APISIX 是一個雲原生、高性能、可擴展的微服務 API 網關。
它是基於 Nginx 和 etcd 來實現,和傳統 API 網關相比,APISIX 具備動態路由和插件熱加載,特別適合微服務體系下的 API 管理。
APISIX安裝
首先安裝依賴
https://github.com/apache/incubator-apisix/blob/master/doc/zh-cn/install-dependencies.md
# 安裝 OpenResty, etcd 和 編譯工具
sudo yum install -y etcd openresty curl git gcc luarocks lua-devel
# 開啟 etcd server
sudo service etcd start
依賴openresty的新版本 OpenResty 1.15.8.3。檢查下etcd是否已經正常啟動。
ps aux | grep etcd
etcd 2769 2.2 4.2 10856200 21364 ? Ssl 14:54 0:00 /usr/bin/etcd --name=default --data-dir=/var/lib/etcd/default.etcd --listen-client-urls=http://localhost:2379
可以看到,監聽的端口號是2379.也可以看下etcd的配置,也可以看到端口號。
/etc/etcd/etcd.conf
接下來安裝主角apisix
官方安裝yum安裝
sudo yum install -y https://github.com/apache/incubator-apisix/releases/download/1.3/apisix-1.3-0.el7.noarch.rpm
發現下載不下來,直接下載rpm包手動安裝。
https://github.com/apache/incubator-apisix/releases/download/1.3/apisix-1.3-0.el7.noarch.rpm
手動安裝,並且啟動apisix
rpm -ivh apisix-1.3-0.el7.noarch.rpm
准備中... ################################# [100%]
正在升級/安裝...
1:apisix-1.3-0 ################################# [100%]
apisix start
檢查下apisix是否啟動成功
ps aux | grep nginx
root 2978 0.0 0.5 178996 2616 ? Ss 08:14 0:00 nginx: master process openresty -p /usr/local/apisix -c /usr/local/apisix/conf/nginx.conf
nobody 2979 0.6 2.4 191600 12368 ? R 08:14 0:00 nginx: worker process
nobody 2980 0.1 0.4 173672 2120 ? S 08:14 0:00 nginx: cache manager process
nobody 2981 0.0 0.4 173672 2120 ? S 08:14 0:00 nginx: cache loader process
啟動成功,也可以到apisix的Nginx conf的配置路徑。
APISIX簡單使用
這是官方的入門指南
https://github.com/apache/incubator-apisix/blob/master/doc/zh-cn/getting-started.md
我們先配置下upstream
curl "http://127.0.0.1:9080/apisix/admin/upstreams/50" -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
> {
> "type": "roundrobin",
> "nodes": {
> "127.0.0.1:7080": 1
> }
> }'
{"node":{"value":{"type":"roundrobin","nodes":{"127.0.0.1:7080":1},"hash_on":"vars","id":"50"},"createdIndex":22,"key":"\/apisix\/upstreams\/50","modifiedIndex":22},"prevNode":{"value":"{\"hash_on\":\"vars\",\"id\":\"50\",\"nodes\":{\"httpbin.org:80\":1},\"type\":\"roundrobin\"}","createdIndex":19,"key":"\/apisix\/upstreams\/50","modifiedIndex":19},"action":"set"}
再給剛剛配置的upstream配置router
curl "http://127.0.0.1:9080/apisix/admin/routes/5" -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
> {
> "uri": "/get",
> "host": "httpbin.org",
> "upstream_id": 50
> }'
{"node":{"value":{"host":"httpbin.org","upstream_id":50,"uri":"\/get","priority":0},"createdIndex":25,"key":"\/apisix\/routes\/5","modifiedIndex":25},"prevNode":{"value":"{\"host\":\"httpbin.org\",\"plugins\":{\"proxy-rewrite\":{\"scheme\":\"https\"}},\"uri\":\"\\\/get\",\"upstream_id\":50,\"priority\":0}","createdIndex":24,"key":"\/apisix\/routes\/5","modifiedIndex":24},"action":"set"}
現在的流程就是這樣的的。
終端請求httpbin.org/get->APISIX代理-> 127.0.0.1:7080
我們再啟動一個Nginx服務,使得上游服務 127.0.0.1:7080/get 可以正常提供服務。
vim /usr/local/openresty/nginx/conf/nginx.conf
添加7080的端口服務
server {
listen 7080;
location /get {
echo "success";
}
}
啟動Nginx WEB服務
sudo /usr/local/openresty/nginx/sbin/nginx -c /usr/local/openresty/nginx/conf/nginx.conf
curl 'http://127.0.0.1:7080/get'
success
說明7080能夠正常提供服務了
我們在終端試下是否代理成功
curl -i -X GET "http://127.0.0.1:9080/get?foo1=bar1&foo2=bar2" -H "Host: httpbin.org"
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX web server
Date: Sun, 28 Jun 2020 15:52:03 GMT
success
打印了success,說明整個網絡流程是通暢的。
APISIX控制台安裝
新版本的APISIX已經內置了dashboard可視化WEB控制台,可以很直觀的看到各種router配置、upstream配置等等。
瀏覽器直接訪問就可以打開dashboard
http://127.0.0.1:9080/apisix/dashboard
出現下面的報錯,可能是etced服務忘記啟動了
connection refused
啟動下etcd服務就正常了
service etcd start
如果是虛擬機或者docker機器的話,可能需要打開admin的訪問顯示
vim /usr/local/apisix/conf/config.yaml
找到 allow_admin
- 127.0.0.0/24 該為 - all
就是允許所有IP訪問,生產環境可不能這樣,有非常大的安全風險
正常訪問 http://127.0.0.1:9080/apisix/dashboard 就能在左側的Routes 和 Upstream 看到上面用curl設置的routes和upstream。
etcd 命令行簡單使用
etcd 是一個分布式、可靠的 key-value 存儲的分布式系統,主要用於服務發現。最著名的k8s就是用etcd存儲配置數據的。
命令行主要使用 etcdctl 執行 etcd 命令,先看下幫助菜單
etcdctl -h
NAME:
etcdctl - A simple command line client for etcd.
WARNING:
Environment variable ETCDCTL_API is not set; defaults to etcdctl v2.
Set environment variable ETCDCTL_API=3 to use v3 API or ETCDCTL_API=2 to use v2 API.
USAGE:
etcdctl [global options] command [command options] [arguments...]
VERSION:
3.3.11
COMMANDS:
backup backup an etcd directory
cluster-health check the health of the etcd cluster
mk make a new key with a given value
mkdir make a new directory
rm remove a key or a directory
rmdir removes the key if it is an empty directory or a key-value pair
get retrieve the value of a key
ls retrieve a directory
set set the value of a key
setdir create a new directory or update an existing directory TTL
update update an existing key with a given value
updatedir update an existing directory
watch watch a key for changes
exec-watch watch a key for changes and exec an executable
member member add, remove and list subcommands
user user add, grant and revoke subcommands
role role add, grant and revoke subcommands
auth overall auth controls
最常用幾個命令 ls get set rm rmdir mk mkdir等等,名字都比較通俗易懂。
etcdctl ls
/apisix
etcdctl ls /apisix
/apisix/upstreams
/apisix/node_status
/apisix/ssl
/apisix/routes
/apisix/services
etcdctl ls /apisix/upstreams
/apisix/upstreams/50
etcdctl get /apisix/upstreams/50
{"hash_on":"vars","id":"50","nodes":{"127.0.0.1:7080":1},"type":"roundrobin"}