[GitHub] [apisix] ikatlinsky opened a new issue, #8615: help request: configure authentication on route and upstream level separately
ikatlinsky opened a new issue, #8615: URL: https://github.com/apache/apisix/issues/8615 ### Description Have a question regarding the authentication capabilities of the apisix. We have the following use case: 1. Client that needs to authenticate in apisix with one set of credentials to access Route 2. Route is configured to the Upstream 3. Upstream endpoint requires its own authentication mechanism For example, to access the apisix route we want to use Keycloak open id authentication and the upstream endpoint requires basic authentication. Currently, we can use a set of plugins from [here](https://apisix.apache.org/docs/apisix/getting-started/) to authenticate on Route level, but there is no ability to configure authentication on upstream level. We managed to complete this task by adding an additional plugin `serverless-pre-function` to rewrite headers using lua scripts before passing requests to the upstream, but this approach seems to be complicated. Is there any best practice regarding described use case? ### Environment - APISIX version (run `apisix version`): 3.1.0 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] mscb402 commented on issue #8613: {"message":"failed to verify jwt"}
mscb402 commented on issue #8613:
URL: https://github.com/apache/apisix/issues/8613#issuecomment-1371884580
> > Hey @githubxubin, please provide your **complete steps** with APISIX
version :) It's helpful to reproduce your case.
>
> 1.set the public-api:
>
> ```json
> {
> "uri": "/apisix/plugin/jwt/sign",
> "name": "",
> "plugins": {
> "public-api": {}
> },
> "status": 1
> }
> ```
>
> 2.get the token by:/apisix/plugin/jwt/sign i get the token
:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjM1NTIyMTk4NTQsImtleSI6Imp3dF9rZXkifQ.Tr9OvZG_ZadNCWoMqkisQ0u5DagqyArZykl6AgDUnlA
>
> 3.i try to request my interface with the token :
>
http://url?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjM1NTIyMTk4NTQsImtleSI6Imp3dF9rZXkifQ.Tr9OvZG_ZadNCWoMqkisQ0u5DagqyArZykl6AgDUnlA
>
> return:
>
> ```json
> {"message":"failed to verify jwt"}
> ```
>
> What went wrong?
You can't set jwt in request like this way.
You should set jwt token in header `Authorization:`, like this
```
curl http://127.0.0.1:9080/index.html -H 'Authorization:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTU2NDA1MDgxMX0.Us8zh_4VjJXF-TmR5f8cif8mBU7SuefPlpxhH0jbPVI'
-i
```
There is document you can read
https://apisix.apache.org/docs/apisix/plugins/jwt-auth/
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix-website] SylviaBABY commented on a diff in pull request #1463: docs:add weekly report and 2022 commmunity summary
SylviaBABY commented on code in PR #1463: URL: https://github.com/apache/apisix-website/pull/1463#discussion_r1062186712 ## blog/zh/blog/2023/01/02/2022-summary.md: ## @@ -0,0 +1,95 @@ +--- +title: "2022 Apache APISIX 年度记忆" +author: "Sylvia" +authorURL: "https://github.com/SylviaBABY; +authorImageURL: "https://github.com/SylviaBABY.png; +keywords: +- 社区动态 +- 年终总结 +- APISIX +- 开源社区 +description: 本文介绍了 Apache APISIX 社区在 2022 年取得的成绩。 +tags: [Ecosystem] +--- + +> 本文将带您回顾 Apache APISIX 社区在 2022 年在各领域取得的成绩。 + + + +时光已逝,转眼 2022 年已然落下了帷幕。Apache APISIX 社区在众多开源爱好者和开发者的陪伴下,又一起走过了新的四季。 + +在过去的一年中,我们的开源项目和社区都取得了许多成就,并得到了来自全球范围的广泛关注和支持。2022 年,APISIX 社区仍然在为全球技术开发者和企业提供优质的产品与支持,并不断改进和升级产品。这一年中,APISIX 新增了许多功能,并迈入了全新的 3.0 时代;改善了用户体验,并得到了许多优秀贡献者的陪伴与合作。 + +我们希望通过这一份纸上告白,向大家展示 Apache APISIX 在过去一年中取得的成就,并感谢所有为 APISIX 项目做出贡献的人。 + +## 迈进 3.0 大版本,新增超多实用性功能 + +进入 2022 年后,APISIX 从 1 月份开始依旧保持着良好的发版速度。**这一年中,APISIX 一共发布了 15 个版本,涉及 6 个版本的更迭,包括旧版本的维护更新以及正常版本的迭代。** + + + +同时,在今年 APISIX 也将产品拉进了新的 3.0 时代,目前已针对 3.x 系列发布了 3 个更新版本。在 3.0 的整体规划中,将会陆续带来更多的针对生态和产品体验上的功能提升,使 APISIX 的可用性更上一层楼。**在新的一年中,APISIX 也会为产品带来更多实用性功能,助力企业在数字化转型的过程中,愈发轻松。** + + + +从 2019 年在 Apache 软件基金会毕业成为 Apache 社区顶级项目,到现在保持着稳定发版速度和活跃社区氛围的三年时间里,APISIX 项目在 GitHub 上已得到 10K+ star 并拥有 6 亿多下载量,contributor 数量已经超过 500 人。同时每月保持贡献 70+ commit、处理 80+ issue 的响应速度。高活跃度的社区氛围,正是推动产品快速成长的关键因素。 + + + +## 泵入新鲜血液,收获行业认可 + +**产品快速成长的背后,离不开社区中每一位成员的支持。** 在过去的一年中,APISIX 的贡献者人数增加了 200 人左右。相比总贡献者人数,这一年的增长相当于总人数的近 40% 比例,可见今年 APISIX 收获了开发者们超高的热情反馈,并将对开源产品的喜爱体现在了社区贡献中来。 + +这三年的发展过程中,APISIX 得到了非常多开发者的肯定与认可,他们也在全球 20 多个国家和地区进行 APISIX 项目的宣传。为了感谢各位对 APISIX 社区的喜爱,我们也会定期为参与 APISIX 社区的新晋贡献者们赠送社区周边,今年也是一样。 + +上半年的新晋贡献者我们已派发过相关周边,下半年的新晋贡献者礼物也在紧锣密鼓地制作中。如果你有收到来自 APISIX 社区的相关邮件,记得填写信息哦。当然,你也可以主动在 [GitHub 页面](https://github.com/apache/apisix/blob/master/CONTRIBUTING.md)进行填写,之后就会有精美周边送到你手上。 + + + +除了国内外开发者的认可外,今年 APISIX 也收获了很多企业级的技术赞誉。比如在互联网保险领域,众安保险在整个 DevOps 的全生命周期中,将 APISIX 作为流量治理的关键环节去处理,实现了更好的多渠道流量隔离;在智能汽车 AI 领域,地平线则选择了 APISIX Ingress 替换 Traefic 作为公司的统一流量网关,丰富了多云环境下的服务调用等功能;在国产手机领军队伍中,vivo 使用 APISIX 替换了之前传统的 NGINX,同时基于 APISIX 还自研了内部业务配置管理系统,在 vivo 业务架构的实践和场景支持上都表现得十分出色。 Review Comment: you can add links with these cases vivo: https://apisix.apache.org/zh/blog/2022/11/13/vivo-with-apache-apisix/ 地平线:https://apisix.apache.org/zh/blog/2022/10/28/apisix-ingress-with-horizon-ai/ 众安保险:https://apisix.apache.org/zh/blog/2022/03/02/zhongan-usercase-with-apache-apisix/ ## blog/zh/blog/2023/01/02/2022-summary.md: ## @@ -0,0 +1,95 @@ +--- +title: "2022 Apache APISIX 年度记忆" +author: "Sylvia" +authorURL: "https://github.com/SylviaBABY; +authorImageURL: "https://github.com/SylviaBABY.png; +keywords: +- 社区动态 +- 年终总结 +- APISIX +- 开源社区 +description: 本文介绍了 Apache APISIX 社区在 2022 年取得的成绩。 +tags: [Ecosystem] Review Comment: ```suggestion tags: [Community] ``` ## blog/zh/blog/2023/01/02/2022-summary.md: ## @@ -0,0 +1,95 @@ +--- +title: "2022 Apache APISIX 年度记忆" +author: "Sylvia" +authorURL: "https://github.com/SylviaBABY; +authorImageURL: "https://github.com/SylviaBABY.png; +keywords: +- 社区动态 +- 年终总结 +- APISIX +- 开源社区 +description: 本文介绍了 Apache APISIX 社区在 2022 年取得的成绩。 +tags: [Ecosystem] +--- + +> 本文将带您回顾 Apache APISIX 社区在 2022 年在各领域取得的成绩。 + + + +时光已逝,转眼 2022 年已然落下了帷幕。Apache APISIX 社区在众多开源爱好者和开发者的陪伴下,又一起走过了新的四季。 + +在过去的一年中,我们的开源项目和社区都取得了许多成就,并得到了来自全球范围的广泛关注和支持。2022 年,APISIX 社区仍然在为全球技术开发者和企业提供优质的产品与支持,并不断改进和升级产品。这一年中,APISIX 新增了许多功能,并迈入了全新的 3.0 时代;改善了用户体验,并得到了许多优秀贡献者的陪伴与合作。 + +我们希望通过这一份纸上告白,向大家展示 Apache APISIX 在过去一年中取得的成就,并感谢所有为 APISIX 项目做出贡献的人。 + +## 迈进 3.0 大版本,新增超多实用性功能 + +进入 2022 年后,APISIX 从 1 月份开始依旧保持着良好的发版速度。**这一年中,APISIX 一共发布了 15 个版本,涉及 6 个版本的更迭,包括旧版本的维护更新以及正常版本的迭代。** + + + +同时,在今年 APISIX 也将产品拉进了新的 3.0 时代,目前已针对 3.x 系列发布了 3 个更新版本。在 3.0 的整体规划中,将会陆续带来更多的针对生态和产品体验上的功能提升,使 APISIX 的可用性更上一层楼。**在新的一年中,APISIX 也会为产品带来更多实用性功能,助力企业在数字化转型的过程中,愈发轻松。** + + + +从 2019 年在 Apache 软件基金会毕业成为 Apache 社区顶级项目,到现在保持着稳定发版速度和活跃社区氛围的三年时间里,APISIX 项目在 GitHub 上已得到 10K+ star 并拥有 6 亿多下载量,contributor 数量已经超过 500 人。同时每月保持贡献 70+ commit、处理 80+ issue 的响应速度。高活跃度的社区氛围,正是推动产品快速成长的关键因素。 + + + +## 泵入新鲜血液,收获行业认可 + +**产品快速成长的背后,离不开社区中每一位成员的支持。** 在过去的一年中,APISIX 的贡献者人数增加了 200 人左右。相比总贡献者人数,这一年的增长相当于总人数的近 40% 比例,可见今年 APISIX 收获了开发者们超高的热情反馈,并将对开源产品的喜爱体现在了社区贡献中来。 + +这三年的发展过程中,APISIX 得到了非常多开发者的肯定与认可,他们也在全球 20 多个国家和地区进行 APISIX 项目的宣传。为了感谢各位对 APISIX 社区的喜爱,我们也会定期为参与 APISIX 社区的新晋贡献者们赠送社区周边,今年也是一样。 + +上半年的新晋贡献者我们已派发过相关周边,下半年的新晋贡献者礼物也在紧锣密鼓地制作中。如果你有收到来自 APISIX 社区的相关邮件,记得填写信息哦。当然,你也可以主动在
[GitHub] [apisix] spacewander opened a new pull request, #8614: ci: use fixed os version of ubuntu (#8438)
spacewander opened a new pull request, #8614: URL: https://github.com/apache/apisix/pull/8614 ### Description Make CI pass again ### Checklist - [ ] I have explained the need for this PR and the problem it solves - [ ] I have explained the changes or the new features added to this PR - [ ] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [ ] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] githubxubin commented on issue #8613: {"message":"failed to verify jwt"}
githubxubin commented on issue #8613:
URL: https://github.com/apache/apisix/issues/8613#issuecomment-1371869966
> Hey @githubxubin, please provide your **complete steps** with APISIX
version :) It's helpful to reproduce your case.
and the consumer and rounte are set truely!
1.consumer config:
{
"username": "consumer_jwt",
"desc": "consumer_jwt",
"plugins": {
"jwt-auth": {
"exp": 1879318541,
"key": "jwt_key"
}
}
}
2.rounte config:
{
"uri": "/admin/*",
"name": "xubin_rount_admin",
"methods": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH",
"HEAD",
"OPTIONS",
"CONNECT",
"TRACE"
],
"plugins": {
"jwt-auth": {
"disable": false
},
"proxy-rewrite": {
"regex_uri": [
"^/admin(/|$)(.*)",
"/$2"
]
},
"public-api": {
"disable": false
}
},
"upstream": {
"nodes": [
{
"host": "192.168.85.66",
"port": 8082,
"weight": 1
}
],
"retries": 2,
"timeout": {
"connect": 6,
"send": 6,
"read": 6
},
"type": "roundrobin",
"scheme": "http",
"pass_host": "pass",
"keepalive_pool": {
"idle_timeout": 60,
"requests": 1000,
"size": 320
},
"retry_timeout": 3
},
"labels": {
"API_VERSION": "v1.0"
},
"status": 1
}
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] githubxubin commented on issue #8613: {"message":"failed to verify jwt"}
githubxubin commented on issue #8613:
URL: https://github.com/apache/apisix/issues/8613#issuecomment-1371867020
> Hey @githubxubin, please provide your **complete steps** with APISIX
version :) It's helpful to reproduce your case.
1.set the public-api:
{
"uri": "/apisix/plugin/jwt/sign",
"name": "",
"plugins": {
"public-api": {}
},
"status": 1
}
2.get the token by:/apisix/plugin/jwt/sign
i get the token
:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjM1NTIyMTk4NTQsImtleSI6Imp3dF9rZXkifQ.Tr9OvZG_ZadNCWoMqkisQ0u5DagqyArZykl6AgDUnlA
3.i try to request my interface with the token :
http://url?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjM1NTIyMTk4NTQsImtleSI6Imp3dF9rZXkifQ.Tr9OvZG_ZadNCWoMqkisQ0u5DagqyArZykl6AgDUnlA
return: {"message":"failed to verify jwt"}
What went wrong?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] ronething commented on a diff in pull request #8593: feat: stream subsystem support dns service discovery
ronething commented on code in PR #8593:
URL: https://github.com/apache/apisix/pull/8593#discussion_r1062169542
##
t/discovery/stream/dns.t:
##
@@ -0,0 +1,431 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+no_root_location();
+no_shuffle();
+
+add_block_preprocessor(sub {
+my ($block) = @_;
+
+if (!$block->yaml_config) {
+my $yaml_config = <<_EOC_;
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+_EOC_
+
+$block->set_value("yaml_config", $yaml_config);
+}
+
+if ($block->apisix_yaml) {
+my $upstream = <<_EOC_;
+stream_routes:
+ - id: 1
+server_port: 1985
+upstream_id: 1
+#END
+_EOC_
+
+$block->set_value("apisix_yaml", $block->apisix_yaml . $upstream);
+}
+
+if (!$block->stream_request) {
+# GET /hello HTTP/1.0\r\nHost: 127.0.0.1:1985\r\n\r\n
+$block->set_value("stream_request",
"\x47\x45\x54\x20\x2f\x68\x65\x6c\x6c\x6f\x20\x48\x54\x54\x50\x2f\x31\x2e\x30\x0d\x0a\x48\x6f\x73\x74\x3a\x20\x31\x32\x37\x2e\x30\x2e\x30\x2e\x31\x3a\x31\x39\x38\x35\x0d\x0a\x0d\x0a");
+}
+
+});
+
+run_tests();
+
+__DATA__
+
+=== TEST 1: default port to 53
+--- log_level: debug
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1"
+--- apisix_yaml
+upstreams:
+- service_name: sd.test.local
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+127.0.0.1:53
+
+
+
+=== TEST 2: A
+--- apisix_yaml
+upstreams:
+- service_name: "sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":1,"127.0.0.2:1980":1|"127.0.0.2:1980":1,"127.0.0.1:1980":1)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 3:
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "ipv6.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to [0:0:0:0:0:0:0:1]:1980
+
+
+
+=== TEST 4: prefer A to
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "mix.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to 127.0.0.1:1980
+
+
+
+=== TEST 5: no /etc/hosts
+--- apisix_yaml
+upstreams:
+- service_name: test.com
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 6: no /etc/resolv.conf
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+enable_resolv_search_option: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+--- apisix_yaml
+upstreams:
+- service_name: apisix
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 7: SRV
+--- apisix_yaml
+upstreams:
+- service_name: "srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":60,"127.0.0.2:1980":20|"127.0.0.2:1980":20,"127.0.0.1:1980":60)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 8: SRV (RFC 2782 style)
+--- apisix_yaml
+upstreams:
+- service_name: "_sip._tcp.srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+---
[GitHub] [apisix] ronething commented on a diff in pull request #8593: feat: stream subsystem support dns service discovery
ronething commented on code in PR #8593:
URL: https://github.com/apache/apisix/pull/8593#discussion_r1062169542
##
t/discovery/stream/dns.t:
##
@@ -0,0 +1,431 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+no_root_location();
+no_shuffle();
+
+add_block_preprocessor(sub {
+my ($block) = @_;
+
+if (!$block->yaml_config) {
+my $yaml_config = <<_EOC_;
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+_EOC_
+
+$block->set_value("yaml_config", $yaml_config);
+}
+
+if ($block->apisix_yaml) {
+my $upstream = <<_EOC_;
+stream_routes:
+ - id: 1
+server_port: 1985
+upstream_id: 1
+#END
+_EOC_
+
+$block->set_value("apisix_yaml", $block->apisix_yaml . $upstream);
+}
+
+if (!$block->stream_request) {
+# GET /hello HTTP/1.0\r\nHost: 127.0.0.1:1985\r\n\r\n
+$block->set_value("stream_request",
"\x47\x45\x54\x20\x2f\x68\x65\x6c\x6c\x6f\x20\x48\x54\x54\x50\x2f\x31\x2e\x30\x0d\x0a\x48\x6f\x73\x74\x3a\x20\x31\x32\x37\x2e\x30\x2e\x30\x2e\x31\x3a\x31\x39\x38\x35\x0d\x0a\x0d\x0a");
+}
+
+});
+
+run_tests();
+
+__DATA__
+
+=== TEST 1: default port to 53
+--- log_level: debug
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1"
+--- apisix_yaml
+upstreams:
+- service_name: sd.test.local
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+127.0.0.1:53
+
+
+
+=== TEST 2: A
+--- apisix_yaml
+upstreams:
+- service_name: "sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":1,"127.0.0.2:1980":1|"127.0.0.2:1980":1,"127.0.0.1:1980":1)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 3:
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "ipv6.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to [0:0:0:0:0:0:0:1]:1980
+
+
+
+=== TEST 4: prefer A to
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "mix.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to 127.0.0.1:1980
+
+
+
+=== TEST 5: no /etc/hosts
+--- apisix_yaml
+upstreams:
+- service_name: test.com
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 6: no /etc/resolv.conf
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+enable_resolv_search_option: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+--- apisix_yaml
+upstreams:
+- service_name: apisix
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 7: SRV
+--- apisix_yaml
+upstreams:
+- service_name: "srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":60,"127.0.0.2:1980":20|"127.0.0.2:1980":20,"127.0.0.1:1980":60)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 8: SRV (RFC 2782 style)
+--- apisix_yaml
+upstreams:
+- service_name: "_sip._tcp.srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+---
[GitHub] [apisix] juzhiyuan commented on issue #8613: {"message":"failed to verify jwt"}
juzhiyuan commented on issue #8613: URL: https://github.com/apache/apisix/issues/8613#issuecomment-1371862634 Hey @githubxubin, please provide your **complete steps** with APISIX version :) It's helpful to reproduce your case. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] ronething commented on a diff in pull request #8593: feat: stream subsystem support dns service discovery
ronething commented on code in PR #8593:
URL: https://github.com/apache/apisix/pull/8593#discussion_r1062169687
##
t/discovery/stream/dns.t:
##
@@ -0,0 +1,431 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+no_root_location();
+no_shuffle();
+
+add_block_preprocessor(sub {
+my ($block) = @_;
+
+if (!$block->yaml_config) {
+my $yaml_config = <<_EOC_;
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+_EOC_
+
+$block->set_value("yaml_config", $yaml_config);
+}
+
+if ($block->apisix_yaml) {
+my $upstream = <<_EOC_;
+stream_routes:
+ - id: 1
+server_port: 1985
+upstream_id: 1
+#END
+_EOC_
+
+$block->set_value("apisix_yaml", $block->apisix_yaml . $upstream);
+}
+
+if (!$block->stream_request) {
+# GET /hello HTTP/1.0\r\nHost: 127.0.0.1:1985\r\n\r\n
+$block->set_value("stream_request",
"\x47\x45\x54\x20\x2f\x68\x65\x6c\x6c\x6f\x20\x48\x54\x54\x50\x2f\x31\x2e\x30\x0d\x0a\x48\x6f\x73\x74\x3a\x20\x31\x32\x37\x2e\x30\x2e\x30\x2e\x31\x3a\x31\x39\x38\x35\x0d\x0a\x0d\x0a");
+}
+
+});
+
+run_tests();
+
+__DATA__
+
+=== TEST 1: default port to 53
+--- log_level: debug
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1"
+--- apisix_yaml
+upstreams:
+- service_name: sd.test.local
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+127.0.0.1:53
+
+
+
+=== TEST 2: A
+--- apisix_yaml
+upstreams:
+- service_name: "sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":1,"127.0.0.2:1980":1|"127.0.0.2:1980":1,"127.0.0.1:1980":1)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 3:
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "ipv6.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to [0:0:0:0:0:0:0:1]:1980
+
+
+
+=== TEST 4: prefer A to
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "mix.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to 127.0.0.1:1980
+
+
+
+=== TEST 5: no /etc/hosts
+--- apisix_yaml
+upstreams:
+- service_name: test.com
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 6: no /etc/resolv.conf
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+enable_resolv_search_option: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+--- apisix_yaml
+upstreams:
+- service_name: apisix
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 7: SRV
+--- apisix_yaml
+upstreams:
+- service_name: "srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":60,"127.0.0.2:1980":20|"127.0.0.2:1980":20,"127.0.0.1:1980":60)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 8: SRV (RFC 2782 style)
+--- apisix_yaml
+upstreams:
+- service_name: "_sip._tcp.srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+---
[GitHub] [apisix] ronething commented on a diff in pull request #8593: feat: stream subsystem support dns service discovery
ronething commented on code in PR #8593:
URL: https://github.com/apache/apisix/pull/8593#discussion_r1062169542
##
t/discovery/stream/dns.t:
##
@@ -0,0 +1,431 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+no_root_location();
+no_shuffle();
+
+add_block_preprocessor(sub {
+my ($block) = @_;
+
+if (!$block->yaml_config) {
+my $yaml_config = <<_EOC_;
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+_EOC_
+
+$block->set_value("yaml_config", $yaml_config);
+}
+
+if ($block->apisix_yaml) {
+my $upstream = <<_EOC_;
+stream_routes:
+ - id: 1
+server_port: 1985
+upstream_id: 1
+#END
+_EOC_
+
+$block->set_value("apisix_yaml", $block->apisix_yaml . $upstream);
+}
+
+if (!$block->stream_request) {
+# GET /hello HTTP/1.0\r\nHost: 127.0.0.1:1985\r\n\r\n
+$block->set_value("stream_request",
"\x47\x45\x54\x20\x2f\x68\x65\x6c\x6c\x6f\x20\x48\x54\x54\x50\x2f\x31\x2e\x30\x0d\x0a\x48\x6f\x73\x74\x3a\x20\x31\x32\x37\x2e\x30\x2e\x30\x2e\x31\x3a\x31\x39\x38\x35\x0d\x0a\x0d\x0a");
+}
+
+});
+
+run_tests();
+
+__DATA__
+
+=== TEST 1: default port to 53
+--- log_level: debug
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1"
+--- apisix_yaml
+upstreams:
+- service_name: sd.test.local
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+127.0.0.1:53
+
+
+
+=== TEST 2: A
+--- apisix_yaml
+upstreams:
+- service_name: "sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":1,"127.0.0.2:1980":1|"127.0.0.2:1980":1,"127.0.0.1:1980":1)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 3:
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "ipv6.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to [0:0:0:0:0:0:0:1]:1980
+
+
+
+=== TEST 4: prefer A to
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "mix.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to 127.0.0.1:1980
+
+
+
+=== TEST 5: no /etc/hosts
+--- apisix_yaml
+upstreams:
+- service_name: test.com
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 6: no /etc/resolv.conf
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+enable_resolv_search_option: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+--- apisix_yaml
+upstreams:
+- service_name: apisix
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 7: SRV
+--- apisix_yaml
+upstreams:
+- service_name: "srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":60,"127.0.0.2:1980":20|"127.0.0.2:1980":20,"127.0.0.1:1980":60)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 8: SRV (RFC 2782 style)
+--- apisix_yaml
+upstreams:
+- service_name: "_sip._tcp.srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+---
[GitHub] [apisix] githubxubin opened a new issue, #8613: {"message":"failed to verify jwt"}
githubxubin opened a new issue, #8613:
URL: https://github.com/apache/apisix/issues/8613
### Description
jwt-auth plugins use:
http://url?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjM1NTIyMTk4NTQsImtleSI6Imp3dF9rZXkifQ.Tr9OvZG_ZadNCWoMqkisQ0u5DagqyArZykl6AgDUnlA
the token is true but response is {"message":"failed to verify jwt"}.
version:
apache/apisix:2.15.0-alpine
apache/apisix-dashboard:2.13-alpine
bitnami/etcd:3.4.15
jwt config:
{
"username": "consumer_jwt",
"desc": "consumer_jwt",
"plugins": {
"jwt-auth": {
"exp": 1879318541,
"key": "jwt_key"
}
}
}
### Environment
- APISIX version (run `apisix version`):
- Operating system (run `uname -a`):
- OpenResty / Nginx version (run `openresty -V` or `nginx -V`):
- etcd version, if relevant (run `curl
http://127.0.0.1:9090/v1/server_info`):
- APISIX Dashboard version, if relevant:
- Plugin runner version, for issues related to plugin runners:
- LuaRocks version, for installation issues (run `luarocks --version`):
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] kingluo opened a new pull request, #8612: fix: correct inspect plugin default hooks file path and add hook remo…
kingluo opened a new pull request, #8612: URL: https://github.com/apache/apisix/pull/8612 …ve logs ### Description fix: correct inspect plugin default hooks file path and add hook remove logs ### Checklist - [x] I have explained the need for this PR and the problem it solves - [x] I have explained the changes or the new features added to this PR - [ ] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [x] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-website] netlify[bot] commented on pull request #1463: docs:add weekly report and 2022 commmunity summart
netlify[bot] commented on PR #1463: URL: https://github.com/apache/apisix-website/pull/1463#issuecomment-1371854178 ### Deploy Preview for *apache-apisix* processing. | Name | Link | |-|| | Latest commit | c1ab6aec392f4ddd5b554b9f910144e6deb05dbc | | Latest deploy log | https://app.netlify.com/sites/apache-apisix/deploys/63b676e7566705000913add9 | -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-website] KID-G opened a new pull request, #1463: docs:add weekly report and 2022 commmunity summart
KID-G opened a new pull request, #1463: URL: https://github.com/apache/apisix-website/pull/1463 Changes: Add weekly report and 2022 commmunity summart -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] juzhiyuan commented on issue #8207: help request: http_ssl_phase(): failed to fetch ssl config
juzhiyuan commented on issue #8207: URL: https://github.com/apache/apisix/issues/8207#issuecomment-1371850613 Hi @Msiavashi Do you have any updates on this issue? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] spacewander commented on a diff in pull request #8584: feat: stream subsystem support nacos service discovery
spacewander commented on code in PR #8584:
URL: https://github.com/apache/apisix/pull/8584#discussion_r1062159973
##
t/discovery/stream/nacos.t:
##
@@ -0,0 +1,93 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+log_level('info');
+worker_connections(256);
+no_root_location();
+no_shuffle();
+workers(1);
+
+our $yaml_config = <<_EOC_;
+apisix:
+ node_listen: 1984
+deployment:
+ role: data_plane
+ role_data_plane:
+config_provider: yaml
+discovery:
+ nacos:
+ host:
+- "http://127.0.0.1:8858;
+ prefix: "/nacos/v1/"
+ fetch_interval: 1
+ weight: 1
+ timeout:
+connect: 2000
+send: 2000
+read: 5000
+
+_EOC_
+
+add_block_preprocessor(sub {
+my ($block) = @_;
+
+if (!$block->stream_request) {
+# GET /hello HTTP/1.1\r\nHost: 127.0.0.1:1985\r\nConnection:
close\r\n\r\n
+$block->set_value("stream_request",
"\x47\x45\x54\x20\x2f\x68\x65\x6c\x6c\x6f\x20\x48\x54\x54\x50\x2f\x31\x2e\x31\x0d\x0a\x48\x6f\x73\x74\x3a\x20\x31\x32\x37\x2e\x30\x2e\x30\x2e\x31\x3a\x31\x39\x38\x35\x0d\x0a\x43\x6f\x6e\x6e\x65\x63\x74\x69\x6f\x6e\x3a\x20\x63\x6c\x6f\x73\x65\x0d\x0a\x0d\x0a");
Review Comment:
Let's make it more clear. See
https://github.com/apache/apisix/pull/8593#discussion_r1062152981
##
t/discovery/stream/nacos.t:
##
@@ -0,0 +1,93 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+log_level('info');
+worker_connections(256);
+no_root_location();
+no_shuffle();
+workers(1);
Review Comment:
We need multiple workers to test worker-event
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[apisix-website] branch master updated: docs:add two blogs (#1459)
This is an automated email from the ASF dual-hosted git repository. sylviasu pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/apisix-website.git The following commit(s) were added to refs/heads/master by this push: new 4a763b16dfb docs:add two blogs (#1459) 4a763b16dfb is described below commit 4a763b16dfbe9081c7721ba117d3b5a4cc8063af Author: 长龙 <362753...@qq.com> AuthorDate: Thu Jan 5 14:47:35 2023 +0800 docs:add two blogs (#1459) * docs:add two blogs --- .../blog/2022/12/27/apisix-ingress-with-Flagger.md | 407 + .../2022/12/27/apisix-ingress-with-gatewayapi.md | 151 2 files changed, 558 insertions(+) diff --git a/blog/zh/blog/2022/12/27/apisix-ingress-with-Flagger.md b/blog/zh/blog/2022/12/27/apisix-ingress-with-Flagger.md new file mode 100644 index 000..86303cf1689 --- /dev/null +++ b/blog/zh/blog/2022/12/27/apisix-ingress-with-Flagger.md @@ -0,0 +1,407 @@ +--- +title: "APISIX Ingress + Flagger 实现顺滑的金丝雀发布" +author: "谭恒亮" +authorURL: "https://github.com/Gallardot; +authorImageURL: "https://github.com/Gallardot.png; +keywords: +- Apache APISIX +- Ingress +- Ingress controller +- 金丝雀 +- Flagger +description: 通过 Apache APISIX 和 Flagger 的整合,实现了非常顺滑的金丝雀发布。 +tags: [Ecosystem] +--- + +> 通过 Apache APISIX 和 Flagger 的整合,实现了非常顺滑的金丝雀发布。 + + + +> 作者:谭恒亮,Github ID: Gallardot。开源项目爱好者,CNCF Chaos Mesh 项目 Maintainer,CNCF KubeVela、Apache APISIX、CNCF Flagger、CNCF Argo Rollouts 等项目 Contributor。目前在小鹏汽车任职基础架构研发专家。 + +在日常的项目开发过程中时,我们时常会面临服务变更的挑战,为了不影响用户体验,我们往往尽可能需要规避服务不可用的风险。因此,持续交付便应运而生,其被接受为一种企业软件实践,并且是完善的持续集成原则的自然演变。 + +然而,持续部署仍然非常罕见,这可能是由于管理的复杂性以及担心部署失败会影响系统可用性。在整个持续交付体系中,金丝雀发布或许是最为经典的一个场景。基于此,我们能够很快发现“不健康”和“有问题”的服务,并且可以毫不费力地回滚到上一个版本。 + +金丝雀发布也称“灰度发布”。通常来讲,在原有版本可用的情况下,同时发布部署一个新版本应用作为“金丝雀”,其目的是为了测试新版本的性能和表现,在保障整体系统稳定的前提下,尽早发现和及时调整。 + +金丝雀发布并非黑即白的发布方式,它能够缓慢地将特定百分比的流量引导至一小部分用户。若验证没有问题,再推广到全部用户,并逐步淘汰旧版本,以降低生产环境引入新功能带来的风险。 + +本文将介绍如何通过 Apache APISIX Ingress 和 Flagger 实现顺滑的金丝雀发布,从而提高发布效率,降低发布风险。 + +## 项目介绍 + +### Apache APISIX Ingress + +Apache APISIX Ingress 使用 Apache APISIX 作为数据面代理的 Kubernetes Ingress controller 实现,提供了负载均衡、动态上游、金丝雀发布、精细化路由、限流限速、服务降级、服务熔断、身份认证、可观测性等数百项功能。目前已被包括 Zoom、腾讯云、驾考宝典、地平线、欧洲哥白尼参考系统等国内外公司和组织采用。 + +### Flagger + +Flagger 是一个 CNCF 云原生计算基金会项目,是 GitOps 工具 Flux 系列的一部分。最近 CNCF 云原生计算基金会也宣布了 Flux 正式毕业,很好地表明了云原生技术当前的成功与光明前景。作为一种渐进式交付工具,Flagger 可自动执行在 Kubernetes 上运行的应用程序的发布过程。它通过在衡量分析指标和运行一致性测试的同时逐渐将流量转移到新版本来降低在生产中引入新软件版本的风险。 + +经过 Apache APISIX 和 Flux 两个社区的合作与努力,Flagger 在近期也发布了 v1.27.0 版本,支持使用 Apache APISIX Ingress 和 Flagger 进行自动化的金丝雀发布。 + + + +下文将通过实践,一步步为大家展示下这个顺滑的金丝雀发布过程。 + +## 金丝雀发布准备环节 + +### 环境与组件准备 + +首先需要一个 v1.19 或更新版本的 Kubernetes 集群,你可以通过 [kind](https://kind.sigs.k8s.io/) 进行安装。 + +然后使用 Helm V3 来安装 Apache APISIX 和 Apache APISIX Ingress Controller,具体操作如下所示: + +```bash +helm repo add apisix https://charts.apiseven.com +kubectl create ns apisix + + + +helm upgrade -i apisix apisix/apisix --version=0.11.3 \ +--namespace apisix \ +--set apisix.podAnnotations."prometheus\.io/scrape"=true \ +--set apisix.podAnnotations."prometheus\.io/port"=9091 \ +--set apisix.podAnnotations."prometheus\.io/path"=/apisix/prometheus/metrics \ +--set pluginAttrs.prometheus.export_addr.ip=0.0.0.0 \ +--set pluginAttrs.prometheus.export_addr.port=9091 \ +--set pluginAttrs.prometheus.export_uri=/apisix/prometheus/metrics \ +--set pluginAttrs.prometheus.metric_prefix=apisix_ \ +--set ingress-controller.enabled=true \ +--set ingress-controller.config.apisix.serviceNamespace=apisix +``` + +完成后,在 apisix namespace 中安装 Flagger 和 Prometheus 附加组件。 + +```bash +helm repo add flagger https://flagger.app + + + +helm upgrade -i flagger flagger/flagger \ +--namespace apisix \ +--set prometheus.install=true \ +--set meshProvider=apisix +``` + +注意,如需使用自建 prometheus 或者 prometheus operator,可以自行搜索相关文章进行修改。 + +### 初始化应用 + +Flagger 可以作用于 Kubernetes 的 deployment 以及其他的 workload,也可以和 HPA 结合在一起工作。它将会创建一系列的对象(比如 Kubernetes deployments、ClusterIP services 和 ApisixRoute)。这些对象可以将应用暴露到集群外提供服务,并用于金丝雀发布过程的分析和发布。 + +首先使用 `kubectl create ns test` 命令来新建一个 namespace,这里我们将其命名为 `test`。然后通过 `kubectl apply -k https://github.com/fluxcd/flagger//kustomize/podinfo?ref=main` 命令,新建一个 deployment 和 HPA,这里使用 Flagger 官方示例程序。 + +接下来可通过 `helm upgrade -i flagger-loadtester flagger/loadtester \` + +`--namespace=test` 指令来部署 Flagger 的负载测试服务,用于在金丝雀发布期间产生流量时,方便对其进行分析。 + +此时,创建 Apache APISIX 的`ApisixRoute`,Flagger 将会引用该资源,并且生成金丝雀版本的 Apache APISIX Ingress 的`ApisixRoute`,具体可参考下方示例(示例中的`app.example.com`可以替换成你的实际域名)。 + +```yaml +apiVersion: apisix.apache.org/v2 +kind: ApisixRoute +metadata: + name: podinfo + namespace: test +spec: + http: +- backends: +- serviceName: podinfo + servicePort: 80 + match: +hosts: + - app.example.com +methods: + - GET +paths: + - /* + name: method + plugins: +- name: prometheus +
[GitHub] [apisix-website] SylviaBABY merged pull request #1459: docs:add two blogs
SylviaBABY merged PR #1459: URL: https://github.com/apache/apisix-website/pull/1459 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] spacewander commented on a diff in pull request #8593: feat: stream subsystem support dns service discovery
spacewander commented on code in PR #8593:
URL: https://github.com/apache/apisix/pull/8593#discussion_r1062131672
##
t/discovery/stream/dns.t:
##
@@ -0,0 +1,431 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+no_root_location();
+no_shuffle();
+
+add_block_preprocessor(sub {
+my ($block) = @_;
+
+if (!$block->yaml_config) {
+my $yaml_config = <<_EOC_;
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+_EOC_
+
+$block->set_value("yaml_config", $yaml_config);
+}
+
+if ($block->apisix_yaml) {
+my $upstream = <<_EOC_;
+stream_routes:
+ - id: 1
+server_port: 1985
+upstream_id: 1
+#END
+_EOC_
+
+$block->set_value("apisix_yaml", $block->apisix_yaml . $upstream);
+}
+
+if (!$block->stream_request) {
+# GET /hello HTTP/1.0\r\nHost: 127.0.0.1:1985\r\n\r\n
+$block->set_value("stream_request",
"\x47\x45\x54\x20\x2f\x68\x65\x6c\x6c\x6f\x20\x48\x54\x54\x50\x2f\x31\x2e\x30\x0d\x0a\x48\x6f\x73\x74\x3a\x20\x31\x32\x37\x2e\x30\x2e\x30\x2e\x31\x3a\x31\x39\x38\x35\x0d\x0a\x0d\x0a");
+}
+
+});
+
+run_tests();
+
+__DATA__
+
+=== TEST 1: default port to 53
+--- log_level: debug
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1"
+--- apisix_yaml
+upstreams:
+- service_name: sd.test.local
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+127.0.0.1:53
+
+
+
+=== TEST 2: A
+--- apisix_yaml
+upstreams:
+- service_name: "sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":1,"127.0.0.2:1980":1|"127.0.0.2:1980":1,"127.0.0.1:1980":1)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 3:
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "ipv6.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to [0:0:0:0:0:0:0:1]:1980
+
+
+
+=== TEST 4: prefer A to
+--- listen_ipv6
+--- apisix_yaml
+upstreams:
+- service_name: "mix.sd.test.local:1980"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- stream_response_like
+hello world
+--- grep_error_log eval
+qr/proxy request to \S+/
+--- grep_error_log_out
+proxy request to 127.0.0.1:1980
+
+
+
+=== TEST 5: no /etc/hosts
+--- apisix_yaml
+upstreams:
+- service_name: test.com
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 6: no /etc/resolv.conf
+--- yaml_config
+apisix:
+node_listen: 1984
+enable_admin: false
+enable_resolv_search_option: false
+deployment:
+role: data_plane
+role_data_plane:
+config_provider: yaml
+discovery:# service discovery center
+dns:
+servers:
+- "127.0.0.1:1053"
+--- apisix_yaml
+upstreams:
+- service_name: apisix
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- error_log
+failed to query the DNS server
+
+
+
+=== TEST 7: SRV
+--- apisix_yaml
+upstreams:
+- service_name: "srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+--- grep_error_log eval
+qr/upstream nodes: \{[^}]+\}/
+--- grep_error_log_out eval
+qr/upstream nodes:
\{("127.0.0.1:1980":60,"127.0.0.2:1980":20|"127.0.0.2:1980":20,"127.0.0.1:1980":60)\}/
+--- stream_response_like
+hello world
+
+
+
+=== TEST 8: SRV (RFC 2782 style)
+--- apisix_yaml
+upstreams:
+- service_name: "_sip._tcp.srv.test.local"
+ discovery_type: dns
+ type: roundrobin
+ id: 1
+---
[GitHub] [apisix] juzhiyuan commented on issue #8474: 关于apisix双向认证的功能
juzhiyuan commented on issue #8474: URL: https://github.com/apache/apisix/issues/8474#issuecomment-1371840656 Hi @feichenxue, there also has one tutorial: https://apisix.apache.org/docs/apisix/next/tutorials/client-to-apisix-mtls/ Does it meet your needs? If yes, please close this issue :) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] spacewander commented on a diff in pull request #8578: feat: limit count plugin support X-RateLimit-Reset
spacewander commented on code in PR #8578:
URL: https://github.com/apache/apisix/pull/8578#discussion_r1062134953
##
apisix/plugins/limit-count/init.lua:
##
@@ -283,10 +283,17 @@ function _M.rate_limit(conf, ctx)
key = gen_limit_key(conf, ctx, key)
core.log.info("limit key: ", key)
-local delay, remaining = lim:incoming(key, true)
+local delay, remaining, reset = lim:incoming(key, true, conf)
if not delay then
local err = remaining
if err == "rejected" then
+-- show count limit header when rejected
+if conf.show_limit_quota_header then
+core.response.set_header("X-RateLimit-Limit", conf.count,
+"X-RateLimit-Remaining", 0,
Review Comment:
Ditto
##
apisix/plugins/limit-count/init.lua:
##
@@ -302,7 +309,8 @@ function _M.rate_limit(conf, ctx)
if conf.show_limit_quota_header then
core.response.set_header("X-RateLimit-Limit", conf.count,
-"X-RateLimit-Remaining", remaining)
+"X-RateLimit-Remaining", remaining,
Review Comment:
Why change 4-spaces indentation to 8-spaces here?
##
apisix/plugins/limit-count/limit-count-local.lua:
##
@@ -0,0 +1,76 @@
+--
+-- Licensed to the Apache Software Foundation (ASF) under one or more
+-- contributor license agreements. See the NOTICE file distributed with
+-- this work for additional information regarding copyright ownership.
+-- The ASF licenses this file to You under the Apache License, Version 2.0
+-- (the "License"); you may not use this file except in compliance with
+-- the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+local limit_local_new = require("resty.limit.count").new
+local ngx = ngx
+local ngx_time = ngx.time
+local assert = assert
+local setmetatable = setmetatable
+
+local _M = {}
+
+local mt = {
+__index = _M
+}
+
+local function set_endtime(self, key, time_window)
+-- set an end time
+local end_time = ngx_time() + time_window
+-- save to dict by key
+self.dict:set(key, end_time, time_window)
Review Comment:
Better to check the err returned from `set`.
##
apisix/plugins/limit-count/limit-count-redis.lua:
##
@@ -85,27 +70,52 @@ function _M.incoming(self, key)
-- core.log.info(" err: ", err)
return nil, err
end
+return red, nil
+end
+
+function _M.new(plugin_name, limit, window, conf)
+assert(limit > 0 and window > 0)
+
+local self = {
+limit = limit,
+window = window,
+conf = conf,
+plugin_name = plugin_name,
+}
+return setmetatable(self, mt)
+end
+
+function _M.incoming(self, key)
+local conf = self.conf
+local red, err = redis_cli(conf)
+if err then
Review Comment:
```suggestion
if not red then
```
##
apisix/plugins/limit-count/limit-count-redis.lua:
##
@@ -85,27 +70,52 @@ function _M.incoming(self, key)
-- core.log.info(" err: ", err)
return nil, err
end
+return red, nil
+end
+
+function _M.new(plugin_name, limit, window, conf)
+assert(limit > 0 and window > 0)
+
+local self = {
+limit = limit,
+window = window,
+conf = conf,
+plugin_name = plugin_name,
+}
+return setmetatable(self, mt)
+end
+
+function _M.incoming(self, key)
+local conf = self.conf
+local red, err = redis_cli(conf)
+if err then
+return red, err
Review Comment:
```suggestion
return nil, err, 0
```
Please follow the code style:
https://github.com/apache/apisix/blob/master/CODE_STYLE.md#error-handling
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] juzhiyuan commented on issue #8579: help request: How to know which consumer visited which route and upstream at which time
juzhiyuan commented on issue #8579: URL: https://github.com/apache/apisix/issues/8579#issuecomment-1371826680 Hi @bluewaystar, 1. Does APISIX Variables can meet your needs? If yes, then please close this issue :) 2. If you have tried it successfully, can you please take some time to write a blog? Apache APISIX Community has one Blogger Program (https://apisix.apache.org/guest-blog-post), good content will be published on APISIX's Blog. https://apisix.apache.org/blog If you have interests, please cc @EmilyKeer 拾 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-docker] tokers commented on issue #398: data not found http://ip:port/apisix/admin/global_rules/1
tokers commented on issue #398: URL: https://github.com/apache/apisix-docker/issues/398#issuecomment-1371825488 See this for more details: https://apisix.apache.org/docs/apisix/terminology/global-rule/. Data won't appear out of thin air. You need to create it first. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] juzhiyuan commented on issue #8473: feat: As a user, I want to use RPM to install apisix
juzhiyuan commented on issue #8473: URL: https://github.com/apache/apisix/issues/8473#issuecomment-1371824918 > If i want to use apisix's http to dubbo protocol in a non-Docker environment, Do I have to compile openRestry to add dubbo_model and apisix is then compiled from the openRestry again ? Hi @bzp2010 Take Dubbo as an example, if we want to use it, I have thought two ways: 1. Use APISIX Base in bare metal, and compile it to APISIX. 2. Use docker If using RPM, how to use Dubbo then? Can you please give some hints? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] AlinsRan commented on a diff in pull request #1533: test(e2e): add stream tcp proxy with SNI test
AlinsRan commented on code in PR #1533:
URL:
https://github.com/apache/apisix-ingress-controller/pull/1533#discussion_r1062139476
##
test/e2e/suite-ingress/suite-ingress-resource/stream.go:
##
@@ -214,4 +223,82 @@ spec:
assert.Equal(ginkgo.GinkgoT(), sr[0].ServerPort, int32(9100))
assert.Equal(ginkgo.GinkgoT(), sr[0].SNI, "")
})
+
+ ginkgo.It("stream tcp proxy with SNI", func() {
+ // create secrets
+ host := "a.test.com"
+ secret := "server-secret"
+ serverCert, serverKey := generateCert(ginkgo.GinkgoT(),
[]string{host})
+ err := s.NewSecret(secret, serverCert.String(),
serverKey.String())
+ assert.Nil(ginkgo.GinkgoT(), err, "create server cert secret
error")
+
+ // create ApisixTls resource
+ err = s.NewApisixTls("tls-server", host, secret)
+ assert.Nil(ginkgo.GinkgoT(), err, "create ApisixTls error")
+
+ // check ssl in APISIX
+ assert.Nil(ginkgo.GinkgoT(), s.EnsureNumApisixTlsCreated(1))
+
+ backendSvc, backendSvcPort := s.DefaultHTTPBackend()
+ apisixRoute := fmt.Sprintf(`
+apiVersion: apisix.apache.org/v2
+kind: ApisixRoute
+metadata:
+ name: httpbin-tcp-route
+spec:
+ stream:
+ - name: rule1
+protocol: TCP
+match:
+ ingressPort: 9110
+ host: %s
+backend:
+ serviceName: %s
+ servicePort: %d
+`, host, backendSvc, backendSvcPort[0])
+
+ assert.Nil(ginkgo.GinkgoT(),
s.CreateVersionedApisixResource(apisixRoute))
+
+ err = s.EnsureNumApisixStreamRoutesCreated(1)
+ assert.Nil(ginkgo.GinkgoT(), err, "Checking number of routes")
+
+ client := s.NewAPISIXClientWithTLSOverTCP(host)
Review Comment:
I recommend adding the use of other host cases here to ensure that the
configured sni is valid.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] tokers commented on issue #8605: bug: kafka old topic repeat to create after I change kafka_topic config
tokers commented on issue #8605: URL: https://github.com/apache/apisix/issues/8605#issuecomment-1371822769 Is it possible to provide a minimum reproducible case? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] juzhiyuan commented on issue #8594: help request: location需要指向tomcat webapps目录下的路由如何配置?用proxy_rewrite插件吗
juzhiyuan commented on issue #8594: URL: https://github.com/apache/apisix/issues/8594#issuecomment-1371815803 > webapps It seems that the `webapps` directory contains static files instead of API? If then, I'm not sure if it works 樂 You can have a try first. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[apisix] branch master updated (93454252a -> 030019b52)
This is an automated email from the ASF dual-hosted git repository. juzhiyuan pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/apisix.git from 93454252a feat: stream subsystem support eureka service discovery (#8583) add 030019b52 docs: fix typo and grammatical error (#8589) No new revisions were added by this update. Summary of changes: docs/en/latest/router-radixtree.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
[GitHub] [apisix] juzhiyuan merged pull request #8589: docs: fix typo and grammatical error
juzhiyuan merged PR #8589: URL: https://github.com/apache/apisix/pull/8589 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[apisix] branch release/3.0 updated: docs: update standalone docs for change in SSL parameter (#8242) (#8599)
This is an automated email from the ASF dual-hosted git repository. juzhiyuan pushed a commit to branch release/3.0 in repository https://gitbox.apache.org/repos/asf/apisix.git The following commit(s) were added to refs/heads/release/3.0 by this push: new 4d03794f6 docs: update standalone docs for change in SSL parameter (#8242) (#8599) 4d03794f6 is described below commit 4d03794f669e3bd101b9ca242c2d2db404a0a372 Author: chengxiaolan <30279880+hazel6...@users.noreply.github.com> AuthorDate: Thu Jan 5 13:58:01 2023 +0800 docs: update standalone docs for change in SSL parameter (#8242) (#8599) Co-authored-by: Adam McKay --- docs/en/latest/stand-alone.md | 2 +- docs/zh/latest/stand-alone.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/en/latest/stand-alone.md b/docs/en/latest/stand-alone.md index c08ce9632..6779f3c78 100644 --- a/docs/en/latest/stand-alone.md +++ b/docs/en/latest/stand-alone.md @@ -169,7 +169,7 @@ plugins: ### How to enable SSL ```yml -ssl: +ssls: - cert: | -BEGIN CERTIFICATE- diff --git a/docs/zh/latest/stand-alone.md b/docs/zh/latest/stand-alone.md index 9abbe20d6..961d68a9a 100644 --- a/docs/zh/latest/stand-alone.md +++ b/docs/zh/latest/stand-alone.md @@ -167,7 +167,7 @@ plugins: ### 启用 SSL ```yml -ssl: +ssls: - cert: | -BEGIN CERTIFICATE-
[GitHub] [apisix] juzhiyuan merged pull request #8599: docs: update standalone docs for change in SSL parameter (#8242)
juzhiyuan merged PR #8599: URL: https://github.com/apache/apisix/pull/8599 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] spacewander commented on a diff in pull request #8275: refactor: remove if statement in nginx.conf
spacewander commented on code in PR #8275: URL: https://github.com/apache/apisix/pull/8275#discussion_r1062128762 ## apisix/core/ctx.lua: ## @@ -201,6 +201,7 @@ do var_x_forwarded_proto = true, var_x_forwarded_port = true, var_x_forwarded_host = true, +var_x_forwarded_for = true, Review Comment: Bad indent ## apisix/init.lua: ## @@ -267,6 +267,17 @@ local function set_upstream_headers(api_ctx, picked_server) api_ctx.var.var_x_forwarded_host = x_forwarded_host end +local x_forwarded_for = api_ctx.var.http_x_forwarded_for Review Comment: Would be better to use http://nginx.org/en/docs/http/ngx_http_proxy_module.html#var_proxy_add_x_forwarded_for directly? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] spacewander commented on pull request #8587: fix: issue 8511 The format of response body that returned by plugin should match Content-Type
spacewander commented on PR #8587: URL: https://github.com/apache/apisix/pull/8587#issuecomment-1371808519 > @spacewander I saw the CI failed due to this line, 121 : `local accept_header = core_request.header(ctx, "Accept")` Because `ctx` is 'not defined' Wich is true, but it works, i am a beginner in .lua so maybe there is something i am missing. > > To have the correct syntax should we add the `ctx `parameter to the method resp_exit ? I think a bit it seems that there is no better way to do it. It's OK to add the parameter. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] githubxubin commented on issue #8610: Missing rbac token in request
githubxubin commented on issue #8610: URL: https://github.com/apache/apisix/issues/8610#issuecomment-1371805634 > Hi, this error comes from wolf-rbac plugin. Have you checked the usage? https://apisix.apache.org/docs/apisix/2.15/plugins/wolf-rbac/#example-usage thanks .it is ok -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] juzhiyuan commented on issue #8610: Missing rbac token in request
juzhiyuan commented on issue #8610: URL: https://github.com/apache/apisix/issues/8610#issuecomment-1371803434 Hi, this error comes from wolf-rbac plugin. Have you checked the usage? https://apisix.apache.org/docs/apisix/2.15/plugins/wolf-rbac/#example-usage -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] spacewander commented on pull request #8609: fix: use previous way to disable plugins
spacewander commented on PR #8609: URL: https://github.com/apache/apisix/pull/8609#issuecomment-1371775563 The t/xds-library tests fail because the latest libxds doesn't work with APISIX 2.15, which is not relative to our change. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-helm-chart] jishaashokan commented on issue #144: etcd-server start failure
jishaashokan commented on issue #144:
URL:
https://github.com/apache/apisix-helm-chart/issues/144#issuecomment-1371770240
The etcd crashes frequently.
`mk logs -f apisix-etcd-1
etcd 04:28:36.13
etcd 04:28:36.13 Welcome to the Bitnami etcd container
etcd 04:28:36.14 Subscribe to project updates by watching
https://github.com/bitnami/containers
etcd 04:28:36.14 Submit issues and feature requests at
https://github.com/bitnami/containers/issues
etcd 04:28:36.14
etcd 04:28:36.14 INFO ==> ** Starting etcd setup **
etcd 04:28:36.16 INFO ==> Validating settings in ETCD_* env vars..
etcd 04:28:36.16 WARN ==> You set the environment variable
ALLOW_NONE_AUTHENTICATION=yes. For safety reasons, do not use this flag in a
production environment.
etcd 04:28:36.16 INFO ==> Initializing etcd
etcd 04:28:36.16 INFO ==> Generating etcd config file using env variables
etcd 04:28:36.18 INFO ==> Detected data from previous deployments
etcd 04:28:37.69 INFO ==> Updating member in existing cluster
{"level":"warn","ts":"2023-01-05T04:28:37.852Z","logger":"etcd-client","caller":"v3/retry_interceptor.go:62","msg":"retrying
of unary invoker
failed","target":"etcd-endpoints://0xc0003b4000/apisix-etcd-0.apisix-etcd-headless.ingress-apisix.svc.cluster.local:2379","attempt":0,"error":"rpc
error: code = NotFound desc = etcdserver: member not found"}
Error: etcdserver: member not found
`
`mk exec -it apisix-etcd-1 -- /bin/bash
error: unable to upgrade connection: container not found ("etcd")
`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] tanjiancheng commented on issue #8605: bug: kafka old topic repeat to create after I change kafka_topic config
tanjiancheng commented on issue #8605: URL: https://github.com/apache/apisix/issues/8605#issuecomment-1371738282 by the way,the other problem is after auto create topic(if the kafka set the config auto.create.topics.enable=true),it will miss the first message send to kafka -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] tanjiancheng commented on issue #8605: bug: kafka old topic repeat to create after I change kafka_topic config
tanjiancheng commented on issue #8605: URL: https://github.com/apache/apisix/issues/8605#issuecomment-1371736309 > Did you have a few requests to APISIX before you edited the topic? Since the log sending is async, a batch of log entries might be sent to the old topic. no,i stop request long time,and I try to delete the kafka-plugin and create again,still happen this problem -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] An-DJ opened a new pull request, #8611: refactor(admin): refactor resource routes
An-DJ opened a new pull request, #8611: URL: https://github.com/apache/apisix/pull/8611 ### Description Fixes #8569 ### Checklist - [X] I have explained the need for this PR and the problem it solves - [X] I have explained the changes or the new features added to this PR - [ ] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [X] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] githubxubin opened a new issue, #8610: Missing rbac token in request
githubxubin opened a new issue, #8610:
URL: https://github.com/apache/apisix/issues/8610
### Description
curl http://127.0.0.1:9080/apisix/plugin/jwt/sign?key=user-key -i
{"message":"Missing rbac token in request"}
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] spacewander opened a new pull request, #8609: fix: use previous way to disable plugins
spacewander opened a new pull request, #8609: URL: https://github.com/apache/apisix/pull/8609 Fix #8603 Signed-off-by: spacewander ### Description Fixes #8603 ### Checklist - [x] I have explained the need for this PR and the problem it solves - [ ] I have explained the changes or the new features added to this PR - [x] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [x] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] MilkWangStudio commented on issue #8607: help request: How to change the auth token in online consumer.
MilkWangStudio commented on issue #8607: URL: https://github.com/apache/apisix/issues/8607#issuecomment-1371656512 thanks, i'll take a look! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] MilkWangStudio closed issue #8607: help request: How to change the auth token in online consumer.
MilkWangStudio closed issue #8607: help request: How to change the auth token in online consumer. URL: https://github.com/apache/apisix/issues/8607 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-website] SkyeYoung commented on issue #743: support language detection
SkyeYoung commented on issue #743: URL: https://github.com/apache/apisix-website/issues/743#issuecomment-1371639699 @AmazingAng Due to the practical needs of the APISIX website, we no longer need this feature. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] An-DJ closed pull request #8606: refactor(admin): refactor `get` for all resources
An-DJ closed pull request #8606: refactor(admin): refactor `get` for all resources URL: https://github.com/apache/apisix/pull/8606 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] spacewander opened a new pull request, #8608: refactor(pubsub): simpify the get_cmd implementation
spacewander opened a new pull request, #8608: URL: https://github.com/apache/apisix/pull/8608 by using the power in new version of lua-protobuf Signed-off-by: spacewander ### Description Fixes # (issue) ### Checklist - [ ] I have explained the need for this PR and the problem it solves - [x] I have explained the changes or the new features added to this PR - [ ] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [ ] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] soulbird commented on issue #8607: help request: How to change the auth token in online consumer.
soulbird commented on issue #8607: URL: https://github.com/apache/apisix/issues/8607#issuecomment-1371635998 You can learn about [APISIX Secret](https://github.com/apache/apisix/blob/master/docs/en/latest/terminology/secret.md), which allows you to store consumer tokens in the Vault, and you can update and revoke tokens, APISIX is insensitive -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] MilkWangStudio opened a new issue, #8607: help request: How to change the auth token in online consumer.
MilkWangStudio opened a new issue, #8607: URL: https://github.com/apache/apisix/issues/8607 ### Description I want to refresh the consumer auth token, if i remove old auth and add new one, the online consumer will be not avaliable. How can i switch auth token without stopping? ### Environment - APISIX version (run `apisix version`): - Operating system (run `uname -a`): - OpenResty / Nginx version (run `openresty -V` or `nginx -V`): - etcd version, if relevant (run `curl http://127.0.0.1:9090/v1/server_info`): - APISIX Dashboard version, if relevant: - Plugin runner version, for issues related to plugin runners: - LuaRocks version, for installation issues (run `luarocks --version`): -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-website] AmazingAng commented on issue #743: support language detection
AmazingAng commented on issue #743: URL: https://github.com/apache/apisix-website/issues/743#issuecomment-1371622929 > > I'm wondering if APISix has the feature. > > This feature has been disabled, you can check codes #970 :) Why this feature is disabled? We are also trying to integrate automatic locale detection on a website based docusaurus. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] soulbird commented on a diff in pull request #8604: feat(elasticsearch-logger): support multi elasticsearch endpoints(#8431)
soulbird commented on code in PR #8604:
URL: https://github.com/apache/apisix/pull/8604#discussion_r1062011352
##
apisix/plugins/elasticsearch-logger.lua:
##
@@ -31,10 +32,19 @@ local batch_processor_manager =
bp_manager_mod.new(plugin_name)
local schema = {
type = "object",
properties = {
+-- deprecated, use "endpoint_addrs" instead
endpoint_addr = {
type = "string",
pattern = "[^/]$",
},
+endpoint_addrs = {
Review Comment:
Looking at this, it also indicates the need to unify into one. You can refer
to the definition of nodes_schema to allow endpoint_addrs to be set to multiple
types: https://github.com/apache/apisix/blob/master/apisix/schema_def.lua#L289
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix-helm-chart] ikatlinsky opened a new pull request, #442: feat: allow exposing admin api via ingress resource
ikatlinsky opened a new pull request, #442: URL: https://github.com/apache/apisix-helm-chart/pull/442 Add support for ingress resource for Apisix admin API, as per ticket https://github.com/apache/apisix-helm-chart/issues/441. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-helm-chart] ikatlinsky opened a new issue, #441: feat: allow exposing admin api via ingress resource
ikatlinsky opened a new issue, #441: URL: https://github.com/apache/apisix-helm-chart/issues/441 It can be useful for some environments to expose Apisix admin API publicly via ingress resources. Currently, only gateway itself can be exposed, which seems a bit limiting. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] An-DJ opened a new pull request, #8606: refactor(admin): refactor `get` for all resources
An-DJ opened a new pull request, #8606: URL: https://github.com/apache/apisix/pull/8606 ### Description Fixes part of #8569 ### Checklist - [X] I have explained the need for this PR and the problem it solves - [X] I have explained the changes or the new features added to this PR - [ ] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [X] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] tao12345666333 commented on issue #1587: feat request: ApisixConsumer CRD add openid-connect support
tao12345666333 commented on issue #1587: URL: https://github.com/apache/apisix-ingress-controller/issues/1587#issuecomment-1370979722 assigned -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] Fabriceli commented on issue #1587: feat request: ApisixConsumer CRD add openid-connect support
Fabriceli commented on issue #1587: URL: https://github.com/apache/apisix-ingress-controller/issues/1587#issuecomment-1370976254 @tao12345666333 could you assign this issue to me? thanks -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] Fabriceli commented on issue #1579: bug: got error with external name service
Fabriceli commented on issue #1579: URL: https://github.com/apache/apisix-ingress-controller/issues/1579#issuecomment-1370873818 > > > Also, the original issue should have been resolved, can we close this issue? i close this issue -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] Fabriceli closed issue #1579: bug: got error with external name service
Fabriceli closed issue #1579: bug: got error with external name service URL: https://github.com/apache/apisix-ingress-controller/issues/1579 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] tao12345666333 commented on issue #1579: bug: got error with external name service
tao12345666333 commented on issue #1579: URL: https://github.com/apache/apisix-ingress-controller/issues/1579#issuecomment-1370869726 Also, the original issue should have been resolved, can we close this issue? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] ramoncjs3 commented on issue #5512: bug: The kafka-logger plugin cannot collect the value of each nginx built-in variable correctly
ramoncjs3 commented on issue #5512: URL: https://github.com/apache/apisix/issues/5512#issuecomment-1370865715 I also encountered this problem, do not know if there is a solution? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] Fabriceli commented on issue #1579: bug: got error with external name service
Fabriceli commented on issue #1579: URL: https://github.com/apache/apisix-ingress-controller/issues/1579#issuecomment-1370843398 > It is currently not implemented. Similar to #1574 If you need it, please create a new **feature request** Issue ok, i create a new feature #1587 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] Fabriceli commented on issue #1579: bug: got error with external name service
Fabriceli commented on issue #1579: URL: https://github.com/apache/apisix-ingress-controller/issues/1579#issuecomment-1370842876 > ok, i create a new feature 1587 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] Fabriceli opened a new issue, #1587: feat request: ApisixConsumer CRD add openid-connect support
Fabriceli opened a new issue, #1587:
URL: https://github.com/apache/apisix-ingress-controller/issues/1587
### Issue description
Hi,
Our team plan to manager all Route with CRDs in kubernetes, and our team use
the keycloak for authentication, we found that ApisixConsumer doesn't support
openid-connect, and our team want to create this feature to support this
authentication.
### Environment
- your apisix-ingress-controller version (output of
apisix-ingress-controller version --long):
1.6.0
- your Kubernetes cluster version (output of kubectl version):
```sh
Client Version: version.Info{Major:"1", Minor:"25", GitVersion:"v1.25.2",
GitCommit:"5835544ca568b757a8ecae5c153f317e5736700e", GitTreeState:"clean",
BuildDate:"2022-09-21T14:33:49Z", GoVersion:"go1.19.1", Compiler:"gc",
Platform:"darwin/amd64"}
Kustomize Version: v4.5.7
Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.1",
GitCommit:"5e58841cce77d4bc13713ad2b91fa0d961e69192", GitTreeState:"clean",
BuildDate:"2021-05-21T23:01:33Z", GoVersion:"go1.16.4", Compiler:"gc",
Platform:"linux/amd64"}
```
- if you run apisix-ingress-controller in Bare-metal environment, also show
your OS version (uname -a):
```sh
Darwin fabricedeMacBook-Pro.local 22.2.0 Darwin Kernel Version 22.2.0: Fri
Nov 11 02:08:47 PST 2022; root:xnu-8792.61.2~4/RELEASE_X86_64 x86_64
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] github-actions[bot] closed issue #5938: docs: How to understand the internal working mechanism of apisix in depth
github-actions[bot] closed issue #5938: docs: How to understand the internal working mechanism of apisix in depth URL: https://github.com/apache/apisix/issues/5938 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] github-actions[bot] commented on issue #6003: request help: the cors plugin does not force the use of expose_headers
github-actions[bot] commented on issue #6003: URL: https://github.com/apache/apisix/issues/6003#issuecomment-1370720700 This issue has been closed due to lack of activity. If you think that is incorrect, or the issue requires additional review, you can revive the issue at any time. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] github-actions[bot] commented on issue #5938: docs: How to understand the internal working mechanism of apisix in depth
github-actions[bot] commented on issue #5938: URL: https://github.com/apache/apisix/issues/5938#issuecomment-1370720643 This issue has been closed due to lack of activity. If you think that is incorrect, or the issue requires additional review, you can revive the issue at any time. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] github-actions[bot] closed issue #6003: request help: the cors plugin does not force the use of expose_headers
github-actions[bot] closed issue #6003: request help: the cors plugin does not force the use of expose_headers URL: https://github.com/apache/apisix/issues/6003 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-helm-chart] naveenkumarer opened a new issue, #440: How to install helm chart in decouple mode?
naveenkumarer opened a new issue, #440:
URL: https://github.com/apache/apisix-helm-chart/issues/440
How to install helm chart in decouple mode?
I can see that on chart version basis role traditional is set
{{- $isBeta := (semverCompare ">=2.99.0-0" .Values.apisix.image.tag) }}
{{- if $isBeta }}
deployment:
role: traditional
role_traditional:
config_provider: etcd
How to install helm chart in decouple mode?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on a diff in pull request #8275: refactor: remove if statement in nginx.conf
monkeyDluffy6017 commented on code in PR #8275: URL: https://github.com/apache/apisix/pull/8275#discussion_r1061307886 ## t/plugin/proxy-rewrite3.t: ## @@ -455,3 +455,99 @@ passed GET /echo HTTP/1.1 --- response_headers test: test_in_set + + + +=== TEST 21: set route (test if X-Forwarded-Port can be set before proxy) Review Comment: `X-Forwarded-For` is added like other `X-Forwarded-*` header -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on a diff in pull request #8275: refactor: remove if statement in nginx.conf
monkeyDluffy6017 commented on code in PR #8275: URL: https://github.com/apache/apisix/pull/8275#discussion_r1061305732 ## t/plugin/proxy-rewrite3.t: ## @@ -455,3 +455,99 @@ passed GET /echo HTTP/1.1 --- response_headers test: test_in_set + + + +=== TEST 21: set route (test if X-Forwarded-Port can be set before proxy) Review Comment: @spacewander could you check this PR again, the https://github.com/apache/apisix/pull/8404 is closed now, and all ci passed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on a diff in pull request #8404: fix: the x-forwarded-* header will be influenced by ai plugin
monkeyDluffy6017 commented on code in PR #8404:
URL: https://github.com/apache/apisix/pull/8404#discussion_r1061302696
##
t/plugin/proxy-rewrite3.t:
##
@@ -455,3 +454,51 @@ passed
GET /echo HTTP/1.1
--- response_headers
test: test_in_set
+
+
+
+=== TEST 21: set route (test if X-Forwarded-Port can be set before proxy)
+--- config
+location /t {
Review Comment:
@spacewander i can not reproduce the problem any more, even fallback to the
old version, I will close this PR
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 closed pull request #8404: fix: the x-forwarded-* header will be influenced by ai plugin
monkeyDluffy6017 closed pull request #8404: fix: the x-forwarded-* header will be influenced by ai plugin URL: https://github.com/apache/apisix/pull/8404 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[apisix-ingress-controller] branch master updated: docs: add CHANGELOG for v1.6.0 (#1585)
This is an automated email from the ASF dual-hosted git repository. zhangjintao pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/apisix-ingress-controller.git The following commit(s) were added to refs/heads/master by this push: new 84390d4f docs: add CHANGELOG for v1.6.0 (#1585) 84390d4f is described below commit 84390d4f372c2fb8388c5c6a20c41082a53e8e34 Author: Jintao Zhang AuthorDate: Wed Jan 4 17:42:23 2023 +0800 docs: add CHANGELOG for v1.6.0 (#1585) Signed-off-by: Jintao Zhang --- CHANGELOG.md | 215 +++ 1 file changed, 215 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e3c3379e..29e9e3ef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ # Table of Contents +- [1.6.0](#160) - [1.6.0-rc1](#160-rc1) - [1.5.1](#151) - [1.5.0](#150) @@ -36,6 +37,220 @@ - [0.2.0](#020) - [0.1.0](#010) +# 1.6.0 + +Welcome to the 1.6.0 release of apisix-ingress-controller! + +This is a feature release. + +## Highlights + +The API version of all custom resources has been upgraded to v2 in v1.5 release. In 1.6 we removed the v2beta2 API. Please go to [#707](https://github.com/apache/apisix-ingress-controller/issues/707) for detail. + +In this version we added more Gateway API support. e.g. TCPRoute/UDPRoute/HTTPRouteFilter etc. + +From this version, we can proxy external services and external name services. And integrated with the service discovery component. + +Please try out the release binaries and report any issues at +https://github.com/apache/apisix-ingress-controller/issues. + +### Contributors + +* dependabot[bot] +* Jintao Zhang +* Xin Rong +* Navendu Pottekkat +* Xin Rong +* Sarasa Kisaragi +* Ashing Zheng +* xiangtianyu +* 林靖 +* Floyd +* Navendu Pottekkat +* dongjunduo +* lsy +* seven dickens +* Baoyuan +* Gallardot +* Jayson Reis +* LinkMaq +* Marco Aurelio Caldas Miranda +* Nicolas Frankel +* Qi Guo +* StevenBrown008 +* Young +* Yousri +* YuanYingdong +* cmssczy +* incubator4 +* mango +* redtacs +* soulbird +* thomas +* xianshun163 +* 失眠是真滴难受 + +### Changes +129 commits + + +* [`88b1d45`](https://github.com/apache/apisix-ingress-controller/commit/88b1d45f1f851b96652424db45170135513f68ab) chore: admin-api default version v2 (#1558) (#1559) +* [`3b99ebf`](https://github.com/apache/apisix-ingress-controller/commit/3b99ebf6e84687904adb346314cd523fc7a5351d) fix: bad configuration item: apisix-admin-api-version (#1551) (#1555) +* [`b76074f`](https://github.com/apache/apisix-ingress-controller/commit/b76074f92fae038dcdcd8db25a866a29405ef943) chore: extra annotations logs (#1549) (#1554) +* [`15d881e`](https://github.com/apache/apisix-ingress-controller/commit/15d881eebb2c6cc1a29fa87c81b1cb1db57f498e) chore: 1.6.0-rc1 release (#1537) +* [`67d60fe`](https://github.com/apache/apisix-ingress-controller/commit/67d60fe9858f89f0e4ad575e4e0f5ed540fe5ef5) docs: add external service discovery tutorial (#1535) +* [`f162f71`](https://github.com/apache/apisix-ingress-controller/commit/f162f7119abd76b5a71c285fbfae68ed2faf88fb) feat: support for specifying port in external services (#1500) +* [`4208ca7`](https://github.com/apache/apisix-ingress-controller/commit/4208ca7cef4e54e22544050deed45bd768ad5ffa) refactor: unified factory and informer (#1530) +* [`a118727`](https://github.com/apache/apisix-ingress-controller/commit/a118727200524150b9062ba915bf50d361b2a9e1) docs: update Ingress controller httpbin tutorial (#1524) +* [`c0cb74d`](https://github.com/apache/apisix-ingress-controller/commit/c0cb74dd66c1c040339160905bf5e9fad0d6fe1a) docs: add external service tutorial (#1527) +* [`d22a6fc`](https://github.com/apache/apisix-ingress-controller/commit/d22a6fc820f7699af411b8ecaa971307cfc82dbd) chore(deps): bump github.com/onsi/ginkgo/v2 in /test/e2e (#1506) +* [`c4cedad`](https://github.com/apache/apisix-ingress-controller/commit/c4cedad549215c90b95ba389553c94370fe07a12) chore(deps): bump go.uber.org/zap from 1.23.0 to 1.24.0 (#1510) +* [`c6c2742`](https://github.com/apache/apisix-ingress-controller/commit/c6c2742fe9fe60efd40f2c0ecc5c2fc7f2166a2a) chore(deps): bump github.com/gavv/httpexpect/v2 in /test/e2e (#1509) +* [`b4255f1`](https://github.com/apache/apisix-ingress-controller/commit/b4255f1dd9cc69e7a3a44db8d4f17aea9e50) ci: using ubuntu-20.04 by default (#1504) +* [`03cfcb8`](https://github.com/apache/apisix-ingress-controller/commit/03cfcb840690759e80eaffd2eff22a43e8aa07b6) chore(deps): bump k8s.io/client-go from 0.25.4 to 0.26.0 in /test/e2e (#1505) +* [`0009b5d`](https://github.com/apache/apisix-ingress-controller/commit/0009b5d6951c89d2b67e0a440d4a75952fb3154c) feat: support secret plugin config (#1486) +* [`8cf79c2`](https://github.com/apache/apisix-ingress-controller/commit/8cf79c2e8f7278b52bf83f6cab6e85ab73d7266f) fix: ingress.tls secret not found (#1394) +*
[GitHub] [apisix-ingress-controller] tao12345666333 merged pull request #1585: docs: add CHANGELOG for v1.6.0
tao12345666333 merged PR #1585: URL: https://github.com/apache/apisix-ingress-controller/pull/1585 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[apisix-ingress-controller] branch master updated: docs: add example link. (#1582) (#1583)
This is an automated email from the ASF dual-hosted git repository. zhangjintao pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/apisix-ingress-controller.git The following commit(s) were added to refs/heads/master by this push: new d701fefb docs: add example link. (#1582) (#1583) d701fefb is described below commit d701fefb0051ce3dfe8b3b51f5488f9606c8fce3 Author: Jintao Zhang AuthorDate: Wed Jan 4 17:41:49 2023 +0800 docs: add example link. (#1582) (#1583) Co-authored-by: Kevin <71524776+freemanke...@users.noreply.github.com> --- docs/en/latest/tutorials/mtls.md | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/en/latest/tutorials/mtls.md b/docs/en/latest/tutorials/mtls.md index 605926ad..1b7e334e 100644 --- a/docs/en/latest/tutorials/mtls.md +++ b/docs/en/latest/tutorials/mtls.md @@ -107,7 +107,9 @@ In APISIX Ingress Controller, we use [ApisixTls](../concepts/apisix_tls.md) reso ApisixTls requires a secret which field `cert` and `key` contains the certificate and private key. -A secret yaml containing the certificate mentioned above [is here](https://github.com/apache/apisix-ingress-controller/blob/master/docs/en/latest/tutorials/mtls/server-secret.yaml). In this guide, we use this as an example. +The keys and certificates used in the examples [are here](https://github.com/apache/apisix-ingress-controller/tree/master/docs/en/latest/tutorials/mtls). + +In this guide, we use this as an example. ```bash kubectl apply -f ./mtls/server-secret.yaml -n default @@ -156,6 +158,8 @@ Now, we configured SSL successfully. Like `server-secret`, we will create a `client-ca-secret` to store the CA that verify the certificate client presents. +The keys and certificates used in the examples [are here](https://github.com/apache/apisix-ingress-controller/tree/master/docs/en/latest/tutorials/mtls). + ```bash kubectl apply -f ./mtls/client-ca-secret.yaml -n default ``` @@ -202,6 +206,8 @@ That means our mutual authentication has been enabled successfully. Now, we need to transfer our client cert to the APISIX container to verify the mTLS functionality. +The keys and certificates used in the examples [are here](https://github.com/apache/apisix-ingress-controller/tree/master/docs/en/latest/tutorials/mtls). + ```bash # Transfer client certificate kubectl -n apisix cp ./user.key :/tmp/user.key
[GitHub] [apisix-ingress-controller] tao12345666333 merged pull request #1583: docs: add example link. (#1582)
tao12345666333 merged PR #1583: URL: https://github.com/apache/apisix-ingress-controller/pull/1583 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] whioue commented on issue #6418: bug: apisix failed to verify the validity of the server certificate
whioue commented on issue #6418: URL: https://github.com/apache/apisix/issues/6418#issuecomment-1370687574 > > 我了解,但这样的话只能配置一个ca证书,如果有多个上游,并且多个上游使用不同的ca证书进行签发,这里只能满足配置一个。 > > We can use this way: https://github.com/apache/apisix/blob/master/docs/zh/latest/certificate.md#%E8%AE%BE%E7%BD%AE%E5%A4%9A%E4%B8%AA-ca-%E8%AF%81%E4%B9%A6 使用上述您所建议的方式可以做到对多个上游的证书进行校验。但当我新增加一个上游时,我需要手动再修改.ca-bundle文件,将新增加上游的ca证书写入,然后需要再重启apisix加载新的.ca-bundle文件(不知道我理解的是否有误),如果这样的话的是否不太灵活,不能做到添加上游后热生效,请问对于动态校验上游证书,是否有更好的方式呢? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] starsz commented on pull request #8148: feat(openid-connect): expose unauth_action parameter in lua-resty-openidc
starsz commented on PR #8148: URL: https://github.com/apache/apisix/pull/8148#issuecomment-1370682748 > Thanks! Pushed the change. Oh. Maybe you should merge the master to fix the conflicts. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] tao12345666333 commented on issue #1575: bug: update APISIX helm chart from 0.11.4 to 0.12.3 fails
tao12345666333 commented on issue #1575: URL: https://github.com/apache/apisix-ingress-controller/issues/1575#issuecomment-1370680895 yes!! I want to split out the helm chart for APISIX v2 and v3 https://github.com/apache/apisix-helm-chart/issues/419 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-docker] githubxubin commented on issue #398: data not found http://ip:port/apisix/admin/global_rules/1
githubxubin commented on issue #398: URL: https://github.com/apache/apisix-docker/issues/398#issuecomment-1370663663 i find the interface from official website with the param is 1 to query the global_rules . so i think it's a fixed parameter. Isn't it? i need your help. thanks! 胥斌 ***@***.*** --原始邮件-- 发件人: "apache/apisix-docker" ***@***.***; 发送时间:2023年1月4日(星期三) 下午5:08 ***@***.***; ***@***.**@***.***; 主题:Re: [apache/apisix-docker] data not found http://ip:port/apisix/admin/global_rules/1 (Issue #398) Did you create such global rule and the ID is 1? — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: ***@***.*** -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-helm-chart] tokers commented on a diff in pull request #382: feat: enable MTLS between dashboard and etcd
tokers commented on code in PR #382:
URL: https://github.com/apache/apisix-helm-chart/pull/382#discussion_r1061268524
##
charts/apisix-dashboard/README.md:
##
@@ -67,17 +67,22 @@ The following tables lists the configurable parameters of
the apisix-dashboard c
| Name | Description
| Value |
| |
-
| --- |
| `config.conf.listen.host` | The address on which the
`Manager API` should listen. The default value is 0.0.0.0, if want to specify,
please enable it. This value accepts IPv4, IPv6, and hostname.
| `0.0.0.0` |
-| `config.conf.listen.port` | The port on which the
`Manager API` should listen.
| `9000` |
+| `config.conf.listen.port` | The port on which the
`Manager API` should listen.
| `9000` |
| `config.authentication.secert` | Secret for jwt token
generation | `secert` |
-| `config.authentication.expireTime` | JWT token expire time,
in second | `3600` |
-| `config.authentication.users` | Specifies username and
password for login `manager api`. | `[{username: admin, password: admin}]` |
-| `config.conf.etcd.endpoints` | Supports defining
multiple etcd host addresses for an etcd cluster
| `apisix-etcd:2379` |
-| `config.conf.etcd.prefix` | Apache APISIX config's
prefix in etcd, /apisix by default
| `/apisix` |
-| `config.conf.etcd.username` | Specifies etcd basic
auth username if enable etcd auth
| `~` |
-| `config.conf.etcd.password` | Specifies etcd basic
auth password if enable etcd auth
| `~` |
-| `config.conf.log.accessLog.filePath` | Access log path |
`/dev/stdout` |
-| `config.conf.log.errorLog.filePath` | Error log path |
`/dev/stderr` |
-| `config.conf.log.errorLog.level` | Error log level.
Supports levels, lower to higher: debug, info, warn, error, panic, fatal |
`warn` |
+| `config.authentication.expireTime` | JWT token expire time, in
second | `3600` |
+| `config.authentication.users` | Specifies username and
password for login `manager api`. | `[{username: admin, password: admin}]` |
+| `config.conf.etcd.endpoints`| Supports defining multiple
etcd host addresses for an etcd cluster
| `apisix-etcd:2379` |
+| `config.conf.etcd.prefix` | Apache APISIX config's
prefix in etcd, /apisix by default
| `/apisix` |
+| `config.conf.etcd.username` | Specifies etcd basic auth
username if enable etcd auth
| `~` |
+| `config.conf.etcd.password` | Specifies etcd basic auth
password if enable etcd auth
| `~` |
+| `config.conf.etcd.mtls.enabled` | Enable MTLS option when
connecting to an etcd cluster with TLS enabled
| `false` |
+| `config.conf.etcd.mtls.existingSecret` | Name of existing secret
that contains certs for TLS authentication
| `""`|
+| `config.conf.etcd.mtls.caFile` | Key of CA file in secret
| `ca.crt`|
Review Comment:
I think so, but this may have a broken change, cc @bzp2010 .
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [apisix-docker] tokers commented on issue #398: data not found http://ip:port/apisix/admin/global_rules/1
tokers commented on issue #398: URL: https://github.com/apache/apisix-docker/issues/398#issuecomment-1370650447 Did you create such global rule and the ID is `1`? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] tokers commented on issue #8605: bug: kafka old topic repeat to create after I change kafka_topic config
tokers commented on issue #8605: URL: https://github.com/apache/apisix/issues/8605#issuecomment-1370649043 Did you have a few requests to APISIX before you edited the topic? Since the log sending is async, a batch of log entries might be sent to the old topic. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] codecov-commenter commented on pull request #1586: feat: support global rules
codecov-commenter commented on PR #1586: URL: https://github.com/apache/apisix-ingress-controller/pull/1586#issuecomment-1370625245 # [Codecov](https://codecov.io/gh/apache/apisix-ingress-controller/pull/1586?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) Report > Merging [#1586](https://codecov.io/gh/apache/apisix-ingress-controller/pull/1586?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) (53a8b26) into [master](https://codecov.io/gh/apache/apisix-ingress-controller/commit/486b46abd1c9665005e83036433af213aaa28f21?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) (486b46a) will **decrease** coverage by `0.25%`. > The diff coverage is `12.30%`. ```diff @@Coverage Diff @@ ## master#1586 +/- ## == - Coverage 41.44% 41.18% -0.26% == Files 87 88 +1 Lines7420 7485 +65 == + Hits 3075 3083 +8 - Misses 3990 4043 +53 - Partials 355 359 +4 ``` | [Impacted Files](https://codecov.io/gh/apache/apisix-ingress-controller/pull/1586?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) | Coverage Δ | | |---|---|---| | [...providers/apisix/translation/apisix\_global\_rule.go](https://codecov.io/gh/apache/apisix-ingress-controller/pull/1586/diff?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-cGtnL3Byb3ZpZGVycy9hcGlzaXgvdHJhbnNsYXRpb24vYXBpc2l4X2dsb2JhbF9ydWxlLmdv) | `0.00% <0.00%> (ø)` | | | [pkg/providers/apisix/translation/translator.go](https://codecov.io/gh/apache/apisix-ingress-controller/pull/1586/diff?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-cGtnL3Byb3ZpZGVycy9hcGlzaXgvdHJhbnNsYXRpb24vdHJhbnNsYXRvci5nbw==) | `0.00% <ø> (ø)` | | | [...ess/translation/annotations/plugins/http\_method.go](https://codecov.io/gh/apache/apisix-ingress-controller/pull/1586/diff?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-cGtnL3Byb3ZpZGVycy9pbmdyZXNzL3RyYW5zbGF0aW9uL2Fubm90YXRpb25zL3BsdWdpbnMvaHR0cF9tZXRob2QuZ28=) | `81.81% <ø> (ø)` | | | [pkg/providers/translation/context.go](https://codecov.io/gh/apache/apisix-ingress-controller/pull/1586/diff?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-cGtnL3Byb3ZpZGVycy90cmFuc2xhdGlvbi9jb250ZXh0Lmdv) | `80.95% <0.00%> (-8.53%)` | :arrow_down: | | [pkg/providers/utils/manifest.go](https://codecov.io/gh/apache/apisix-ingress-controller/pull/1586/diff?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-cGtnL3Byb3ZpZGVycy91dGlscy9tYW5pZmVzdC5nbw==) | `41.17% <27.58%> (-1.63%)` | :arrow_down: | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[apisix-ingress-controller] branch master updated (486b46ab -> 78272a54)
This is an automated email from the ASF dual-hosted git repository. navendu pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/apisix-ingress-controller.git from 486b46ab chore: rename TranslateXXNotStrictly to GenerateXXDeleteMark (#1490) add 78272a54 docs: Update the-hard-way.md (#1581) (#1584) No new revisions were added by this update. Summary of changes: docs/en/latest/tutorials/the-hard-way.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
[GitHub] [apisix-ingress-controller] navendu-pottekkat merged pull request #1584: docs: Update the-hard-way.md (#1581)
navendu-pottekkat merged PR #1584: URL: https://github.com/apache/apisix-ingress-controller/pull/1584 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] AlinsRan opened a new pull request, #1586: feat: support global rules
AlinsRan opened a new pull request, #1586: URL: https://github.com/apache/apisix-ingress-controller/pull/1586 ### Type of change: - [ ] Bugfix - [ ] New feature provided - [ ] Improve performance - [ ] Backport patches ### What this PR does / why we need it: ### Pre-submission checklist: * [ ] Did you explain what problem does this PR solve? Or what new features have been added? * [ ] Have you added corresponding test cases? * [ ] Have you modified the corresponding document? * [ ] Is this PR backward compatible? **If it is not backward compatible, please discuss on the [mailing list](https://github.com/apache/apisix-ingress-controller#community) first** -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] tao12345666333 opened a new pull request, #1585: docs: add CHANGELOG for v1.6.0
tao12345666333 opened a new pull request, #1585: URL: https://github.com/apache/apisix-ingress-controller/pull/1585 Signed-off-by: Jintao Zhang ### Type of change: - [ ] Bugfix - [ ] New feature provided - [ ] Improve performance - [ ] Backport patches ### What this PR does / why we need it: cherry-pick #1561 ### Pre-submission checklist: * [ ] Did you explain what problem does this PR solve? Or what new features have been added? * [ ] Have you added corresponding test cases? * [ ] Have you modified the corresponding document? * [ ] Is this PR backward compatible? **If it is not backward compatible, please discuss on the [mailing list](https://github.com/apache/apisix-ingress-controller#community) first** -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] tao12345666333 opened a new pull request, #1584: docs: Update the-hard-way.md (#1581)
tao12345666333 opened a new pull request, #1584: URL: https://github.com/apache/apisix-ingress-controller/pull/1584 ### Type of change: - [ ] Bugfix - [ ] New feature provided - [ ] Improve performance - [ ] Backport patches ### What this PR does / why we need it: cherry-pick #1581 ### Pre-submission checklist: * [ ] Did you explain what problem does this PR solve? Or what new features have been added? * [ ] Have you added corresponding test cases? * [ ] Have you modified the corresponding document? * [ ] Is this PR backward compatible? **If it is not backward compatible, please discuss on the [mailing list](https://github.com/apache/apisix-ingress-controller#community) first** -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] freemankevin commented on pull request #1582: docs: add example link.
freemankevin commented on PR #1582: URL: https://github.com/apache/apisix-ingress-controller/pull/1582#issuecomment-1370606273 It's an honor, thanks also. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-docker] bobbyz007 commented on issue #399: docker start error: apisix container is always in restarting status
bobbyz007 commented on issue #399: URL: https://github.com/apache/apisix-docker/issues/399#issuecomment-1370604827 apisix container started successfully by adding r/w permission for other users to apisix_log directory ``` chmod 777 apisix_log/ ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] tanjiancheng opened a new issue, #8605: bug: kafka old topic repeat to create after I change kafka_topic config
tanjiancheng opened a new issue, #8605: URL: https://github.com/apache/apisix/issues/8605 ### Current Behavior  log3 is on used,  but still auto create log1,log2 topics that I use before ### Expected Behavior just auto create topic log3 ### Error Logs no ### Steps to Reproduce change kafka_topic repeatedly and save ### Environment - APISIX version (3.1.0-debian) - apisix-dashboard (2.15.0-alpine) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
