Category: Kong

Kong: Name resolution failed

Sometimes when calling a service on kong you might get a response like this

HTTP/1.1 503 Service Temporarily Unavailable
Connection: keep-alive
Content-Length: 36
Content-Type: application/json; charset=utf-8
Date: Thu, 02 Apr 2020 09:28:06 GMT
Server: kong/2.0.1
X-Kong-Response-Latency: 12

    "message": "name resolution failed"

What does it mean?

Kong cannot access the upstream

Make sure the corret protocol http or https is used.
Also if the upstream's SSL cannot be verified then

Kong: Failure to get a peer from the ring-balancer

Ever seen this error when calling kong:

HTTP/1.1 503 Service Temporarily Unavailable
Connection: keep-alive
Content-Length: 59
Content-Type: application/json; charset=utf-8
Date: Wed, 28 Aug 2019 08:08:01 GMT
Server: kong/0.14.1

    "message": "failure to get a peer from the ring-balancer"

What does it mean?

We it cannot access any of the upstreams or all of the upstreams are unhealthy.

It pretty much means Kong could connect to none of the backend services in the upstream pool.

Remember to ensure at least one upstream is healthy, otherwise unhealthy upstreams are ignored.



Generate a letencrypt ssl certificate for kong api gateway

So you have installed kong and you are ready for it to go into production. Whoops, nossl certificate yet? It is important that you add it as credentials will be moving between your gateway and credentials could be acquired by any party in between the client and your server.

But the standalone nginx plugin for cerbot does not work from my testing. As it is built on nginx, kong is not nginx.

Easiest Way is to Install Nginx

If Kong is running on port 80 then stop it: sudo systemctl stop kong

Install Nginx:

sudo apt install nginx

Install Certbot for nginx on your operating system

Get your certificates with the cert-only option:

sudo certbot --nginx certonly

When that completes it will tell you where your certificates and keyfile are:

Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/
Your key file has been saved at: /etc/letsencrypt/live/

Add these locations to ssl_cert and ssl_cert_key respectively.
Also make sure ssl = on

Stop Nginx:

sudo systemctl stop nginx
sudo systemctl start kong

Remove nginx:

sudo apt remove nginx