Running Kong as a Non-Root User

After installing Kong Gateway on a GNU/Linux system, you can configure Kong to run as the built-in kong user and group instead of root. This makes the Nginx master and worker processes run as the built-in kong user and group, overriding any settings in the nginx_user configuration property. It is also possible to run Kong as a custom non-root user.

Prerequisites

Kong Gateway is installed on one of the following Linux distributions:

Run Kong Gateway as the built-in kong user

When Kong Gateway is installed with a package management system such as APT or YUM, a default kong user and a default kong group are created. All the files installed by the package are owned by the kong user and group.

  1. Switch to the built-in kong user:

    1.  $ su kong

  2. Start Kong:

    1.  kong start

Run Kong Gateway as a custom non-root user

It is also possible to run Kong as a custom non-root user. Since all the files installed by the Kong Gateway package are owned by the kong group, a user that belongs to that group should be permitted to perform the same operations as the kong user.

  1. Add the user to the kong group

    1.  sudo usermod -aG kong your-user

  2. Start Kong:

    1.  kong start