conf:
listen:
host: 0.0.0.0 # `manager api` listening ip or host name
port: 9000 # `manager api` listening port
allow_list: # If we dont set any IP list, then any IP access is allowed by default.
– 0.0.0.0/0
etcd:
endpoints: # supports defining multiple etcd host addresses for an etcd cluster
– “http://etcd:2379”
# yamllint disable rule:comments-indentation
# etcd basic auth info
# username: “root” # ignore etcd username if not enable etcd auth
# password: “123456” # ignore etcd password if not enable etcd auth
mtls:
key_file: “” # Path of your self-signed client side key
cert_file: “” # Path of your self-signed client side cert
ca_file: “” # Path of your self-signed ca cert, the CA is used to sign callers certificates
# prefix: /apisix # apisix configs prefix in etcd, /apisix by default
log:
error_log:
level: warn # supports levels, lower to higher: debug, info, warn, error, panic, fatal
file_path:
logs/error.log # supports relative path, absolute path, standard output
# such as: logs/error.log, /tmp/logs/error.log, /dev/stdout, /dev/stderr
access_log:
logs/access.log # supports relative path, absolute path, standard output
# such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr
# log example: 2020-12-09T16:38:09.039+0800 INFO filter/logging.go:46 /apisix/admin/routes/r1 {“status”: 401, “host”: “127.0.0.1:9000”, “query”: “asdfsafd=adf&a=a”, “requestId”: “3d50ecb8-758c-46d1-af5b-cd9d1c820156”, “latency”: 0, “remoteIP”: “127.0.0.1”, “method”: “PUT”, “errs”: []}
authentication:
secret:
secret # secret for jwt token generation.
# NOTE: Highly recommended to modify this value to protect `manager api`.
# if its default value, when `manager api` start, it will generate a random string to replace it.
expire_time: 3600 # jwt token expire time, in second
users: # yamllint enable rule:comments-indentation
– username: admin # username and password for login `manager api`
password: admin
– username: user
password: user
plugins: # plugin list (sorted in alphabetical order)
– api-breaker
– authz-keycloak
– basic-auth
– batch-requests
– consumer-restriction
– cors
# – dubbo-proxy
– echo
# – error-log-logger
# – example-plugin
– fault-injection
– grpc-transcode
– hmac-auth
– http-logger
– ip-restriction
– jwt-auth
– kafka-logger
– key-auth
– limit-conn
– limit-count
– limit-req
# – log-rotate
# – node-status
– openid-connect
– prometheus
– proxy-cache
– proxy-mirror
– proxy-rewrite
– redirect
– referer-restriction
– request-id
– request-validation
– response-rewrite
– serverless-post-function
– serverless-pre-function
# – skywalking
– sls-logger
– syslog
– tcp-logger
– udp-logger
– uri-blocker
– wolf-rbac
– zipkin
– server-info
– traffic-split