nginxca证书
https://letsencrypt.osfipin.com/user-0408/user/login
getting-started
https://apisix.apache.org/docs/apisix/getting-started/README/
root@lavm-8x7cj636sr:/opt/docker/apisix# docker version
Client:
Version: 24.0.5
API version: 1.43
Go version: go1.20.3
Git commit: 24.0.5-0ubuntu1~22.04.1
Built: Mon Aug 21 19:50:14 2023
OS/Arch: linux/amd64
Context: default
Server:
Engine:
Version: 24.0.5
API version: 1.43 (minimum version 1.12)
Go version: go1.20.3
Git commit: 24.0.5-0ubuntu1~22.04.1
Built: Mon Aug 21 19:50:14 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.2
GitCommit:
runc:
Version: 1.1.7-0ubuntu1~22.04.2
GitCommit:
docker-init:
Version: 0.19.0
GitCommit:
root@lavm-8x7cj636sr:/opt/docker/apisix# lsb_release -a
LSB Version: core-11.1.0ubuntu4-noarch:security-11.1.0ubuntu4-noarch
Distributor ID: Ubuntu
Description: Ubuntu 22.04.3 LTS
Release: 22.04
Codename: jammy
root@lavm-8x7cj636sr:/opt/docker/apisix# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
83315aa7551b apache/apisix:3.9.0-debian "/docker-entrypoint.…" 17 seconds ago Up 15 seconds 0.0.0.0:9080->9080/tcp, :::9080->9080/tcp, 0.0.0.0:9091->9091/tcp, :::9091->9091/tcp, 0.0.0.0:9100->9100/tcp, :::9100->9100/tcp, 0.0.0.0:9180->9180/tcp, :::9180->9180/tcp, 0.0.0.0:9443->9443/tcp, :::9443->9443/tcp, 0.0.0.0:9090->9092/tcp, :::9090->9092/tcp apisix-quickstart
5a7cfe1ba355 bitnami/etcd:3.5.7 "/opt/bitnami/script…" 2 minutes ago Up About a minute 2379-2380/tcp etcd-quickstart
root@lavm-8x7cj636sr:/opt/docker/apisix# curl "http://127.0.0.1:9080" --head | grep Server
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
Server: APISIX/3.9.0
Configure Routes
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9180/apisix/admin/routes" -X PUT -d '
> {
> "id": "getting-started-ip",
> "uri": "/ip",
> "upstream": {
> "type": "roundrobin",
> "nodes": {
> "httpbin.org:80": 1
> }
> }
> }'
HTTP/1.1 201 Created
Date: Wed, 03 Apr 2024 02:13:24 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/3.9.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 3600
X-API-VERSION: v3
{"key":"/apisix/routes/getting-started-ip","value":{"id":"getting-started-ip","status":1,"update_time":1712110404,"upstream":{"scheme":"http","type":"roundrobin","nodes":{"httpbin.org:80":1},"hash_on":"vars","pass_host":"pass"},"create_time":1712110404,"priority":0,"uri":"/ip"}}
root@lavm-8x7cj636sr:/opt/docker/apisix#
root@lavm-8x7cj636sr:/opt/docker/apisix# curl "http://127.0.0.1:9080/ip"
{
"origin": "172.21.0.1, 117.72.36.203"
}
- etcd默认的一些键值
I have no name!@5a7cfe1ba355:/opt/bitnami/etcd/bin$ etcdctl get --prefix --keys-only ""
/apisix/consumer_groups/
/apisix/consumers/
/apisix/data_plane/server_info/b1de8a17-c57c-4228-9b73-ff8519aea650
/apisix/global_rules/
/apisix/plugin_configs/
/apisix/plugin_metadata/
/apisix/plugins/
/apisix/protos/
/apisix/routes/
/apisix/routes/getting-started-ip
/apisix/secrets/
/apisix/services/
/apisix/ssls/
/apisix/stream_routes/
/apisix/upstreams/
- 刚才加入进来的路由
I have no name!@5a7cfe1ba355:/opt/bitnami/etcd/bin$ etcdctl get /apisix/routes/getting-started-ip
/apisix/routes/getting-started-ip
{"id":"getting-started-ip","status":1,"update_time":1712110404,"priority":0,"create_time":1712110404,"upstream":{"scheme":"http","type":"roundrobin","nodes":{"httpbin.org:80":1},"hash_on":"vars","pass_host":"pass"},"uri":"/ip"}
Load Balancing
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9180/apisix/admin/routes" -X PUT -d '
> {
> "id": "getting-started-headers",
> "uri": "/headers",
> "upstream" : {
> "type": "roundrobin",
> "nodes": {
> "httpbin.org:443": 1,
> "mock.api7.ai:443": 1
> },
> "pass_host": "node",
> "scheme": "https"
> }
> }'
HTTP/1.1 201 Created
Date: Wed, 03 Apr 2024 02:25:13 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/3.9.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 3600
X-API-VERSION: v3
{"key":"/apisix/routes/getting-started-headers","value":{"id":"getting-started-headers","status":1,"update_time":1712111113,"upstream":{"scheme":"https","type":"roundrobin","nodes":{"httpbin.org:443":1,"mock.api7.ai:443":1},"hash_on":"vars","pass_host":"node"},"create_time":1712111113,"priority":0,"uri":"/headers"}}
root@lavm-8x7cj636sr:/opt/docker/apisix# hc=$(seq 100 | xargs -I {} curl "http://127.0.0.1:9080/headers" -sL | grep "httpbin" | wc -l); echo httpbin.org: $hc, mock.api7.ai: $((100 - $hc))
httpbin.org: 48, mock.api7.ai: 52
Key Authentication
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9180/apisix/admin/consumers" -X PUT -d '
> {
> "username": "tom",
> "plugins": {
> "key-auth": {
> "key": "secret-key"
> }
> }
> }'
HTTP/1.1 201 Created
Date: Wed, 03 Apr 2024 02:30:41 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/3.9.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 3600
X-API-VERSION: v3
{"key":"/apisix/consumers/tom","value":{"username":"tom","create_time":1712111441,"plugins":{"key-auth":{"key":"secret-key"}},"update_time":1712111441}}
```shell
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9080/ip"
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 44
Connection: keep-alive
Date: Wed, 03 Apr 2024 02:31:32 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: APISIX/3.9.0
{
"origin": "172.21.0.1, 117.72.36.203"
}
root@lavm-8x7cj636sr:/opt/docker/apisix#
root@lavm-8x7cj636sr:/opt/docker/apisix#
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9180/apisix/admin/routes/getting-started-ip" -X PATCH -d '
> {
> "plugins": {
> "key-auth": {}
> }
> }'
HTTP/1.1 200 OK
Date: Wed, 03 Apr 2024 02:31:41 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/3.9.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 3600
X-API-VERSION: v3
{"key":"/apisix/routes/getting-started-ip","value":{"id":"getting-started-ip","status":1,"priority":0,"plugins":{"key-auth":{"header":"apikey","hide_credentials":false,"query":"apikey"}},"update_time":1712111501,"create_time":1712110404,"upstream":{"scheme":"http","type":"roundrobin","nodes":{"httpbin.org:80":1},"hash_on":"vars","pass_host":"pass"},"uri":"/ip"}}
root@lavm-8x7cj636sr:/opt/docker/apisix#
root@lavm-8x7cj636sr:/opt/docker/apisix#
root@lavm-8x7cj636sr:/opt/docker/apisix#
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9080/ip"
HTTP/1.1 401 Unauthorized
Date: Wed, 03 Apr 2024 02:31:48 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/3.9.0
{"message":"Missing API key found in request"}
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9080/ip" -H 'apikey: wrong-key'
HTTP/1.1 401 Unauthorized
Date: Wed, 03 Apr 2024 02:32:37 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/3.9.0
{"message":"Invalid API key in request"}
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9080/ip" -H 'apikey: secret-key'
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 44
Connection: keep-alive
Date: Wed, 03 Apr 2024 02:32:55 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: APISIX/3.9.0
{
"origin": "172.21.0.1, 117.72.36.203"
}
root@lavm-8x7cj636sr:/opt/docker/apisix# curl "http://127.0.0.1:9180/apisix/admin/routes/getting-started-ip" -X PATCH -d '
> {
> "plugins": {
> "key-auth": {
> "_meta": {
> "disable": true
> }
> }
> }
> }'
{"key":"/apisix/routes/getting-started-ip","value":{"id":"getting-started-ip","status":1,"upstream":{"scheme":"http","type":"roundrobin","nodes":{"httpbin.org:80":1},"hash_on":"vars","pass_host":"pass"},"update_time":1712111991,"plugins":{"key-auth":{"header":"apikey","hide_credentials":false,"_meta":{"disable":true},"query":"apikey"}},"create_time":1712110404,"priority":0,"uri":"/ip"}}
root@lavm-8x7cj636sr:/opt/docker/apisix#
root@lavm-8x7cj636sr:/opt/docker/apisix#
root@lavm-8x7cj636sr:/opt/docker/apisix#
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9080/ip"
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 44
Connection: keep-alive
Date: Wed, 03 Apr 2024 02:40:12 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: APISIX/3.9.0
{
"origin": "172.21.0.1, 117.72.36.203"
}
Rate Limiting
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9180/apisix/admin/routes/getting-started-ip" -X PATCH -d '
> {
> "plugins": {
> "limit-count": {
> "count": 2,
> "time_window": 10,
> "rejected_code": 503
> }
> }
> }'
HTTP/1.1 200 OK
Date: Wed, 03 Apr 2024 02:43:39 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/3.9.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 3600
X-API-VERSION: v3
{"key":"/apisix/routes/getting-started-ip","value":{"id":"getting-started-ip","status":1,"priority":0,"update_time":1712112219,"plugins":{"key-auth":{"header":"apikey","hide_credentials":false,"_meta":{"disable":true},"query":"apikey"},"limit-count":{"policy":"local","count":2,"time_window":10,"key":"remote_addr","allow_degradation":false,"show_limit_quota_header":true,"rejected_code":503,"key_type":"var"}},"create_time":1712110404,"upstream":{"scheme":"http","type":"roundrobin","nodes":{"httpbin.org:80":1},"hash_on":"vars","pass_host":"pass"},"uri":"/ip"}}
I have no name!@5a7cfe1ba355:/opt/bitnami/etcd/bin$ etcdctl get /apisix/routes/getting-started-ip
/apisix/routes/getting-started-ip
{"id":"getting-started-ip","status":1,"upstream":{"scheme":"http","type":"roundrobin","nodes":{"httpbin.org:80":1},"hash_on":"vars","pass_host":"pass"},"update_time":1712112219,"plugins":{"key-auth":{"header":"apikey","hide_credentials":false,"_meta":{"disable":true},"query":"apikey"},"limit-count":{"count":2,"policy":"local","rejected_code":503,"key":"remote_addr","allow_degradation":false,"show_limit_quota_header":true,"time_window":10,"key_type":"var"}},"create_time":1712110404,"priority":0,"uri":"/ip"}
root@lavm-8x7cj636sr:/opt/docker/apisix# count=$(seq 100 | xargs -I {} curl "http://127.0.0.1:9080/ip" -I -sL | grep "503" | wc -l); echo \"200\": $((100 - $count)), \"503\": $count
"200": 2, "503": 98
root@lavm-8x7cj636sr:/opt/docker/apisix# curl -i "http://127.0.0.1:9180/apisix/admin/routes/getting-started-ip" -X PATCH -d '
> {
> "plugins": {
> "limit-count": {
> "_meta": {
> "disable": true
> }
> }
> }
> }'
HTTP/1.1 200 OK
Date: Wed, 03 Apr 2024 02:45:36 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/3.9.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 3600
X-API-VERSION: v3
{"key":"/apisix/routes/getting-started-ip","value":{"id":"getting-started-ip","status":1,"upstream":{"scheme":"http","type":"roundrobin","nodes":{"httpbin.org:80":1},"hash_on":"vars","pass_host":"pass"},"update_time":1712112336,"plugins":{"key-auth":{"header":"apikey","hide_credentials":false,"_meta":{"disable":true},"query":"apikey"},"limit-count":{"policy":"local","allow_degradation":false,"show_limit_quota_header":true,"rejected_code":503,"_meta":{"disable":true},"key":"remote_addr","count":2,"time_window":10,"key_type":"var"}},"create_time":1712110404,"priority":0,"uri":"/ip"}}
I have no name!@5a7cfe1ba355:/opt/bitnami/etcd/bin$ etcdctl get /apisix/routes/getting-started-ip
/apisix/routes/getting-started-ip
{"id":"getting-started-ip","status":1,"priority":0,"update_time":1712112336,"plugins":{"key-auth":{"header":"apikey","hide_credentials":false,"_meta":{"disable":true},"query":"apikey"},"limit-count":{"policy":"local","allow_degradation":false,"show_limit_quota_header":true,"rejected_code":503,"_meta":{"disable":true},"key":"remote_addr","count":2,"time_window":10,"key_type":"var"}},"create_time":1712110404,"upstream":{"scheme":"http","type":"roundrobin","nodes":{"httpbin.org:80":1},"hash_on":"vars","pass_host":"pass"},"uri":"/ip"}
root@lavm-8x7cj636sr:/opt/docker/apisix# count=$(seq 100 | xargs -i curl "http://127.0.0.1:9080/ip" -I -sL | grep "503" | wc -l); echo \"200\": $((100 - $count)), \"503\": $count
"200": 100, "503": 0
