renshunhang commented on issue #12230:
URL: https://github.com/apache/apisix/issues/12230#issuecomment-2892759424
> Need to describe what version you are using? How it was deployed and the
corresponding config file.
The version is 3.11.0, I deploy it with k8s, and config file:
kind: Deployment
apiVersion: apps/v1
metadata:
name: apisix
namespace: apisix
labels:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: apisix
app.kubernetes.io/version: 2.10.0
spec:
replicas: 3
selector:
matchLabels:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: apisix
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: apisix
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: apisix
topologyKey: kubernetes.io/hostname
weight: 1
volumes:
- name: apisix-config
configMap:
name: apisix
defaultMode: 420
initContainers:
- name: wait-etcd
image: ${BUSYBOX_IMAGE_URL}
command:
- sh
- '-c'
- >-
until nc -z apisix-etcd.apisix.svc.cluster.local 2379; do echo
waiting for etcd `date`; sleep 2; done;
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
containers:
- name: apisix
image: ${APISIX_IMAGE_URL}
ports:
- name: http
containerPort: 9080
protocol: TCP
- name: tls
containerPort: 9443
protocol: TCP
- name: admin
containerPort: 9180
protocol: TCP
resources: {}
volumeMounts:
- name: apisix-config
mountPath: /usr/local/apisix/conf/config.yaml
subPath: config.yaml
readinessProbe:
tcpSocket:
port: 9080
initialDelaySeconds: 10
timeoutSeconds: 1
periodSeconds: 10
successThreshold: 1
failureThreshold: 6
lifecycle:
preStop:
exec:
command:
- /bin/sh
- '-c'
- sleep 30
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 25%
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: ConfigMap
apiVersion: v1
metadata:
name: apisix
namespace: apisix
data:
config.yaml: >-
plugins:
- openai-token-collector
- safe-check-forward
- prometheus
- loki-logger
- public-api
- server-info
- cors
- limit-conn
- limit-req
- limit-count
- proxy-rewrite
- redirect
- real-ip
- client-control
- proxy-control
- request-id
- zipkin
- ext-plugin-pre-req
- fault-injection
- mocking
- serverless-pre-function
- ip-restriction
- ua-restriction
- referer-restriction
- csrf
- uri-blocker
- request-validation
- chaitin-waf
- multi-auth
- openid-connect
- cas-auth
- authz-casbin
- authz-casdoor
- wolf-rbac
- ldap-auth
- hmac-auth
- basic-auth
- jwt-auth
- jwe-decrypt
- key-auth
- consumer-restriction
- attach-consumer-label
- forward-auth
- opa
- authz-keycloak
- proxy-cache
- workflow
- api-breaker
- gzip
- traffic-split
- response-rewrite
- degraphql
- kafka-proxy
- grpc-transcode
- grpc-web
- http-dubbo
- datadog
- elasticsearch-logger
- echo
- loggly
- http-logger
- splunk-hec-logging
- skywalking-logger
- google-cloud-logging
- sls-logger
- tcp-logger
- kafka-logger
- rocketmq-logger
- syslog
- udp-logger
- file-logger
- clickhouse-logger
- tencent-cloud-cls
- inspect
apisix:
node_listen: 9080 # APISIX listening port
enable_ipv6: false
enable_control: true
enable_admin_cors: true
control:
ip: "0.0.0.0"
port: 9092
nginx_config:
http_configuration_snippet: |
client_header_buffer_size 4m;
large_client_header_buffers 4 4m;
proxy_buffer_size 256k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
deployment:
admin:
allow_admin: #
https://nginx.org/en/docs/http/ngx_http_access_module.html#allow
- 0.0.0.0/0 # We need to restrict ip access rules for
security. 0.0.0.0/0 is for test.
admin_key:
- name: "admin"
key: edd1c9f034335f136f87ad84b625c222
role: admin # admin: manage all configuration
data
- name: "viewer"
key: 4054f7cf07e344346cd3f287985e7333
role: viewer
etcd:
host: # it's possible to define multiple
etcd hosts addresses of the same etcd cluster.
- "http://apisix-etcd.apisix.svc.cluster.local:2379";
prefix: "/apisix" # apisix configurations prefix
timeout: 30 # 30 seconds
plugin_attr:
prometheus:
export_addr:
ip: "0.0.0.0"
port: 9091
---
kind: Service
apiVersion: v1
metadata:
name: apisix-admin
namespace: apisix
labels:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: apisix
app.kubernetes.io/version: 2.10.0
spec:
ports:
- name: apisix-admin
protocol: TCP
port: 9180
targetPort: 9180
selector:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: apisix
type: ClusterIP
---
kind: Service
apiVersion: v1
metadata:
name: apisix-gateway
namespace: apisix
labels:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: apisix
app.kubernetes.io/version: 2.10.0
spec:
ports:
- name: apisix-gateway
protocol: TCP
port: 80
targetPort: 9080
nodePort: 31684
selector:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: apisix
type: NodePort
sessionAffinity: None
externalTrafficPolicy: Cluster
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
