For example, You want apisix to listen on 4 ports:
- 80 for http - 443 for https - 8080 for http with proxy protocol - 8443 for https with proxy protocol And on 80 and 443 you want to configure real_ip_header with "x-forwarded-for", while for 8080 and 8443 you want to configure real_ip_header with "proxy_protocol". Under the current apisix configuration structure, 4 ports are all under the same nginx server. And you cannot configure multiple real_ip_headers under the same server. Although you can configure real_ip_header in the context of location, but since in this scenario the real_ip_header should only be bound to the listening port. On Tue, Nov 24, 2020 at 6:14 PM YuanSheng Wang <membp...@apache.org> wrote: > @Jan Li > > Can you provide some examples? I think the community needs them for > understanding. > > > On Tue, Nov 24, 2020 at 2:03 PM Jan Li <jan...@airwallex.com> wrote: > > > Hi community, > > > > APISIX is using config file and apisix bin file to generate nginx > > config file. > > > > This provides APISIX the capability of overriding nginx's default > > configurations, but also introduces some problems: > > > > 1. There is only one nginx server which supports the dynamic features > of > > APISIX. > > 2. Due to point 1, all listening ports are configured in the only > > server. > > 3. As a consequence of this setting, some features from nginx can be > > difficult to support in APISIX. For example, > > 1. Configuring mTLS is easy in nginx > > 1. It's easy to configure a new server in apisix bin > > 2. The new server will lose all the dynamic features of APISIX. > > 2. Using proxy protocol and real ip module along with normal > requests > > with a different real ip header > > 1. If we use proxy protocol, normally the real ip header will be > > configured proxy_protocol > > 2. The normal requests normally use x-forwarded-for or x-real-ip > > as real ip header > > 3. It's impossible to configure both x-forwarded-for and > > proxy_protocol in apisix > > > > So I want to propose: > > > > 1. Introduce a new kind of configuration in config.yaml: "server" > under > > "apisix". > > 1. "server" is almost the same as nginx's server. > > 2. If a server is configured a port is necessary, no matter if it's > > http, https or proxy protocol http... > > 3. "location" should not be included here since being dynamic often > > means dynamic to locations. > > 2. All configurations configured directly under "apisix" are global > > configurations which will apply to all servers. > > 3. All configurations can be overridden inside the server, the > > configuration is the same as under "apisix". > > > > With this, we can better embrace the features from both apisix and > > nginx. > > > > > -- > > *MembPhis* > My GitHub: https://github.com/membphis > Apache APISIX: https://github.com/apache/apisix >
