APISIX安装

最近，有几个老项目需要做一些限流、安全、灰度发布等这些方面的升级。由于项目中也一直在用Nginx做请求转发。所以在在OpenResty，Kong、APISIX三者之间初步对比了一下。从性能、功能和易用性的角度考虑，最终初步选择APISIX这玩意。

对于安装。我本人是比较偏向于，源码或者二进制手动安装。在安装APISIX时，其他都准备就绪了，就在安装APISIX时，很多代码拉不下来。导致我从源码安装到放弃。最终选择Docker方式

安装etcd

去Githubhttps://github.com/etcd-io/etcd/releases/下载编译好的二进制.

先创建好配置文件。

mkdir -p /etc/etcd/
cd /etc/etcd/
vim etcd.yaml

复制一下内容

# This is the configuration file for the etcd server.

# Human-readable name for this member.
name: 'etcd1'

# Path to the data directory.
data-dir:

# Path to the dedicated wal directory.
wal-dir:

# Number of committed transactions to trigger a snapshot to disk.
snapshot-count: 10000

# Time (in milliseconds) of a heartbeat interval.
heartbeat-interval: 100

# Time (in milliseconds) for an election to timeout.
election-timeout: 1000

# Raise alarms when backend size exceeds the given quota. 0 means use the
# default quota.
quota-backend-bytes: 0

# List of comma separated URLs to listen on for peer traffic.
listen-peer-urls: http://172.31.79.250:2380

# List of comma separated URLs to listen on for client traffic.
listen-client-urls: http://172.31.79.250:2379

# Maximum number of snapshot files to retain (0 is unlimited).
max-snapshots: 5

# Maximum number of wal files to retain (0 is unlimited).
max-wals: 5

# Comma-separated white list of origins for CORS (cross-origin resource sharing).
cors:

# List of this member's peer URLs to advertise to the rest of the cluster.
# The URLs needed to be a comma-separated list.
initial-advertise-peer-urls: http://172.31.79.250:2380

# List of this member's client URLs to advertise to the public.
# The URLs needed to be a comma-separated list.
advertise-client-urls: http://172.31.79.250:2379

# Discovery URL used to bootstrap the cluster.
discovery:

# Valid values include 'exit', 'proxy'
discovery-fallback: 'proxy'

# HTTP proxy to use for traffic to discovery service.
discovery-proxy:

# DNS domain used to bootstrap initial cluster.
discovery-srv:

# Initial cluster configuration for bootstrapping.
initial-cluster:

# Initial cluster token for the etcd cluster during bootstrap.
initial-cluster-token: 'etcd-cluster'

# Initial cluster state ('new' or 'existing').
initial-cluster-state: 'new'

# Reject reconfiguration requests that would cause quorum loss.
strict-reconfig-check: false

# Enable runtime profiling data via HTTP server
enable-pprof: true

# Valid values include 'on', 'readonly', 'off'
proxy: 'off'

# Time (in milliseconds) an endpoint will be held in a failed state.
proxy-failure-wait: 5000

# Time (in milliseconds) of the endpoints refresh interval.
proxy-refresh-interval: 30000

# Time (in milliseconds) for a dial to timeout.
proxy-dial-timeout: 1000

# Time (in milliseconds) for a write to timeout.
proxy-write-timeout: 5000

# Time (in milliseconds) for a read to timeout.
proxy-read-timeout: 0

client-transport-security:
  # Path to the client server TLS cert file.
  cert-file:

  # Path to the client server TLS key file.
  key-file:

  # Enable client cert authentication.
  client-cert-auth: false

  # Path to the client server TLS trusted CA cert file.
  trusted-ca-file:

  # Client TLS using generated certificates
  auto-tls: false

peer-transport-security:
  # Path to the peer server TLS cert file.
  cert-file:

  # Path to the peer server TLS key file.
  key-file:

  # Enable peer client cert authentication.
  client-cert-auth: false

  # Path to the peer server TLS trusted CA cert file.
  trusted-ca-file:

  # Peer TLS using generated certificates.
  auto-tls: false

# The validity period of the self-signed certificate, the unit is year.
self-signed-cert-validity: 1

# Enable debug-level logging for etcd.
log-level: debug

logger: zap

# Specify 'stdout' or 'stderr' to skip journald logging even when running under systemd.
log-outputs: [stderr]

# Force to create a new one member cluster.
force-new-cluster: false

auto-compaction-mode: periodic
auto-compaction-retention: "1"

wget https://github.com/etcd-io/etcd/releases/download/v3.5.7/etcd-v3.5.7-linux-amd64.tar.gz
tar -xvf etcd-v3.5.7-linux-amd64.tar.gz
cd etcd-v3.5.7-linux-amd64
cp -a etcd etcdctl /usr/bin/
nohup etcd --config-file /etc/etcd/etcd.yaml >/tmp/etcd.log 2>&1 &   #后台启动etcd

安装Docker

添加阿里镜像源

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

安装Docker

yum install docker-ce docker-ce-cli containerd.io

启动Docker服务

systemctl start docker

设置Docker开机自动启动

systemctl enable docker

Docker compose安装

下载并安装

curl -SL https://github.com/docker/compose/releases/download/v2.16.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose

上面这个地址非常慢，有时候直接连不通，具体原因，大家肯定都知道。所以下载用国内的镜像地址吧

sudo curl -L https://get.daocloud.io/docker/compose/releases/download/v2.16.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose

去下载源码https://github.com/apache/apisix-docker.git。cd apisix-docker/example进入到example目录

由于etcd我是以二进制方式安装，那么apisix_conf和dashboard_conf里面的etcd配置信息改为实际地址和端口。

etcd:
  host:                           # it's possible to define multiple etcd hosts addresses of the same etcd cluster.
    - "http://172.31.79.250:2379"          # multiple etcd address
  prefix: "/apisix"               # apisix configurations prefix
  timeout: 30                     # 30 seconds

另外docker-compose-arm64.yml里面的ETCD去掉，再去掉depends_on，删除下面这段

depends_on:
  - etcd

接下来执行启动命令docker-compose -f docker-compose-arm64.yml -p docker-apisix up -d

这样，APISIX便搭建好了

我们使用dashboard_conf文件夹中conf.yaml文件里的users属性来登录APISIX.

创建APISIX服务

上游类型可以是，固定维护的节点或者是服务注册

服务注册中心支持目前比较主流的注册中心

这里我们选择的是节点方式


这时候，我们就可以去访问9080端口的/web1/路径

刷新一下页面。请求会转发到另外一个服务上

APISIX初步安装完成，基本功能我们可以基于web UI界面配置完成，还可以借助插件来保护我们的服务，让服务更加稳定、安全。接下来就是进一步的探究APISIX提供的插件。