二话不说,上个 docker-compose.yml 为敬!
?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
version: “3”
services:
image: apache/apisix-dashboard:2.10.1-alpine
restart: always
volumes:
ports:
– “4000:9000”
networks:
apisix:
apisix:
image: apache/apisix:2.12.1-alpine
– ./apisix_log:/usr/local/apisix/logs
– ./apisix_conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro
depends_on:
– etcd
##network_mode: host
– “4080:9080/tcp”
– “4091:9091/tcp”
– “4443:9443/tcp”
– “4092:9092/tcp”
etcd:
image: bitnami/etcd:3.4.15
– etcd_data:/bitnami/etcd
environment:
ETCD_ENABLE_V2: “true”
ALLOW_NONE_AUTHENTICATION: “yes”
ETCD_ADVERTISE_CLIENT_URLS: “http://0.0.0.0:2379”
ETCD_LISTEN_CLIENT_URLS: “http://0.0.0.0:2379”
– “2379:2379/tcp”
networks:
driver: bridge
volumes:
etcd_data:
可以修改 apisix-dashboard 的 port 和 apisix 的 port。apisix 容器的 9080 端口对应的就是其内部 OpenRestry 监听的端口,这个要选择好,后面反代的端口就是这个。
etcd 就不用修改什么了,默认就好。
apisix_conf/config.yaml
?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
apisix:
node_listen: 9080 # APISIX listening port
enable_ipv6: false
allow_admin: # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
– 0.0.0.0/0 # We need to restrict ip access rules for security. 0.0.0.0/0 is for test.
admin_key:
– name: “admin”
key: edd1c9f034335f136f87ad84b625c8f1
role: admin # admin: manage all configuration data
# viewer: only can view configuration data
– name: “viewer”
key: 4054f7cf07e344346cd3f287985e76a2
role: viewer
enable_control: true
control:
ip: “0.0.0.0”
port: 9092
etcd:
host: # its possible to define multiple etcd hosts addresses of the same etcd cluster.
– “http://etcd:2379” # multiple etcd address
prefix: “/apisix” # apisix configurations prefix
timeout: 30 # 30 seconds
plugin_attr:
prometheus:
export_addr:
ip: “0.0.0.0”
port: 9091
这里需要修改 admin_key,座位 AdminAPI 的认证 key
dashboard_conf/conf.yaml
?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
conf:
listen:
host: 0.0.0.0 # `manager api` listening ip or host name
port: 9000 # `manager api` listening port
allow_list: # If we dont set any IP list, then any IP access is allowed by default.
– 0.0.0.0/0
etcd:
endpoints: # supports defining multiple etcd host addresses for an etcd cluster
– “http://etcd:2379”
# yamllint disable rule:comments-indentation
# etcd basic auth info
# username: “root” # ignore etcd username if not enable etcd auth
# password: “123456” # ignore etcd password if not enable etcd auth
mtls:
key_file: “” # Path of your self-signed client side key
cert_file: “” # Path of your self-signed client side cert
ca_file: “” # Path of your self-signed ca cert, the CA is used to sign callers certificates
# prefix: /apisix # apisix configs prefix in etcd, /apisix by default
log:
error_log:
level: warn # supports levels, lower to higher: debug, info, warn, error, panic, fatal
file_path:
logs/error.log # supports relative path, absolute path, standard output
# such as: logs/error.log, /tmp/logs/error.log, /dev/stdout, /dev/stderr
access_log:
logs/access.log # supports relative path, absolute path, standard output
# such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr
# log example: 2020-12-09T16:38:09.039+0800 INFO filter/logging.go:46 /apisix/admin/routes/r1 {“status”: 401, “host”: “127.0.0.1:9000”, “query”: “asdfsafd=adf&a=a”, “requestId”: “3d50ecb8-758c-46d1-af5b-cd9d1c820156”, “latency”: 0, “remoteIP”: “127.0.0.1”, “method”: “PUT”, “errs”: []}
authentication:
secret:
secret # secret for jwt token generation.
# NOTE: Highly recommended to modify this value to protect `manager api`.
# if its default value, when `manager api` start, it will generate a random string to replace it.
expire_time: 3600 # jwt token expire time, in second
users: # yamllint enable rule:comments-indentation
– username: admin # username and password for login `manager api`
password: admin
– username: user
password: user
plugins: # plugin list (sorted in alphabetical order)
– api-breaker
– authz-keycloak
– basic-auth
– batch-requests
– consumer-restriction
– cors
# – dubbo-proxy
– echo
# – error-log-logger
# – example-plugin
– fault-injection
– grpc-transcode
– hmac-auth
– http-logger
– ip-restriction
– jwt-auth
– kafka-logger
– key-auth
– limit-conn
– limit-count
– limit-req
# – log-rotate
# – node-status
– openid-connect
– prometheus
– proxy-cache
– proxy-mirror
– proxy-rewrite
– redirect
– referer-restriction
– request-id
– request-validation
– response-rewrite
– serverless-post-function
– serverless-pre-function
# – skywalking
– sls-logger
– syslog
– tcp-logger
– udp-logger
– uri-blocker
– wolf-rbac
– zipkin
– server-info
– traffic-split
这里需要修改的是 users 中的账号和密码作为登陆的凭证
以上内容都可以在官方的 apisix_docker 仓库中的 example 找到。apisix github
到此这篇关于使用 docker 部署 APISIX的文章就介绍到这了,更多相关docker 部署 APISIX内容请搜索服务器之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持服务器之家!
原文链接:https://www.cnblogs.com/manastudent/p/16016189.html
声明: 猿站网有关资源均来自网络搜集与网友提供,任何涉及商业盈利目的的均不得使用,否则产生的一切后果将由您自己承担! 本平台资源仅供个人学习交流、测试使用 所有内容请在下载后24小时内删除,制止非法恶意传播,不对任何下载或转载者造成的危害负任何法律责任!也请大家支持、购置正版! 。本站一律禁止以任何方式发布或转载任何违法的相关信息访客发现请向站长举报,会员发帖仅代表会员个人观点,并不代表本站赞同其观点和对其真实性负责。本网站的资源部分来源于网络,如有侵权烦请发送邮件至:2697268773@qq.com进行处理。