对于安装。我本人是比较偏向于,源码或者二进制手动安装。在安装APISIX时,其他都准备就绪了,就在安装APISIX时,很多代码拉不下来。导致我从源码安装到放弃。最终选择Docker方式。
最近,有几个老项目需要做一些限流、安全、灰度发布等这些方面的升级。由于项目中也一直在用Nginx做请求转发。所以在在OpenResty,Kong、APISIX三者之间初步对比了一下。从性能、功能和易用性的角度考虑,最终初步选择APISIX这玩意。
对于安装。我本人是比较偏向于,源码或者二进制手动安装。在安装APISIX时,其他都准备就绪了,就在安装APISIX时,很多代码拉不下来。导致我从源码安装到放弃。最终选择Docker方式
安装etcd
去Githubhttps://github.com/etcd-io/etcd/releases/下载编译好的二进制.
先创建好配置文件。
mkdir -p /etc/etcd/
cd /etc/etcd/
vim etcd.yaml
复制一下内容
# This is the configuration file for the etcd server.
# Human-readable name for this member.
name: 'etcd1'
# Path to the data directory.
data-dir:
# Path to the dedicated wal directory.
wal-dir:
# Number of committed transactions to trigger a snapshot to disk.
snapshot-count: 10000
# Time (in milliseconds) of a heartbeat interval.
heartbeat-interval: 100
# Time (in milliseconds) for an election to timeout.
election-timeout: 1000
# Raise alarms when backend size exceeds the given quota. 0 means use the
# default quota.
quota-backend-bytes: 0
# List of comma separated URLs to listen on for peer traffic.
listen-peer-urls: http://172.31.79.250:2380
# List of comma separated URLs to listen on for client traffic.
listen-client-urls: http://172.31.79.250:2379
# Maximum number of snapshot files to retain (0 is unlimited).
max-snapshots: 5
# Maximum number of wal files to retain (0 is unlimited).
max-wals: 5
# Comma-separated white list of origins for CORS (cross-origin resource sharing).
cors:
# List of this member's peer URLs to advertise to the rest of the cluster.
# The URLs needed to be a comma-separated list.
initial-advertise-peer-urls: http://172.31.79.250:2380
# List of this member's client URLs to advertise to the public.
# The URLs needed to be a comma-separated list.
advertise-client-urls: http://172.31.79.250:2379
# Discovery URL used to bootstrap the cluster.
discovery:
# Valid values include 'exit', 'proxy'
discovery-fallback: 'proxy'
# HTTP proxy to use for traffic to discovery service.
discovery-proxy:
# DNS domain used to bootstrap initial cluster.
discovery-srv:
# Initial cluster configuration for bootstrapping.
initial-cluster:
# Initial cluster token for the etcd cluster during bootstrap.
initial-cluster-token: 'etcd-cluster'
# Initial cluster state ('new' or 'existing').
initial-cluster-state: 'new'
# Reject reconfiguration requests that would cause quorum loss.
strict-reconfig-check: false
# Enable runtime profiling data via HTTP server
enable-pprof: true
# Valid values include 'on', 'readonly', 'off'
proxy: 'off'
# Time (in milliseconds) an endpoint will be held in a failed state.
proxy-failure-wait: 5000
# Time (in milliseconds) of the endpoints refresh interval.
proxy-refresh-interval: 30000
# Time (in milliseconds) for a dial to timeout.
proxy-dial-timeout: 1000
# Time (in milliseconds) for a write to timeout.
proxy-write-timeout: 5000
# Time (in milliseconds) for a read to timeout.
proxy-read-timeout: 0
client-transport-security:
# Path to the client server TLS cert file.
cert-file:
# Path to the client server TLS key file.
key-file:
# Enable client cert authentication.
client-cert-auth: false
# Path to the client server TLS trusted CA cert file.
trusted-ca-file:
# Client TLS using generated certificates
auto-tls: false
peer-transport-security:
# Path to the peer server TLS cert file.
cert-file:
# Path to the peer server TLS key file.
key-file:
# Enable peer client cert authentication.
client-cert-auth: false
# Path to the peer server TLS trusted CA cert file.
trusted-ca-file:
# Peer TLS using generated certificates.
auto-tls: false
# The validity period of the self-signed certificate, the unit is year.
self-signed-cert-validity: 1
# Enable debug-level logging for etcd.
log-level: debug
logger: zap
# Specify 'stdout' or 'stderr' to skip journald logging even when running under systemd.
log-outputs: [stderr]
# Force to create a new one member cluster.
force-new-cluster: false
auto-compaction-mode: periodic
auto-compaction-retention: "1"
wget https://github.com/etcd-io/etcd/releases/download/v3.5.7/etcd-v3.5.7-linux-amd64.tar.gz
tar -xvf etcd-v3.5.7-linux-amd64.tar.gz
cd etcd-v3.5.7-linux-amd64
cp -a etcd etcdctl /usr/bin/
nohup etcd --config-file /etc/etcd/etcd.yaml >/tmp/etcd.log 2>&1 & #后台启动etcd
安装Docker
添加阿里镜像源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装Docker
yum install docker-ce docker-ce-cli containerd.io
启动Docker服务
设置Docker开机自动启动
Docker compose安装
下载并安装
curl -SL https://github.com/docker/compose/releases/download/v2
上面这个地址非常慢,有时候直接连不通,具体原因,大家肯定都知道。所以下载用国内的镜像地址吧
sudo curl -L https://get.daocloud.io/docker/compose/releases/download/v2.16.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
去下载源码https://github.com/apache/apisix-docker.git。cd apisix-docker/example进入到example目录
由于etcd我是以二进制方式安装,那么apisix_conf和dashboard_conf里面的etcd配置信息改为实际地址和端口。
etcd:
host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster.
- "http://172.31.79.250:2379" # multiple etcd address
prefix: "/apisix" # apisix configurations prefix
timeout: 30 # 30 seconds
另外docker-compose-arm64.yml里面的ETCD去掉,再去掉depends_on,删除下面这段
接下来执行启动命令docker-compose -f docker-compose-arm64.yml -p docker-apisix up -d
这样,APISIX便搭建好了
我们使用dashboard_conf文件夹中conf.yaml文件里的users属性来登录APISIX.
创建APISIX服务
上游类型可以是,固定维护的节点或者是服务注册
服务注册中心支持目前比较主流的注册中心
这里我们选择的是节点方式
这时候,我们就可以去访问9080端口的/web1/路径
刷新一下页面。请求会转发到另外一个服务上
APISIX初步安装完成,基本功能我们可以基于web UI界面配置完成,还可以借助插件来保护我们的服务,让服务更加稳定、安全。接下来就是进一步的探究APISIX提供的插件。
