centos7 系统 apache-apisix 网关 docker 安装

本文档详细介绍了如何在Docker环境下安装和配置Apache APISIX,包括依赖的etcd服务设置,APISIX的配置文件创建与挂载,以及Apache APISIX Dashboard的安装步骤。通过这些步骤,你可以快速搭建起一个具备动态路由、热插件加载等功能的API网关。
摘要由CSDN通过智能技术生成

1. 简介

APISIX 是一个云原生、高性能、可扩展的微服务 API 开源网关,基于OpenResty(Nginx+Lua)和etcd来实现,对比传统的API网关,具有动态路由和热插件加载的特点。系统本身自带前端,可以手动配置路由、负载均衡、限速限流、身份验证等插件,操作方便。APISIX是用Lua语言开发,语言相对简单,容易上手,同时可以按自己的需求进行系统的二次开发以及开发自己的插件。

2. 安装

Apache APISIX 运行时环境需要依赖 NGINX 和 etcd。
本文apache apisix 安装未docker 安装,请确保本机以安装docker,并确保宿主机能正常访问互联网。

2.1 安装etcd 依赖

运行命令:

docker run -d --name etcd-server \
    --publish 2379:2379 \
    --publish 2380:2380 \
    --env ALLOW_NONE_AUTHENTICATION=yes \
    --env ETCD_ADVERTISE_CLIENT_URLS=http://etcd-server:2379 \
    bitnami/etcd:latest

如果本地镜像不存在,docker会拉取最新 etcd镜像。拉取成功后,会运行 etcd镜像。可通过dockers ps -a 查看是否启动成功。

注意,最新版的 etcd 默认情况 enable-v2 不启动,需要手动配置 enable-v2 为启动状态。
查询命令:

docker exec -it etcd-server bash
etcd --help |grep enable-v2

在这里插入图片描述
手动配置 enable-v2

etcd --enable-v2=true

在这里插入图片描述

2.2 apache-apisix 安装

创建宿主机配置文件:config.yaml,用于apisix 配位文件挂在
创建宿主机日志目录: 用于备份apisix 日志
config.yaml 路径: /home/apisix-docker/example/apisix_conf/config.yaml
config.yaml 文件内容:

apisix:
  node_listen: 9080              # APISIX listening port
  enable_ipv6: false

  node_listen: 9080              # APISIX listening port
  enable_ipv6: false

  allow_admin:                  # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
                                # We need to restrict ip access rules for security. 0.0.0.0/0 is for test.

  admin_key:
    - name: "admin"
      key: edd1c9f034335f136f87ad84b625c8f1
      role: admin                 # admin: manage all configuration data
                                  # viewer: only can view configuration data
    - name: "viewer"
      key: 4054f7cf07e344346cd3f287985e76a2
      role: viewer

etcd:
  host:                           # it's possible to define multiple etcd hosts addresses of the same etcd cluster.
    - "http://172.30.129.22:2379"     # multiple etcd address
  prefix: "/apisix"               # apisix configurations prefix
  timeout: 30                     # 30 seconds

plugin_attr:
  prometheus:
    export_addr:
      ip: "0.0.0.0"
      port: 9091

home/apisix-docker/example 路径下 创建 apisix_log 目录。
运行docker 命令录取apisix 镜像:
最新版的 apache-apisix-dashboard 为 v2.7 ,对应的 apache-apisix 版本为 2.6

docker pull apache/apisix:2.6-centos

运行命令启动 apache-apisix 镜像

 docker run   --name apache-apisix  \
-v /home/apisix-docker/example/apisix_conf/config.yaml:/usr/local/apisix/conf/config.yaml \
-v /home/apisix-docker/example/apisix_log:/usr/local/apisix/logs  \
-p 9080:9080 \
-p 9443:9443 \
-d apache/apisix:2.6-centos

2.3 apache-apisix-dashboard 安装

拉取镜像:

docker pull apache/apisix-dashboard:2.7

配置文件路径:/home/apisix-docker/example/dashboard_conf(可自定义路径)
配置文件名称:conf.yaml
配置文件内容:

#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

conf:
  listen:
    host: 0.0.0.0     # `manager api` listening ip or host name
    port: 9000          # `manager api` listening port
  allow_list:           # If we don't set any IP list, then any IP access is allowed by default.
    
  etcd:
    endpoints:          # supports defining multiple etcd host addresses for an etcd cluster
      - "http://etcd:2379"
                          # yamllint disable rule:comments-indentation
                          # etcd basic auth info
    # username: "root"    # ignore etcd username if not enable etcd auth
    # password: "123456"  # ignore etcd password if not enable etcd auth
    mtls:
      key_file: ""          # Path of your self-signed client side key
      cert_file: ""         # Path of your self-signed client side cert
      ca_file: ""           # Path of your self-signed ca cert, the CA is used to sign callers' certificates
    # prefix: /apisix     # apisix config's prefix in etcd, /apisix by default
  log:
    error_log:
      level: warn       # supports levels, lower to higher: debug, info, warn, error, panic, fatal
      file_path:
        logs/error.log  # supports relative path, absolute path, standard output
                        # such as: logs/error.log, /tmp/logs/error.log, /dev/stdout, /dev/stderr
    access_log:
      file_path:
        logs/access.log  # supports relative path, absolute path, standard output
                         # such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr
                         # log example: 2020-12-09T16:38:09.039+0800	INFO	filter/logging.go:46	/apisix/admin/routes/r1	{"status": 401, "host": "127.0.0.1:9000", "query": "asdfsafd=adf&a=a", "requestId": "3d50ecb8-758c-46d1-af5b-cd9d1c820156", "latency": 0, "remoteIP": "127.0.0.1", "method": "PUT", "errs": []}
authentication:
  secret:
    secret              # secret for jwt token generation.
                        # NOTE: Highly recommended to modify this value to protect `manager api`.
                        # if it's default value, when `manager api` start, it will generate a random string to replace it.
  expire_time: 3600     # jwt token expire time, in second
  users:                # yamllint enable rule:comments-indentation
    - username: admin   # username and password for login `manager api`
      password: admin
    - username: user
      password: user

plugins:                          # plugin list (sorted in alphabetical order)
  - api-breaker
  - authz-keycloak
  - basic-auth
  - batch-requests
  - consumer-restriction
  - cors
  # - dubbo-proxy
  - echo
  # - error-log-logger
  # - example-plugin
  - fault-injection
  - grpc-transcode
  - hmac-auth
  - http-logger
  - ip-restriction
  - jwt-auth
  - kafka-logger
  - key-auth
  - limit-conn
  - limit-count
  - limit-req
  # - log-rotate
  # - node-status
  - openid-connect
  - prometheus
  - proxy-cache
  - proxy-mirror
  - proxy-rewrite
  - redirect
  - referer-restriction
  - request-id
  - request-validation
  - response-rewrite
  - serverless-post-function
  - serverless-pre-function
  # - skywalking
  - sls-logger
  - syslog
  - tcp-logger
  - udp-logger
  - uri-blocker
  - wolf-rbac
  - zipkin
  - server-info
  - traffic-split

修改
etcd:
endpoints:
- “http://etcd:2379”

endpoints 配置为宿主机IP+2379(http://192.168.1.119:2379)

运行命令启动 apache-apisix-dashboard.

docker run   --name apisix-dashboard \
-p 9000:9000 \
-v /home/apisix-docker/example/dashboard_conf/conf.yaml:/usr/local/apisix-dashboard/conf/conf.yaml \
-d apache/apisix-dashboard:2.7

2.4 查看启动情况

运行命令:docker ps -a
在这里插入图片描述
访问dashborad 界面: http://宿主机ip:9000/apisix/dashboard
用户名和密码 都是 admin
在这里插入图片描述

评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值