APISIX部署
一、软件版及部署方式
APISIX 3.13.0 (API网关)
Dashboard 3.5.11 (仪表盘)
ETCD 3.0.0 (配置中心)
Prometheus 2.25.0 (监控系统)
Grafana 7.3.7 (可视化数据平台)
Nacos 2.3.2 (CP+AP 配置中心+服务发现与服务注册)
二、部署前准备
1. 获取项目
git clone https://github.com/apache/apisix-docker.git
如果服务器不能访问github可以先在本机下载好了传到服务器上
cd apisix-docker
mkdir example/apisix-dashboard
cp all-in-one/apisix-dashboard/conf.yaml example/apisix-dashboard/conf.yaml2. 配置文件调整
Nacos的docker配置文件docker-compose.yml,例如位置在nacos/docker-compose.yml
services:
nacos_d5S5:
image: nacos/nacos-server:${VERSION}
# container_name: ${CONTAINER_NAME}
deploy:
resources:
limits:
cpus: ${CPUS}
memory: ${MEMORY_LIMIT}
restart: always
ports:
- ${HOST_IP}:${WEB_PORT}:8080
- ${HOST_IP}:${WEB_HTTP_PORT}:8848
- ${HOST_IP}:${WEB_COMMUNICATION_PORT}:9848
environment:
- NACOS_AUTH_ENABLE=FALSE
- PREFER_HOST_MODE=hostname
- MODE=standalone
- JVM_XMS=${JVM_XMS}
- JVM_XMX=${JVM_XMX}
- JVM_XMN=${JVM_XMN}
- JVM_MS=${JVM_MS}
- JVM_MMS=${JVM_MMS}
- NACOS_AUTH_IDENTITY_KEY=${NACOS_AUTH_IDENTITY_KEY}
- NACOS_AUTH_IDENTITY_VALUE=${NACOS_AUTH_IDENTITY_VALUE}
- NACOS_AUTH_TOKEN=${NACOS_AUTH_TOKEN}
- NACOS_SERVER_IP=${NACOS_SERVER_IP}
volumes:
- ${APP_PATH}/logs:/home/nacos/logs
- ${APP_PATH}/data:/home/nacos/data
labels:
createdBy: "bt_apps"
networks:
- baota_net
networks:
baota_net:
external: trueNacos配置文件.env,例如位置在nacos/.env
VERSION=v2.3.2
CONTAINER_NAME=CONTAINER_NAME
HOST_IP=0.0.0.0
WEB_PORT=8080
WEB_HTTP_PORT=8848
WEB_COMMUNICATION_PORT=9848
JVM_XMS=2g
JVM_XMX=2g
JVM_XMN=1g
JVM_MS=128m
JVM_MMS=256m
NACOS_AUTH_IDENTITY_KEY=serverIdentity
NACOS_AUTH_IDENTITY_VALUE=security
NACOS_AUTH_TOKEN=SecretKey012345678901234567890123456789012345678901234567890123456789
NACOS_SERVER_IP=
MYSQL_DATABASE=wordpress_db
MYSQL_USER=wordpress
MYSQL_PASSWORD=wordpress
MYSQL_HOST_IP=mysql
MYSQL_PORT=3306
CPUS=0
MEMORY_LIMIT=0MB
APP_PATH=/www/dk_project/dk_app/nacos/nacos_d5S5APISIX的docker配置文件docker-compose.yml,位置在example/docker-compose.yml
services:
apisix:
image: apache/apisix:${APISIX_IMAGE_TAG:-3.13.0-debian}
restart: always
volumes:
- ./apisix_conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro
depends_on:
- etcd
##network_mode: host
ports:
- "9180:9180/tcp"
- "9080:9080/tcp"
- "9091:9091/tcp"
- "9443:9443/tcp"
- "9092:9092/tcp"
labels:
createdBy: "bt_apps"
networks:
- baota_net
etcd:
image: bitnami/etcd:3.5.11
restart: always
volumes:
- etcd_data:/bitnami/etcd
environment:
ETCD_ENABLE_V2: "true"
ALLOW_NONE_AUTHENTICATION: "yes"
ETCD_ADVERTISE_CLIENT_URLS: "http://etcd:2379"
ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379"
ports:
- "2379:2379/tcp"
labels:
createdBy: "bt_apps"
networks:
- baota_net
# 官方自带配置文件带APISIX Dashboard,需要自己添加
apisix-dashboard:
image: apache/apisix-dashboard:3.0.0-alpine # 镜像修改,不要使用apache/apisix-dashboard:latest,最新版的插件中心无法打开
restart: always
volumes:
- ./apisix-dashboard/conf.yaml:/usr/local/apisix-dashboard/conf/conf.yaml
depends_on:
- apisix
- etcd
# network_mode: host
ports:
- "19000:9000/tcp"
labels:
createdBy: "bt_apps"
networks:
- baota_net
prometheus:
image: prom/prometheus:v2.25.0
restart: always
volumes:
- ./prometheus_conf/prometheus.yml:/etc/prometheus/prometheus.yml
ports:
- "9090:9090"
labels:
createdBy: "bt_apps"
networks:
- baota_net
grafana:
image: grafana/grafana:7.3.7
restart: always
ports:
- "3000:3000"
volumes:
- "./grafana_conf/provisioning:/etc/grafana/provisioning"
- "./grafana_conf/dashboards:/var/lib/grafana/dashboards"
- "./grafana_conf/config/grafana.ini:/etc/grafana/grafana.ini"
labels:
createdBy: "bt_apps"
networks:
- baota_net
networks:
baota_net:
external: true
volumes:
etcd_data:
driver: localAPISIX Dashboard配置文件conf.yaml,位置在example/apisix-dashboard/conf.yaml
conf:
listen:
host: 0.0.0.0
port: 9000
etcd:
endpoints:
- "http://etcd:2379" # http://127.0.0.1:2379改为http://etcd:2379
# username: "root" # 如果未开启授权忽略ETCD用户名
# password: "123456" # 如果未开启授权忽略ETCD用户密码
log:
error_log:
level: warn # 支持等级,从低到高: debug, info, warn, error, panic, fatal
file_path:
logs/error.log # 支持相对路径、绝对路径、标准输出
# 例如:logs/error.log、/tmp/logs/error.log、/dev/stdout、/dev/stderr
authentication:
secret:
secret1234567890987654321 # 秘钥自己修改
expire_time: 3600 # jwt令牌过期时间(秒)
users:
- username: admin # 登录 `manager api` 的用户名和密码
password: admin # 密码修改成自己的
- username: user
password: user
plugin_attr:
prometheus:
export_addr:
ip: "0.0.0.0"
port: 9091APISIX配置文件config.yaml,位置在example/apisix_conf/conf.yaml
apisix:
node_listen: 9080 # APISIX listening port
enable_ipv6: false
ssl: # 开启SSL支持
enable: true
listen:
- port: 9443
ssl_protocols: TLSv1.1 TLSv1.2 TLSv1.3
ssl_ciphers: EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5
enable_control: true
control:
ip: "0.0.0.0"
port: 9092
deployment:
admin:
allow_admin: # https://nginx.org/en/docs/http/ngx_http_access_module.html#allow
- 0.0.0.0/0 # We need to restrict ip access rules for security. 0.0.0.0/0 is for test.
admin_key:
- name: "admin"
key: edd1c9f034335f136f97ad84b625c8f1
role: admin # admin: manage all configuration data
- name: "viewer"
key: 4054f7cf07e344346cd5f287985e76a2
role: viewer
etcd:
host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster.
- "http://etcd:2379" # multiple etcd address
prefix: "/apisix" # apisix configurations prefix
timeout: 30 # 30 seconds
discovery: # nacos服务发现
nacos:
host:
- "http://192.168.10.151:8848" # 注意Nacos的对外开放端口,防火墙需要放行
namespace_id: "4e1e2589-8415-49f6-8358-c8bb33dfba15" # 如果没开命名空间,这里留空
username: "nacos"
password: "513611Aa"
fetch_interval: 5 # 拉取间隔秒
timeout:
connect: 2000
send: 2000
read: 5000
plugin_attr:
prometheus:
export_addr:
ip: "0.0.0.0"
port: 9091Grafana配置文件grafana.ini,位置在example/grafana_conf/config/grafana.ini
# 开启匿名模式
[security]
allow_embedding = true
[auth.anonymous]
enabled = true
org_name = Main Org.
org_role = Viewer三、部署
部署Nacos
部署APISIX
修改于 2025-08-20 06:02:43