10.5.1.3310.5.1.9310.5.1.109ETCD_VERSION='3.5.4'wget tar -xvf etcd-v${ETCD_VERSION}-linux-amd64.tar.gzcd etcd-v3.5.4-linux-amd64/ 创建启动脚本etcd-start.sh(10.5.1.33)
TOKEN=token-01CLUSTER_STATE=newNAME_1=machine-1NAME_2=machine-2NAME_3=machine-3HOST_1=10.5.1.33HOST_2=10.5.1.93HOST_3=10.5.1.109CLUSTER=${NAME_1}=http://${HOST_1}:2380,${NAME_2}=http://${HOST_2}:2380,${NAME_3}=http://${HOST_3}:2380THIS_NAME=${NAME_1}THIS_IP=${HOST_1}/data/server/etcd-v3.5.4-linux-amd64/etcd --data-dir=data.etcd --name ${THIS_NAME} \ --initial-advertise-peer-urls 创建启动脚本etcd-start.sh(10.5.1.93)
TOKEN=token-01CLUSTER_STATE=newNAME_1=machine-1NAME_2=machine-2NAME_3=machine-3HOST_1=10.5.1.33HOST_2=10.5.1.93HOST_3=10.5.1.109CLUSTER=${NAME_1}=http://${HOST_1}:2380,${NAME_2}=http://${HOST_2}:2380,${NAME_3}=http://${HOST_3}:2380THIS_NAME=${NAME_2}THIS_IP=${HOST_2}/data/server/etcd-v3.5.4-linux-amd64/etcd --data-dir=data.etcd --name ${THIS_NAME} \ --initial-advertise-peer-urls 创建启动脚本etcd-start.sh(10.5.1.109)
TOKEN=token-01CLUSTER_STATE=newNAME_1=machine-1NAME_2=machine-2NAME_3=machine-3HOST_1=10.5.1.33HOST_2=10.5.1.93HOST_3=10.5.1.109CLUSTER=${NAME_1}=http://${HOST_1}:2380,${NAME_2}=http://${HOST_2}:2380,${NAME_3}=http://${HOST_3}:2380THIS_NAME=${NAME_3}THIS_IP=${HOST_3}/data/server/etcd-v3.5.4-linux-amd64/etcd --data-dir=data.etcd --name ${THIS_NAME} \ --initial-advertise-peer-urls nohup sh etcd-static.sh &./etcdctl --endpoints=10.5.1.33:2379 member list61c3bf180d89e1a6, started, machine-2, http://10.5.1.93:2380, http://10.5.1.93:2379, false789ba48e8fea5046, started, machine-1, http://10.5.1.33:2380, http://10.5.1.33:2379, falseef6722f71326bf23, started, machine-3, http://10.5.1.109:2380, http://10.5.1.109:2379, falsesudo yum install -y https://repos.apiseven.com/packages/centos/apache-apisix-repo-1.0-1.noarch.rpmsudo yum-config-manager --add-repo https://repos.apiseven.com/packages/centos/apache-apisix.reposudo yum install apisixvi /usr/local/apisix/conf/config.yamlapisix: node_listen: - 80etcd: host: - "http://10.5.1.33:2379" - "http://10.5.1.93:2379" - "http://10.5.1.109:2379"apisix initapisix startcurl http://localhost:80这里使用github的加速网址:hub.0z.gs。
sudo yum install -y https://hub.0z.gs/apache/apisix-dashboard/releases/download/v2.13/apisix-dashboard-2.13-0.el7.x86_64.rpmsudo manager-api -p /usr/local/apisix/dashboard/主要配置暴露端口、访问白名单、etcd
# yamllint disable rule:comments-indentationconf: listen: host: 10.5.1.33 # the address on which the `Manager API` should listen. port: 9000 # The port on which the `Manager API` should listen. # ssl: # host: 127.0.0.1 # the address on which the `Manager API` should listen for HTTPS. # The default value is 0.0.0.0, if want to specify, please enable it. # port: 9001 # The port on which the `Manager API` should listen for HTTPS. # cert: "/tmp/cert/example.crt" # Path of your SSL cert. # key: "/tmp/cert/example.key" # Path of your SSL key. allow_list: # If we don't set any IP list, then any IP access is allowed by default. - 0.0.0.0/0 # The rules are checked in sequence until the first match is found. - ::1 # In this example, access is allowed only for IPv4 network 127.0.0.1, and for IPv6 network ::1. # It also support CIDR like 192.168.1.0/24 and 2001:0db8::/32 etcd: endpoints: # supports defining multiple etcd host addresses for an etcd cluster - 10.5.1.33:2379 - 10.5.1.93:2379 - 10.5.1.109:2379 # yamllint disable rule:comments-indentation # etcd basic auth info # username: "root" # ignore etcd username if not enable etcd auth # password: "123456" # ignore etcd password if not enable etcd auth mtls: key_file: "" # Path of your self-signed client side key cert_file: "" # Path of your self-signed client side cert ca_file: "" # Path of your self-signed ca cert, the CA is used to sign callers' certificates # prefix: /apisix # apisix config's prefix in etcd, /apisix by default log: error_log: level: warn # supports levels, lower to higher: debug, info, warn, error, panic, fatal file_path: logs/error.log # supports relative path, absolute path, standard output # such as: logs/error.log, /tmp/logs/error.log, /dev/stdout, /dev/stderr # such as absolute path on Windows: winfile:///C:\error.log access_log: file_path: logs/access.log # supports relative path, absolute path, standard output # such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr # such as absolute path on Windows: winfile:///C:\access.log # log example: 2020-12-09T16:38:09.039+0800 INFO filter/logging.go:46 /apisix/admin/routes/r1 {"status": 401, "host": "127.0.0.1:9000", "query": "asdfsafd=adf&a=a", "requestId": "3d50ecb8-758c-46d1-af5b-cd9d1c820156", "latency": 0, "remoteIP": "127.0.0.1", "method": "PUT", "errs": []} max_cpu: 0 # supports tweaking with the number of OS threads are going to be used for parallelism. Default value: 0 [will use max number of available cpu cores considering hyperthreading (if any)]. If the value is negative, is will not touch the existing parallelism profile. # security: # access_control_allow_origin: "http://httpbin.org" # access_control_allow_credentials: true # support using custom cors configration # access_control_allow_headers: "Authorization" # access_control-allow_methods: "*" # x_frame_options: "deny" # content_security_policy: ""default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'""authentication: secret: secret # secret for jwt token generation. # NOTE: Highly recommended to modify this value to protect `manager api`. # if it's default value, when `manager api` start, it will generate a random string to replace it. expire_time: 3600 # jwt token expire time, in second users: # yamllint enable rule:comments-indentation - username: admin # username and password for login `manager api` password: 123123 - username: user password: 123123plugins: # plugin list (sorted in alphabetical order) - api-breaker - authz-keycloak - basic-auth - batch-requests - consumer-restriction - cors # - dubbo-proxy - echo # - error-log-logger # - example-plugin - fault-injection - grpc-transcode - hmac-auth - http-logger - ip-restriction - jwt-auth - kafka-logger - key-auth - limit-conn - limit-count - limit-req # - log-rotate # - node-status - openid-connect - prometheus - proxy-cache - proxy-mirror - proxy-rewrite - redirect - referer-restriction - request-id - request-validation - response-rewrite - serverless-post-function - serverless-pre-function # - skywalking - sls-logger - syslog - tcp-logger - udp-logger - uri-blocker - wolf-rbac - zipkin - server-info - traffic-splitnohup sudo manager-api -c /usr/local/apisix/dashboard/conf/conf.yaml &apisix startapisix stopapisix reload修改配置,同时暴露80和8080两个端口apisix: node_listen: - 80 - 8080 热加载配置apisix reload/user/local/apisix/logs/access.log/user/local/apisix/logs/error.log| 留言与评论(共有 0 条评论) “” |
