使用 docker 部署 APISIX的详细介绍
二话不说,上个 docker-compose.yml 为敬!
version: "3" services: apisix-dashboard: image: apache/apisix-dashboard:2.10.1-alpine restart: always volumes: - ./dashboard_conf/conf.yaml:/usr/local/apisix-dashboard/conf/conf.yaml ports: - "4000:9000" networks: apisix: apisix: image: apache/apisix:2.12.1-alpine - ./apisix_log:/usr/local/apisix/logs - ./apisix_conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro depends_on: - etcd ##network_mode: host - "4080:9080/tcp" - "4091:9091/tcp" - "4443:9443/tcp" - "4092:9092/tcp" etcd: image: bitnami/etcd:3.4.15 - etcd_data:/bitnami/etcd environment: ETCD_ENABLE_V2: "true" ALLOW_NONE_AUTHENTICATION: "yes" ETCD_ADVERTISE_CLIENT_URLS: "http://0.0.0.0:2379" ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379" - "2379:2379/tcp" networks: driver: bridge volumes: etcd_data:
可以修改 apisix-dashboard 的 port 和 apisix 的 port。apisix 容器的 9080 端口对应的就是其内部 OpenRestry 监听的端口,这个要选择好,后面反代的端口就是这个。
etcd 就不用修改什么了,默认就好。
apisix_conf/config.yaml
apisix: node_listen: 9080 # APISIX listening port enable_ipv6: false allow_admin: # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow - 0.0.0.0/0 # We need to restrict ip access rules for security. 0.0.0.0/0 is for test. admin_key: - name: "admin" key: edd1c9f034335f136f87ad84b625c8f1 role: admin # admin: manage all configuration data # viewer: only can view configuration data - name: "viewer" key: 4054f7cf07e344346cd3f287985e76a2 role: viewer enable_control: true control: ip: "0.0.0.0" port: 9092 etcd: host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster. - "http://etcd:2379" # multiple etcd address prefix: "/apisix" # apisix configurations prefix timeout: 30 # 30 seconds plugin_attr: prometheus: export_addr: ip: "0.0.0.0" port: 9091
这里需要修改 admin_key,座位 AdminAPI 的认证 key
dashboard_conf/conf.yaml
conf: listen: host: 0.0.0.0 # `manager api` listening ip or host name port: 9000 # `manager api` listening port allow_list: # If we don't set any IP list, then any IP access is allowed by default. - 0.0.0.0/0 etcd: endpoints: # supports defining multiple etcd host addresses for an etcd cluster - "http://etcd:2379" # yamllint disable rule:comments-indentation # etcd basic auth info # username: "root" # ignore etcd username if not enable etcd auth # password: "123456" # ignore etcd password if not enable etcd auth mtls: key_file: "" # Path of your self-signed client side key cert_file: "" # Path of your self-signed client side cert ca_file: "" # Path of your self-signed ca cert, the CA is used to sign callers' certificates # prefix: /apisix # apisix config's prefix in etcd, /apisix by default log: error_log: level: warn # supports levels, lower to higher: debug, info, warn, error, panic, fatal file_path: logs/error.log # supports relative path, absolute path, standard output # such as: logs/error.log, /tmp/logs/error.log, /dev/stdout, /dev/stderr access_log: logs/access.log # supports relative path, absolute path, standard output # such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr # log example: 2020-12-09T16:38:09.039+0800 INFO filter/logging.go:46 /apisix/admin/routes/r1 {"status": 401, "host": "127.0.0.1:9000", "query": "asdfsafd=adf&a=a", "requestId": "3d50ecb8-758c-46d1-af5b-cd9d1c820156", "latency": 0, "remoteIP": "127.0.0.1", "method": "PUT", "errs": []} authentication: secret: secret # secret for jwt token generation. # NOTE: Highly recommended to modify this value to protect `manager api`. # if it's default value, when `manager api` start, it will generate a random string to replace it. expire_time: 3600 # jwt token expire time, in second users: # yamllint enable rule:comments-indentation - username: admin # username and password for login `manager api` password: admin - username: user password: user plugins: # plugin list (sorted in alphabetical order) - api-breaker - authz-keycloak - basic-auth - batch-requests - consumer-restriction - cors # - dubbo-proxy - echo # - error-log-logger # - example-plugin - fault-injection - grpc-transcode - hmac-auth - http-logger - ip-restriction - jwt-auth - kafka-logger - key-auth - limit-conn - limit-count - limit-req # - log-rotate # - node-status - openid-connect - prometheus - proxy-cache - proxy-mirror - proxy-rewrite - redirect - referer-restriction - request-id - request-validation - response-rewrite - serverless-post-function - serverless-pre-function # - skywalking - sls-logger - syslog - tcp-logger - udp-logger - uri-blocker - wolf-rbac - zipkin - server-info - traffic-split
这里需要修改的是 users 中的账号和密码作为登陆的凭证
以上内容都可以在官方的 apisix_docker 仓库中的 example 找到。apisix github
到此这篇关于使用 docker 部署 APISIX的文章就介绍到这了,更多相关docker 部署 APISIX内容请搜索我们以前的文章或继续浏览下面的相关文章希望大家以后多多支持我们!
赞 (0)