_type:
    - text/plain
    - application/json
    - application/json; charset=utf-8
    cache_ttl: 300
    strategy: memory
  enabled: false


- name: bot-detection
  config:
    deny:
    - "(C|c)hrome"
    - "curl"
  enabled: false


- name: cors
  config:
    origins:
    - '*'
    methods:
    - GET
    - POST
    headers:
    - Accept
    - Accept-Version
    - Content-Length
    - Content-MD5
    - Content-Type
    - Date
    - X-Auth-Token
    - Authorization

    exposed_headers:
    - X-Auth-Token
    credentials: true
    max_age: 3600
    preflight_continue: false


- name: rate-limiting
  config: 
#    second: 5
    hour: 100
    policy: local
    fault_tolerant: true
    hide_client_headers: false
    redis_ssl: false
    redis_ssl_verify: false
# comment these if you don't want to store rate limiting data in redis
#    policy: redis
#    redis_host: 172.27.59.36
#    redis_password: example
  enabled: false


- name: ip-restriction
  config: 
    deny:
    - 172.28.64.0/24
    status: 401
    message: cannot grant access

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.