This is an automated email from the ASF dual-hosted git repository.
spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new 684970b53 change: move etcd conf under deployment (#7860)
684970b53 is described below
commit 684970b53cc02a0fab9798d5f1c2913fb5753774
Author: tzssangglass <[email protected]>
AuthorDate: Thu Sep 8 13:28:55 2022 +0800
change: move etcd conf under deployment (#7860)
---
apisix/cli/snippet.lua | 28 +++++++--
apisix/core/config_etcd.lua | 2 +-
apisix/core/etcd.lua | 41 ++++++++++---
conf/config-default.yaml | 55 ++++++++---------
conf/config.yaml | 18 +++++-
docs/en/latest/certificate.md | 22 ++++---
docs/en/latest/installation-guide.md | 9 ++-
docs/en/latest/mtls.md | 12 ++--
docs/zh/latest/certificate.md | 22 ++++---
docs/zh/latest/installation-guide.md | 9 ++-
docs/zh/latest/mtls.md | 12 ++--
t/APISIX.pm | 23 ++++++-
t/chaos/utils/setup_chaos_utils.sh | 10 +++-
t/cli/test_access_log.sh | 4 +-
t/cli/test_ci_only.sh | 12 ++--
t/cli/test_deployment_traditional.sh | 15 -----
t/cli/test_etcd.sh | 60 ++++++++++++-------
t/cli/test_etcd_healthcheck.sh | 14 +++--
t/cli/test_etcd_mtls.sh | 113 +++++++++++++++++++++--------------
t/cli/test_etcd_tls.sh | 31 ++++++----
t/cli/test_main.sh | 24 ++++++--
t/cli/test_validate_config.sh | 8 ++-
t/core/config.t | 15 +++--
t/core/config_etcd.t | 102 ++++++++++++++++++++-----------
t/core/etcd-auth-fail.t | 16 +++--
t/core/etcd-auth.t | 16 +++--
t/core/etcd-mtls.t | 99 +++++++++++++++++-------------
t/core/etcd-sync.t | 10 +++-
t/deployment/conf_server.t | 12 ++--
t/deployment/conf_server2.t | 7 ---
t/deployment/mtls.t | 7 ---
t/plugin/example.t | 15 +++--
32 files changed, 525 insertions(+), 318 deletions(-)
diff --git a/apisix/cli/snippet.lua b/apisix/cli/snippet.lua
index 6c2414c34..3b5eb3232 100644
--- a/apisix/cli/snippet.lua
+++ b/apisix/cli/snippet.lua
@@ -39,8 +39,7 @@ function _M.generate_conf_server(env, conf)
if servers[1]:find(prefix, 1, true) then
enable_https = true
end
- -- there is not a compatible way to verify upstream TLS like the one we do
in cosocket
- -- so here we just ignore it as the verification is already done in the
init phase
+
for i, s in ipairs(servers) do
if (s:find(prefix, 1, true) ~= nil) ~= enable_https then
return nil, "all nodes in the etcd cluster should enable/disable
TLS together"
@@ -113,6 +112,11 @@ function _M.generate_conf_server(env, conf)
proxy_ssl_protocols TLSv1.2 TLSv1.3;
proxy_ssl_server_name on;
+ {% if etcd_tls_verify then %}
+ proxy_ssl_verify on;
+ proxy_ssl_trusted_certificate {* ssl_trusted_certificate *};
+ {% end %}
+
{% if sni then %}
proxy_ssl_name {* sni *};
{% else %}
@@ -144,9 +148,21 @@ function _M.generate_conf_server(env, conf)
local tls = etcd.tls
local client_cert
local client_cert_key
- if tls and tls.cert then
- client_cert = pl_path.abspath(tls.cert)
- client_cert_key = pl_path.abspath(tls.key)
+ local ssl_trusted_certificate
+ local etcd_tls_verify
+ if tls then
+ if tls.cert then
+ client_cert = pl_path.abspath(tls.cert)
+ client_cert_key = pl_path.abspath(tls.key)
+ end
+
+ etcd_tls_verify = tls.verify
+ if enable_https and etcd_tls_verify then
+ if not conf.apisix.ssl.ssl_trusted_certificate then
+ return nil, "should set ssl_trusted_certificate if etcd tls
verify is enabled"
+ end
+ ssl_trusted_certificate =
pl_path.abspath(conf.apisix.ssl.ssl_trusted_certificate)
+ end
end
return conf_render({
@@ -157,6 +173,8 @@ function _M.generate_conf_server(env, conf)
client_cert = client_cert,
client_cert_key = client_cert_key,
trusted_ca_cert = trusted_ca_cert,
+ etcd_tls_verify = etcd_tls_verify,
+ ssl_trusted_certificate = ssl_trusted_certificate,
})
end
diff --git a/apisix/core/config_etcd.lua b/apisix/core/config_etcd.lua
index 85cf8d7f4..e432b05d9 100644
--- a/apisix/core/config_etcd.lua
+++ b/apisix/core/config_etcd.lua
@@ -507,7 +507,7 @@ do
end
local err
- etcd_cli, err = etcd_apisix.new()
+ etcd_cli, err = etcd_apisix.switch_proxy()
return etcd_cli, err
end
end
diff --git a/apisix/core/etcd.lua b/apisix/core/etcd.lua
index 7ac08334e..f6b1ddbd5 100644
--- a/apisix/core/etcd.lua
+++ b/apisix/core/etcd.lua
@@ -31,6 +31,7 @@ local string = string
local tonumber = tonumber
local ngx_config_prefix = ngx.config.prefix()
local ngx_socket_tcp = ngx.socket.tcp
+local ngx_get_phase = ngx.get_phase
local is_http = ngx.config.subsystem == "http"
@@ -157,7 +158,7 @@ _M.new = new
-- @treturn table|nil the etcd client, or nil if failed.
-- @treturn string|nil the configured prefix of etcd keys, or nil if failed.
-- @treturn nil|string the error message.
-function _M.new_without_proxy()
+local function new_without_proxy()
local local_conf, err = fetch_local_conf()
if not local_conf then
return nil, nil, err
@@ -166,8 +167,32 @@ function _M.new_without_proxy()
local etcd_conf = clone_tab(local_conf.etcd)
return _new(etcd_conf)
end
+_M.new_without_proxy = new_without_proxy
+local function switch_proxy()
+ if ngx_get_phase() == "init" or ngx_get_phase() == "init_worker" then
+ return new_without_proxy()
+ end
+
+ local etcd_cli, prefix, err = new()
+ if not etcd_cli or err then
+ return etcd_cli, prefix, err
+ end
+
+ if not etcd_cli.unix_socket_proxy then
+ return etcd_cli, prefix, err
+ end
+ local sock = ngx_socket_tcp()
+ local ok = sock:connect(etcd_cli.unix_socket_proxy)
+ if not ok then
+ return new_without_proxy()
+ end
+
+ return etcd_cli, prefix, err
+end
+_M.switch_proxy = switch_proxy
+
-- convert ETCD v3 entry to v2 one
local function kvs_to_node(kvs)
local node = {}
@@ -281,7 +306,7 @@ end
function _M.get(key, is_dir)
- local etcd_cli, prefix, err = new()
+ local etcd_cli, prefix, err = switch_proxy()
if not etcd_cli then
return nil, err
end
@@ -300,7 +325,7 @@ end
local function set(key, value, ttl)
- local etcd_cli, prefix, err = new()
+ local etcd_cli, prefix, err = switch_proxy()
if not etcd_cli then
return nil, err
end
@@ -344,7 +369,7 @@ _M.set = set
function _M.atomic_set(key, value, ttl, mod_revision)
- local etcd_cli, prefix, err = new()
+ local etcd_cli, prefix, err = switch_proxy()
if not etcd_cli then
return nil, err
end
@@ -403,7 +428,7 @@ end
function _M.push(key, value, ttl)
- local etcd_cli, _, err = new()
+ local etcd_cli, _, err = switch_proxy()
if not etcd_cli then
return nil, err
end
@@ -435,7 +460,7 @@ end
function _M.delete(key)
- local etcd_cli, prefix, err = new()
+ local etcd_cli, prefix, err = switch_proxy()
if not etcd_cli then
return nil, err
end
@@ -473,7 +498,7 @@ end
-- -- etcdserver = "3.5.0"
-- -- }
function _M.server_version()
- local etcd_cli, _, err = new()
+ local etcd_cli, _, err = switch_proxy()
if not etcd_cli then
return nil, err
end
@@ -483,7 +508,7 @@ end
function _M.keepalive(id)
- local etcd_cli, _, err = new()
+ local etcd_cli, _, err = switch_proxy()
if not etcd_cli then
return nil, err
end
diff --git a/conf/config-default.yaml b/conf/config-default.yaml
index ef99fcfcd..96a0e692b 100755
--- a/conf/config-default.yaml
+++ b/conf/config-default.yaml
@@ -275,27 +275,6 @@ nginx_config: # config for render the
template to generate n
kubernetes: 1m
tars: 1m
-etcd:
- host: # it's possible to define multiple etcd
hosts addresses of the same etcd cluster.
- - "http://127.0.0.1:2379"; # multiple etcd address, if your etcd
cluster enables TLS, please use https scheme,
- # e.g. https://127.0.0.1:2379.
- prefix: /apisix # apisix configurations prefix
- #timeout: 30 # 30 seconds
- #resync_delay: 5 # when sync failed and a rest is needed,
resync after the configured seconds plus 50% random jitter
- #health_check_timeout: 10 # etcd retry the unhealthy nodes after the
configured seconds
- startup_retry: 2 # the number of retry to etcd during the
startup, default to 2
- #user: root # root username for etcd
- #password: 5tHkHhYkjr6cQY # root password for etcd
- tls:
- # To enable etcd client certificate you need to build APISIX-Base, see
- #
https://apisix.apache.org/docs/apisix/FAQ#how-do-i-build-the-apisix-base-environment
- #cert: /path/to/cert # path of certificate used by the etcd client
- #key: /path/to/key # path of key used by the etcd client
-
- verify: true # whether to verify the etcd endpoint
certificate when setup a TLS connection to etcd,
- # the default value is true, e.g. the
certificate will be verified strictly.
- #sni: # the SNI for etcd TLS requests. If missed,
the host part of the URL will be used.
-
# HashiCorp Vault storage backend for sensitive data retrieval. The config
shows an example of what APISIX expects if you
# wish to integrate Vault for secret (sensetive string, public private keys
etc.) retrieval. APISIX communicates with Vault
# server HTTP APIs. By default, APISIX doesn't need this configuration.
@@ -560,13 +539,27 @@ plugin_attr:
# redirect:
# https_port: 8443 # the default port for use by HTTP redirects to HTTPS
-#deployment:
-# role: traditional
-# role_traditional:
-# config_provider: etcd
-# etcd:
-# host: # it's possible to define multiple
etcd hosts addresses of the same etcd cluster.
-# - "http://127.0.0.1:2379"; # multiple etcd address, if your etcd
cluster enables TLS, please use https scheme,
-# # e.g. https://127.0.0.1:2379.
-# prefix: /apisix # configuration prefix in etcd
-# timeout: 30 # 30 seconds
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host: # it's possible to define multiple etcd
hosts addresses of the same etcd cluster.
+ - "http://127.0.0.1:2379"; # multiple etcd address, if your etcd
cluster enables TLS, please use https scheme,
+ # e.g. https://127.0.0.1:2379.
+ prefix: /apisix # configuration prefix in etcd
+ timeout: 30 # 30 seconds
+ #resync_delay: 5 # when sync failed and a rest is needed,
resync after the configured seconds plus 50% random jitter
+ #health_check_timeout: 10 # etcd retry the unhealthy nodes after the
configured seconds
+ startup_retry: 2 # the number of retry to etcd during the
startup, default to 2
+ #user: root # root username for etcd
+ #password: 5tHkHhYkjr6cQY # root password for etcd
+ tls:
+ # To enable etcd client certificate you need to build APISIX-Base, see
+ #
https://apisix.apache.org/docs/apisix/FAQ#how-do-i-build-the-apisix-base-environment
+ #cert: /path/to/cert # path of certificate used by the etcd
client
+ #key: /path/to/key # path of key used by the etcd client
+
+ verify: true # whether to verify the etcd endpoint
certificate when setup a TLS connection to etcd,
+ # the default value is true, e.g. the
certificate will be verified strictly.
+ #sni: # the SNI for etcd TLS requests. If
missed, the host part of the URL will be used.
diff --git a/conf/config.yaml b/conf/config.yaml
index 421ac0912..6a5f56205 100644
--- a/conf/config.yaml
+++ b/conf/config.yaml
@@ -17,13 +17,21 @@
# If you want to set the specified configuration value, you can set the new
# in this file. For example if you want to specify the etcd address:
#
-# etcd:
+# deployment:
+# role: traditional
+# role_traditional:
+# config_provider: etcd
+# etcd:
# host:
# - http://127.0.0.1:2379
#
# To configure via environment variables, you can use `${{VAR}}` syntax. For
instance:
#
-# etcd:
+# deployment:
+# role: traditional
+# role_traditional:
+# config_provider: etcd
+# etcd:
# host:
# - http://${{ETCD_HOST}}:2379
#
@@ -34,7 +42,11 @@
# Also, If you want to use default value when the environment variable not set,
# Use `${{VAR:=default_value}}` instead. For instance:
#
-# etcd:
+# deployment:
+# role: traditional
+# role_traditional:
+# config_provider: etcd
+# etcd:
# host:
# - http://${{ETCD_HOST:=localhost}}:2379
#
diff --git a/docs/en/latest/certificate.md b/docs/en/latest/certificate.md
index ab02eadce..94e74d722 100644
--- a/docs/en/latest/certificate.md
+++ b/docs/en/latest/certificate.md
@@ -246,15 +246,19 @@ apisix:
ssl:
ssl_trusted_certificate: /path/to/apisix.ca-bundle
-etcd:
- host:
- - "https://127.0.0.1:12379";
- - "https://127.0.0.1:22379";
- - "https://127.0.0.1:32379";
- tls:
- cert: /path/to/bar_apisix.crt
- key: /path/to/bar_apisix.key
- sni: etcd.cluster.dev
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:12379";
+ - "https://127.0.0.1:22379";
+ - "https://127.0.0.1:32379";
+ tls:
+ cert: /path/to/bar_apisix.crt
+ key: /path/to/bar_apisix.key
+ sni: etcd.cluster.dev
```
4. Test APISIX Admin API
diff --git a/docs/en/latest/installation-guide.md
b/docs/en/latest/installation-guide.md
index fcddb6c4c..a383d2505 100644
--- a/docs/en/latest/installation-guide.md
+++ b/docs/en/latest/installation-guide.md
@@ -240,8 +240,13 @@ Now, if you decide you want to change the etcd address to
`http://foo:2379`, you
apisix:
node_listen: 8000
-etcd:
- host: "http://foo:2379";
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://foo:2379";
```
:::warning
diff --git a/docs/en/latest/mtls.md b/docs/en/latest/mtls.md
index 124b8e2f0..2cf7a87ef 100644
--- a/docs/en/latest/mtls.md
+++ b/docs/en/latest/mtls.md
@@ -71,10 +71,14 @@ curl --cacert /data/certs/mtls_ca.crt --key
/data/certs/mtls_client.key --cert /
You need to build
[APISIX-Base](./FAQ.md#how-do-i-build-the-apisix-base-environment) and
configure `etcd.tls` section if you want APISIX to work on an etcd cluster with
mTLS enabled.
```yaml
-etcd:
- tls:
- cert: /data/certs/etcd_client.pem # path of certificate used by the
etcd client
- key: /data/certs/etcd_client.key # path of key used by the etcd
client
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ tls:
+ cert: /data/certs/etcd_client.pem # path of certificate used by
the etcd client
+ key: /data/certs/etcd_client.key # path of key used by the etcd
client
```
If APISIX does not trust the CA certificate that used by etcd server, we need
to set up the CA certificate.
diff --git a/docs/zh/latest/certificate.md b/docs/zh/latest/certificate.md
index 5ff5813d9..06f7933c2 100644
--- a/docs/zh/latest/certificate.md
+++ b/docs/zh/latest/certificate.md
@@ -243,15 +243,19 @@ apisix:
ssl:
ssl_trusted_certificate: /path/to/apisix.ca-bundle
-etcd:
- host:
- - "https://127.0.0.1:12379";
- - "https://127.0.0.1:22379";
- - "https://127.0.0.1:32379";
- tls:
- cert: /path/to/bar_apisix.crt
- key: /path/to/bar_apisix.key
- sni: etcd.cluster.dev
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:12379";
+ - "https://127.0.0.1:22379";
+ - "https://127.0.0.1:32379";
+ tls:
+ cert: /path/to/bar_apisix.crt
+ key: /path/to/bar_apisix.key
+ sni: etcd.cluster.dev
```
4. 测试 Admin API
diff --git a/docs/zh/latest/installation-guide.md
b/docs/zh/latest/installation-guide.md
index 2359045af..5b0ea80e3 100644
--- a/docs/zh/latest/installation-guide.md
+++ b/docs/zh/latest/installation-guide.md
@@ -234,8 +234,13 @@ apisix:
apisix:
node_listen: 8000 # APISIX listening port
-etcd:
- host: "http://foo:2379"; # etcd address
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://foo:2379";
```
:::warning
diff --git a/docs/zh/latest/mtls.md b/docs/zh/latest/mtls.md
index cc1ad0fcb..414adb876 100644
--- a/docs/zh/latest/mtls.md
+++ b/docs/zh/latest/mtls.md
@@ -71,10 +71,14 @@ curl --cacert /data/certs/mtls_ca.crt --key
/data/certs/mtls_client.key --cert /
你需要构建 [APISIX-Base](./FAQ.md#如何构建-APISIX-Base-环境?),并且需要在配置文件中设定 `etcd.tls` 来使
ETCD 的双向认证功能正常工作。
```yaml
-etcd:
- tls:
- cert: /data/certs/etcd_client.pem # path of certificate used by the
etcd client
- key: /data/certs/etcd_client.key # path of key used by the etcd
client
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ tls:
+ cert: /data/certs/etcd_client.pem # path of certificate used by
the etcd client
+ key: /data/certs/etcd_client.key # path of key used by the etcd
client
```
如果 APISIX 不信任 etcd server 使用的 CA 证书,我们需要设置 CA 证书。
diff --git a/t/APISIX.pm b/t/APISIX.pm
index 999bcd8a1..26bf7efe6 100644
--- a/t/APISIX.pm
+++ b/t/APISIX.pm
@@ -33,6 +33,13 @@ my $nginx_binary = $ENV{'TEST_NGINX_BINARY'} || 'nginx';
$ENV{TEST_NGINX_HTML_DIR} ||= html_dir();
$ENV{TEST_NGINX_FAST_SHUTDOWN} ||= 1;
+Test::Nginx::Socket::set_http_config_filter(sub {
+ my $config = shift;
+ my $snippet = `$apisix_home/t/bin/gen_snippet.lua conf_server`;
+ $config .= $snippet;
+ return $config;
+});
+
sub read_file($) {
my $infile = shift;
open my $in, "$apisix_home/$infile"
@@ -90,6 +97,8 @@ my $ssl_ecc_crt = read_file("t/certs/apisix_ecc.crt");
my $ssl_ecc_key = read_file("t/certs/apisix_ecc.key");
my $test2_crt = read_file("t/certs/test2.crt");
my $test2_key = read_file("t/certs/test2.key");
+my $etcd_pem = read_file("t/certs/etcd.pem");
+my $etcd_key = read_file("t/certs/etcd.key");
$user_yaml_config = <<_EOC_;
apisix:
node_listen: 1984
@@ -104,9 +113,13 @@ my $etcd_enable_auth = $ENV{"ETCD_ENABLE_AUTH"} || "false";
if ($etcd_enable_auth eq "true") {
$user_yaml_config .= <<_EOC_;
-etcd:
- user: root
- password: 5tHkHhYkjr6cQY
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ user: root
+ password: 5tHkHhYkjr6cQY
_EOC_
}
@@ -845,6 +858,10 @@ $ssl_ecc_key
$test2_crt
>>> ../conf/cert/test2.key
$test2_key
+>>> ../conf/cert/etcd.pem
+$etcd_pem
+>>> ../conf/cert/etcd.key
+$etcd_key
$user_apisix_yaml
_EOC_
diff --git a/t/chaos/utils/setup_chaos_utils.sh
b/t/chaos/utils/setup_chaos_utils.sh
index bffc8598e..4b41bb6e3 100755
--- a/t/chaos/utils/setup_chaos_utils.sh
+++ b/t/chaos/utils/setup_chaos_utils.sh
@@ -34,9 +34,13 @@ modify_config() {
DNS_IP=$(kubectl get svc -n kube-system -l k8s-app=kube-dns -o
'jsonpath={..spec.clusterIP}')
echo "dns_resolver:
- ${DNS_IP}
-etcd:
- host:
- - \"http://etcd.default.svc.cluster.local:2379\";
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - \"http://etcd.default.svc.cluster.local:2379\";
plugin_attr:
prometheus:
enable_export_server: false
diff --git a/t/cli/test_access_log.sh b/t/cli/test_access_log.sh
index a71cf47e1..ad48dcb4c 100755
--- a/t/cli/test_access_log.sh
+++ b/t/cli/test_access_log.sh
@@ -57,7 +57,7 @@ if [ $count_test_access_log -eq 0 ]; then
fi
count_access_log_off=`grep -c "access_log off;" conf/nginx.conf || true`
-if [ $count_access_log_off -eq 4 ]; then
+if [ $count_access_log_off -eq 5 ]; then
echo "failed: nginx.conf file find access_log off; when enable access log"
exit 1
fi
@@ -92,7 +92,7 @@ if [ $count_test_access_log -eq 1 ]; then
fi
count_access_log_off=`grep -c "access_log off;" conf/nginx.conf || true`
-if [ $count_access_log_off -ne 4 ]; then
+if [ $count_access_log_off -ne 5 ]; then
echo "failed: nginx.conf file doesn't find access_log off; when disable
access log"
exit 1
fi
diff --git a/t/cli/test_ci_only.sh b/t/cli/test_ci_only.sh
index a440cf255..d7d9f5bd1 100755
--- a/t/cli/test_ci_only.sh
+++ b/t/cli/test_ci_only.sh
@@ -26,10 +26,14 @@
git checkout conf/config.yaml
echo '
-etcd:
- host:
- - "http://127.0.0.1:3379";
- prefix: "/apisix"
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://127.0.0.1:3379";
+ prefix: "/apisix"
' > conf/config.yaml
out=$(make init 2>&1 || true)
diff --git a/t/cli/test_deployment_traditional.sh
b/t/cli/test_deployment_traditional.sh
index ba6767b87..1dead769b 100755
--- a/t/cli/test_deployment_traditional.sh
+++ b/t/cli/test_deployment_traditional.sh
@@ -19,21 +19,6 @@
. ./t/cli/common.sh
-echo '
-deployment:
- role: traditional
- role_traditional:
- config_provider: etcd
-' > conf/config.yaml
-
-out=$(make init 2>&1 || true)
-if ! echo "$out" | grep 'invalid deployment traditional configuration:
property "etcd" is required'; then
- echo "failed: should check deployment schema during init"
- exit 1
-fi
-
-echo "passed: should check deployment schema during init"
-
# HTTP
echo '
deployment:
diff --git a/t/cli/test_etcd.sh b/t/cli/test_etcd.sh
index 23b5882e9..033cab5be 100755
--- a/t/cli/test_etcd.sh
+++ b/t/cli/test_etcd.sh
@@ -32,13 +32,17 @@ etcdctl --endpoints=127.0.0.1:2379 auth enable
etcdctl --endpoints=127.0.0.1:2379 --user=root:apache-api6 del /apisix --prefix
echo '
-etcd:
- host:
- - http://127.0.0.1:2379
- prefix: /apisix
- timeout: 30
- user: root
- password: apache-api6
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - http://127.0.0.1:2379
+ prefix: /apisix
+ timeout: 30
+ user: root
+ password: apache-api6
' > conf/config.yaml
make init
@@ -84,10 +88,14 @@ echo "passed: properly handle the error when connecting to
etcd without auth"
git checkout conf/config.yaml
echo '
-etcd:
- host:
- - http://127.0.0.1:2389
- prefix: /apisix
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - http://127.0.0.1:2389
+ prefix: /apisix
' > conf/config.yaml
out=$(make init 2>&1 || true)
@@ -102,10 +110,14 @@ echo "passed: Show retry time info successfully"
git checkout conf/config.yaml
echo '
-etcd:
- host:
- - http://127.0.0.1:2389
- prefix: /apisix
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - http://127.0.0.1:2389
+ prefix: /apisix
' > conf/config.yaml
out=$(make init 2>&1 || true)
@@ -129,13 +141,17 @@ etcdctl --endpoints=127.0.0.1:2379 auth enable
etcdctl --endpoints=127.0.0.1:2379 --user=root:apache-api6 del /apisix --prefix
echo '
-etcd:
- host:
- - http://127.0.0.1:2379
- prefix: /apisix
- timeout: 30
- user: root
- password: apache-api7
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - http://127.0.0.1:2379
+ prefix: /apisix
+ timeout: 30
+ user: root
+ password: apache-api7
' > conf/config.yaml
out=$(make init 2>&1 || true)
diff --git a/t/cli/test_etcd_healthcheck.sh b/t/cli/test_etcd_healthcheck.sh
index 7b631afe0..52b90bc90 100755
--- a/t/cli/test_etcd_healthcheck.sh
+++ b/t/cli/test_etcd_healthcheck.sh
@@ -30,11 +30,15 @@ if [ -z "logs/error.log" ]; then
fi
echo '
-etcd:
- host:
- - "http://127.0.0.1:23790";
- - "http://127.0.0.1:23791";
- - "http://127.0.0.1:23792";
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://127.0.0.1:23790";
+ - "http://127.0.0.1:23791";
+ - "http://127.0.0.1:23792";
health_check_timeout: '"$HEALTH_CHECK_RETRY_TIMEOUT"'
timeout: 2
' > conf/config.yaml
diff --git a/t/cli/test_etcd_mtls.sh b/t/cli/test_etcd_mtls.sh
index 371330e93..d61d6d517 100755
--- a/t/cli/test_etcd_mtls.sh
+++ b/t/cli/test_etcd_mtls.sh
@@ -25,14 +25,18 @@ exit_if_not_customed_nginx
# etcd mTLS verify
echo '
-etcd:
- host:
- - "https://admin.apisix.dev:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
- verify: false
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://admin.apisix.dev:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
+ verify: false
' > conf/config.yaml
out=$(make init 2>&1 || echo "ouch")
@@ -44,12 +48,16 @@ fi
echo "passed: certificate verify success expectedly"
echo '
-etcd:
- host:
- - "https://admin.apisix.dev:22379";
- prefix: "/apisix"
- tls:
- verify: false
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://admin.apisix.dev:22379";
+ prefix: "/apisix"
+ tls:
+ verify: false
' > conf/config.yaml
out=$(make init 2>&1 || echo "ouch")
@@ -65,13 +73,17 @@ echo '
apisix:
ssl:
ssl_trusted_certificate: t/certs/mtls_ca.crt
-etcd:
- host:
- - "https://admin.apisix.dev:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://admin.apisix.dev:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
' > conf/config.yaml
out=$(make init 2>&1 || echo "ouch")
@@ -95,13 +107,17 @@ apisix:
- addr: 9100
ssl:
ssl_trusted_certificate: t/certs/mtls_ca.crt
-etcd:
- host:
- - "https://admin.apisix.dev:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://admin.apisix.dev:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
' > conf/config.yaml
out=$(make init 2>&1 || echo "ouch")
@@ -132,13 +148,17 @@ echo '
apisix:
ssl:
ssl_trusted_certificate: t/certs/mtls_ca.crt
-etcd:
- host:
- - "https://127.0.0.1:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
' > conf/config.yaml
rm logs/error.log || true
@@ -147,7 +167,7 @@ make run
sleep 1
make stop
-if ! grep -E 'certificate host mismatch' logs/error.log; then
+if ! grep -E 'upstream SSL certificate does not match \"127.0.0.1\" while SSL
handshaking to upstream' logs/error.log; then
echo "failed: should got certificate host mismatch when use host in
etcd.host as sni"
exit 1
fi
@@ -161,14 +181,18 @@ echo '
apisix:
ssl:
ssl_trusted_certificate: t/certs/mtls_ca.crt
-etcd:
- host:
- - "https://127.0.0.1:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
- sni: "admin.apisix.dev"
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
+ sni: "admin.apisix.dev"
' > conf/config.yaml
rm logs/error.log || true
@@ -183,4 +207,3 @@ if grep -E 'certificate host mismatch' logs/error.log; then
fi
echo "passed: specify custom sni instead of using etcd.host"
-
diff --git a/t/cli/test_etcd_tls.sh b/t/cli/test_etcd_tls.sh
index 906a2b91d..39db833f9 100755
--- a/t/cli/test_etcd_tls.sh
+++ b/t/cli/test_etcd_tls.sh
@@ -27,10 +27,17 @@
git checkout conf/config.yaml
echo '
-etcd:
- host:
- - "https://127.0.0.1:12379";
- prefix: "/apisix"
+apisix:
+ ssl:
+ ssl_trusted_certificate: t/certs/mtls_ca.crt
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:12379";
+ prefix: "/apisix"
' > conf/config.yaml
out=$(make init 2>&1 || true)
@@ -46,12 +53,16 @@ echo "passed: Show certificate verify failed info
successfully"
git checkout conf/config.yaml
echo '
-etcd:
- host:
- - "https://127.0.0.1:12379";
- tls:
- verify: false
- prefix: "/apisix"
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:12379";
+ prefix: "/apisix"
+ tls:
+ verify: false
' > conf/config.yaml
out=$(make init 2>&1 || true)
diff --git a/t/cli/test_main.sh b/t/cli/test_main.sh
index 4397b8228..6a0358405 100755
--- a/t/cli/test_main.sh
+++ b/t/cli/test_main.sh
@@ -256,9 +256,13 @@ echo "passed: resolve variables wrapped with whitespace"
# support environment variables in local_conf
echo '
-etcd:
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
host:
- - "http://${{ETCD_HOST}}:${{ETCD_PORT}}";
+ - "http://${{ETCD_HOST}}:${{ETCD_PORT}}";
' > conf/config.yaml
ETCD_HOST=127.0.0.1 ETCD_PORT=2379 make init
@@ -270,9 +274,13 @@ fi
# don't override user's envs configuration
echo '
-etcd:
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
host:
- - "http://${{ETCD_HOST}}:${{ETCD_PORT}}";
+ - "http://${{ETCD_HOST}}:${{ETCD_PORT}}";
nginx_config:
envs:
- ETCD_HOST
@@ -291,9 +299,13 @@ if ! grep "env ETCD_HOST;" conf/nginx.conf > /dev/null;
then
fi
echo '
-etcd:
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
host:
- - "http://${{ETCD_HOST}}:${{ETCD_PORT}}";
+ - "http://${{ETCD_HOST}}:${{ETCD_PORT}}";
nginx_config:
envs:
- ETCD_HOST=1.1.1.1
diff --git a/t/cli/test_validate_config.sh b/t/cli/test_validate_config.sh
index dc5730e82..2fe5d4066 100755
--- a/t/cli/test_validate_config.sh
+++ b/t/cli/test_validate_config.sh
@@ -205,9 +205,13 @@ fi
echo "passed: check the realip configuration for batch-requests"
echo '
-etcd:
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
host:
- - 127.0.0.1
+ - 127.0.0.1
' > conf/config.yaml
out=$(make init 2>&1 || true)
diff --git a/t/core/config.t b/t/core/config.t
index b87fe1224..29d1cc52d 100644
--- a/t/core/config.t
+++ b/t/core/config.t
@@ -55,12 +55,15 @@ first plugin: "real-ip"
}
}
--- yaml_config
-etcd:
- host:
- - "http://127.0.0.1:2379"; # etcd address
- prefix: "/apisix" # apisix configurations prefix
- timeout: 1
-
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://127.0.0.1:2379"; # etcd address
+ prefix: "/apisix" # apisix configurations prefix
+ timeout: 1
plugins:
- example-plugin
diff --git a/t/core/config_etcd.t b/t/core/config_etcd.t
index 3baefa275..5c1d590a1 100644
--- a/t/core/config_etcd.t
+++ b/t/core/config_etcd.t
@@ -29,10 +29,15 @@ __DATA__
--- yaml_config
apisix:
node_listen: 1984
-etcd:
- host:
- - "http://127.0.0.1:7777"; -- wrong etcd port
- timeout: 1
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ prefix: "/apisix"
+ host:
+ - "http://127.0.0.1:7777"; -- wrong etcd port
+ timeout: 1
--- config
location /t {
content_by_lua_block {
@@ -54,9 +59,15 @@ qr/(connection refused){1,}/
--- yaml_config
apisix:
node_listen: 1984
-etcd:
- host:
- - "https://127.0.0.1:2379";
+ ssl:
+ ssl_trusted_certificate: t/servroot/conf/cert/etcd.pem
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:2379";
--- extra_init_by_lua
local health_check = require("resty.etcd.health_check")
health_check.get_target_status = function()
@@ -73,9 +84,9 @@ end
--- request
GET /t
--- grep_error_log chop
-handshake failed
+peer closed connection in SSL handshake while SSL handshaking to upstream
--- grep_error_log_out eval
-qr/(handshake failed){1,}/
+qr/(peer closed connection in SSL handshake while SSL handshaking to
upstream){1,}/
@@ -83,9 +94,13 @@ qr/(handshake failed){1,}/
--- yaml_config
apisix:
node_listen: 1984
-etcd:
- host:
- - "http://127.0.0.1:12379";
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://127.0.0.1:12379";
--- config
location /t {
content_by_lua_block {
@@ -107,9 +122,15 @@ qr/(closed){1,}/
--- yaml_config
apisix:
node_listen: 1984
-etcd:
- host:
- - "https://127.0.0.1:12379";
+ ssl:
+ ssl_trusted_certificate: t/servroot/conf/cert/etcd.pem
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:12379";
--- extra_init_by_lua
local health_check = require("resty.etcd.health_check")
health_check.get_target_status = function()
@@ -126,9 +147,9 @@ end
--- request
GET /t
--- grep_error_log chop
-18: self signed certificate
+10:certificate has expired
--- grep_error_log_out eval
-qr/(18: self signed certificate){1,}/
+qr/(10:certificate has expired){1,}/
@@ -137,11 +158,15 @@ qr/(18: self signed certificate){1,}/
apisix:
node_listen: 1984
admin_key: null
-etcd:
- host:
- - "https://127.0.0.1:12379";
- tls:
- verify: false
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:12379";
+ tls:
+ verify: false
--- config
location /t {
content_by_lua_block {
@@ -159,9 +184,8 @@ etcd:
"desc": "new route",
"uri": "/index.html"
}]]
- )
+ )
- ngx.status = code
ngx.say(body)
}
}
@@ -179,11 +203,15 @@ passed
apisix:
node_listen: 1984
admin_key: null
-etcd:
- host:
- - "https://127.0.0.1:12379";
- tls:
- verify: false
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:12379";
+ tls:
+ verify: false
--- config
location /t {
content_by_lua_block {
@@ -210,12 +238,16 @@ passed
--- yaml_config
apisix:
node_listen: 1984
-etcd:
- host:
- - "http://127.0.0.1:1980"; -- fake server port
- timeout: 1
- user: root # root username for etcd
- password: 5tHkHhYkjr6cQY # root password for etcd
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://127.0.0.1:1980"; -- fake server port
+ timeout: 1
+ user: root # root username for etcd
+ password: 5tHkHhYkjr6cQY # root password for etcd
--- extra_init_by_lua
local health_check = require("resty.etcd.health_check")
health_check.get_target_status = function()
diff --git a/t/core/etcd-auth-fail.t b/t/core/etcd-auth-fail.t
index 3ac2bb82b..c85f660dc 100644
--- a/t/core/etcd-auth-fail.t
+++ b/t/core/etcd-auth-fail.t
@@ -79,12 +79,16 @@ qr /insufficient credentials code: 401/
}
}
--- yaml_config
-etcd:
- host:
- - "http://127.0.0.1:2379";
- prefix: "/apisix"
- user: apisix
- password: abc123
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://127.0.0.1:2379";
+ prefix: "/apisix"
+ user: apisix
+ password: abc123
--- request
GET /t
--- error_log eval
diff --git a/t/core/etcd-auth.t b/t/core/etcd-auth.t
index f2f322db9..448893b26 100644
--- a/t/core/etcd-auth.t
+++ b/t/core/etcd-auth.t
@@ -85,12 +85,16 @@ test_value
}
}
--- yaml_config
-etcd:
- host:
- - "http://127.0.0.1:2379";
- prefix: "/apisix"
- user: apisix
- password: abc123
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://127.0.0.1:2379";
+ prefix: "/apisix"
+ user: apisix
+ password: abc123
--- request
GET /t
--- no_error_log
diff --git a/t/core/etcd-mtls.t b/t/core/etcd-mtls.t
index a004aef04..05b3121f9 100644
--- a/t/core/etcd-mtls.t
+++ b/t/core/etcd-mtls.t
@@ -24,7 +24,6 @@ if ($out !~ m/function:/) {
plan('no_plan');
}
-
add_block_preprocessor(sub {
my ($block) = @_;
@@ -39,14 +38,18 @@ __DATA__
=== TEST 1: run etcd in init phase
--- yaml_config
-etcd:
- host:
- - "https://127.0.0.1:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
- verify: false
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
+ verify: false
--- init_by_lua_block
local apisix = require("apisix")
apisix.http_init()
@@ -90,14 +93,18 @@ init_by_lua:26: 404
=== TEST 2: run etcd in init phase (stream)
--- yaml_config
-etcd:
- host:
- - "https://127.0.0.1:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
- verify: false
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
+ verify: false
--- stream_init_by_lua_block
apisix = require("apisix")
apisix.stream_init()
@@ -140,14 +147,18 @@ init_by_lua:26: 404
=== TEST 3: sync
--- extra_yaml_config
-etcd:
- host:
- - "https://127.0.0.1:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
- verify: false
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
+ verify: false
--- config
location /t {
content_by_lua_block {
@@ -196,14 +207,18 @@ waitdir key
=== TEST 4: sync (stream)
--- extra_yaml_config
-etcd:
- host:
- - "https://127.0.0.1:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
- verify: false
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
+ verify: false
--- stream_server_config
content_by_lua_block {
local core = require("apisix.core")
@@ -245,13 +260,17 @@ waitdir key
apisix:
ssl:
ssl_trusted_certificate: t/certs/mtls_ca.crt
-etcd:
- host:
- - "https://127.0.0.1:22379";
- prefix: "/apisix"
- tls:
- cert: t/certs/mtls_client.crt
- key: t/certs/mtls_client.key
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "https://127.0.0.1:22379";
+ prefix: "/apisix"
+ tls:
+ cert: t/certs/mtls_client.crt
+ key: t/certs/mtls_client.key
--- init_by_lua_block
local apisix = require("apisix")
apisix.http_init()
diff --git a/t/core/etcd-sync.t b/t/core/etcd-sync.t
index a1e674218..28a89b21f 100644
--- a/t/core/etcd-sync.t
+++ b/t/core/etcd-sync.t
@@ -24,9 +24,13 @@ __DATA__
=== TEST 1: minus timeout to watch repeatedly
--- extra_yaml_config
-etcd:
- host:
- - "http://127.0.0.1:2379";
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://127.0.0.1:2379";
--- config
location /t {
content_by_lua_block {
diff --git a/t/deployment/conf_server.t b/t/deployment/conf_server.t
index ee5234664..cd5353e37 100644
--- a/t/deployment/conf_server.t
+++ b/t/deployment/conf_server.t
@@ -29,13 +29,6 @@ add_block_preprocessor(sub {
});
-Test::Nginx::Socket::set_http_config_filter(sub {
- my $config = shift;
- my $snippet = `./t/bin/gen_snippet.lua conf_server`;
- $config .= $snippet;
- return $config;
-});
-
run_tests();
__DATA__
@@ -169,6 +162,11 @@ localhost is resolved to: 127.0.0.2
=== TEST 4: update balancer if the DNS result changed
--- extra_init_by_lua
+ local etcd = require("apisix.core.etcd")
+ etcd.switch_proxy = function ()
+ return etcd.new()
+ end
+
local resolver = require("apisix.core.resolver")
local old_f = resolver.parse_domain
package.loaded.counter = 0
diff --git a/t/deployment/conf_server2.t b/t/deployment/conf_server2.t
index c9eb0ac9c..b8261c80c 100644
--- a/t/deployment/conf_server2.t
+++ b/t/deployment/conf_server2.t
@@ -29,13 +29,6 @@ add_block_preprocessor(sub {
});
-Test::Nginx::Socket::set_http_config_filter(sub {
- my $config = shift;
- my $snippet = `./t/bin/gen_snippet.lua conf_server`;
- $config .= $snippet;
- return $config;
-});
-
run_tests();
__DATA__
diff --git a/t/deployment/mtls.t b/t/deployment/mtls.t
index 46972a8b3..8826dd2dd 100644
--- a/t/deployment/mtls.t
+++ b/t/deployment/mtls.t
@@ -38,13 +38,6 @@ add_block_preprocessor(sub {
});
-Test::Nginx::Socket::set_http_config_filter(sub {
- my $config = shift;
- my $snippet = `./t/bin/gen_snippet.lua conf_server`;
- $config .= $snippet;
- return $config;
-});
-
run_tests();
__DATA__
diff --git a/t/plugin/example.t b/t/plugin/example.t
index 985aa11f1..21972d290 100644
--- a/t/plugin/example.t
+++ b/t/plugin/example.t
@@ -165,12 +165,15 @@ GET /t
--- response_body
plugin name: example-plugin priority: 0
--- yaml_config
-etcd:
- host:
- - "http://127.0.0.1:2379"; # etcd address
- prefix: "/apisix" # apisix configurations prefix
- timeout: 1
-
+deployment:
+ role: traditional
+ role_traditional:
+ config_provider: etcd
+ etcd:
+ host:
+ - "http://127.0.0.1:2379"; # etcd address
+ prefix: "/apisix" # apisix configurations prefix
+ timeout: 1
plugins:
- example-plugin
- not-exist-plugin
