Apache APISIX 源码构建
慕俊语
如何构建 Apache APISIX
注:此文档构建环境为腾讯云CentOS 7.9,虚拟机同样适用。
步骤1:安装依赖
# 编写依赖脚本
cd /usr/local && mkdir apisix-deps
cd apisix-deps && vim deps.sh
# 脚本内容见下方代码块
# 添加权限并执行脚本,安装依赖
chmod +x deps.sh && ./deps.sh
rm -f deps.sh
#!/usr/bin/env bash
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
set -ex
function detect_aur_helper() {
if [[ $(which yay) ]]; then
AUR_HELPER=yay
elif [[ $(which pacaur) ]]; then
AUR_HELPER=pacaur
else
echo No available AUR helpers found. Please specify your AUR helper by AUR_HELPER.
exit -1
fi
}
function install_dependencies_with_aur() {
detect_aur_helper
$AUR_HELPER -S openresty --noconfirm
sudo pacman -S openssl --noconfirm
export OPENRESTY_PREFIX=/opt/openresty
sudo mkdir $OPENRESTY_PREFIX/openssl
sudo ln -s /usr/include $OPENRESTY_PREFIX/openssl/include
sudo ln -s /usr/lib $OPENRESTY_PREFIX/openssl/lib
}
# Install dependencies on centos and fedora
function install_dependencies_with_yum() {
sudo yum install yum-utils
local common_dep="curl git gcc openresty-openssl111-devel unzip pcre pcre-devel openldap-devel"
if [ "${1}" == "centos" ]; then
# add APISIX source
sudo yum-config-manager --add-repo https://repos.apiseven.com/packages/centos/apache-apisix.repo
# install apisix-base and some compilation tools
# shellcheck disable=SC2086
sudo yum install -y apisix-base $common_dep
else
# add OpenResty source
sudo yum-config-manager --add-repo "https://openresty.org/package/${1}/openresty.repo"
# install OpenResty and some compilation tools
# shellcheck disable=SC2086
sudo yum install -y openresty $common_dep
fi
}
# Install dependencies on ubuntu and debian
function install_dependencies_with_apt() {
# add OpenResty source
sudo apt-get update
sudo apt-get -y install software-properties-common wget lsb-release
wget -qO - https://openresty.org/package/pubkey.gpg | sudo apt-key add -
if [[ "${1}" == "ubuntu" ]]; then
sudo add-apt-repository -y "deb http://openresty.org/package/ubuntu $(lsb_release -sc) main"
elif [[ "${1}" == "debian" ]]; then
sudo add-apt-repository -y "deb http://openresty.org/package/debian $(lsb_release -sc) openresty"
fi
sudo apt-get update
# install OpenResty and some compilation tools
sudo apt-get install -y git openresty curl openresty-openssl111-dev make gcc libpcre3 libpcre3-dev libldap2-dev
}
# Install dependencies on mac osx
function install_dependencies_on_mac_osx() {
# install OpenResty, etcd and some compilation tools
brew install openresty/brew/openresty luarocks lua@5.1 etcd curl git pcre openldap
# start etcd server
brew services start etcd
}
# Identify the different distributions and call the corresponding function
function multi_distro_installation() {
if grep -Eqi "CentOS" /etc/issue || grep -Eq "CentOS" /etc/*-release; then
install_dependencies_with_yum "centos"
elif grep -Eqi "Fedora" /etc/issue || grep -Eq "Fedora" /etc/*-release; then
install_dependencies_with_yum "fedora"
elif grep -Eqi "Debian" /etc/issue || grep -Eq "Debian" /etc/*-release; then
install_dependencies_with_apt "debian"
elif grep -Eqi "Ubuntu" /etc/issue || grep -Eq "Ubuntu" /etc/*-release; then
install_dependencies_with_apt "ubuntu"
elif grep -Eqi "Arch" /etc/issue || grep -Eq "Arch" /etc/*-release; then
install_dependencies_with_aur
else
echo "Non-supported operating system version"
fi
}
# Install etcd
function install_etcd() {
ETCD_VERSION='3.4.13'
wget https://github.com/etcd-io/etcd/releases/download/v${ETCD_VERSION}/etcd-v${ETCD_VERSION}-linux-amd64.tar.gz
tar -xvf etcd-v${ETCD_VERSION}-linux-amd64.tar.gz && \
cd etcd-v${ETCD_VERSION}-linux-amd64 && \
sudo cp -a etcd etcdctl /usr/bin/
nohup etcd &
}
# Install LuaRocks
function install_luarocks() {
curl https://raw.githubusercontent.com/apache/apisix/master/utils/linux-install-luarocks.sh -sL | bash -
}
# Entry
function main() {
OS_NAME=$(uname -s | tr '[:upper:]' '[:lower:]')
if [[ "${OS_NAME}" == "linux" ]]; then
multi_distro_installation
install_luarocks
install_etcd
elif [[ "${OS_NAME}" == "darwin" ]]; then
install_dependencies_on_mac_osx
else
echo "Non-surported distribution"
fi
}
main
步骤2:安装 Apache APISIX
通过源码包安装
-
创建一个名为
apisix-2.11.0的目录。cd /usr/local && mkdir apisix-2.11.0 && cd apisix-2.11.0 -
下载 Apache APISIX Release 源码包:
yum install -y wget && wget https://downloads.apache.org/apisix/2.11.0/apache-apisix-2.11.0-src.tgz您也可以通过 Apache APISIX 官网下载 Apache APISIX Release 源码包。 Apache APISIX 官网也提供了 Apache APISIX、APISIX Dashboard 和 APISIX Ingress Controller 的源码包,详情请参考Apache APISIX 官网-下载页。
-
解压 Apache APISIX Release 源码包:
tar zxvf apache-apisix-2.11.0-src.tgz -C /usr/local/apisix-2.11.0 && rm -f apache-apisix-2.11.0-src.tgz -
安装运行时依赖的 Lua 库:
# 安装依赖 LUAROCKS_SERVER=https://luarocks.cn make deps # 如果安装依赖时报错:The unauthenticated git protocol on port 9418 is no longer supported.执行以下命令即可。 git config --global url."https://".insteadOf git:// # 安装 apisix 命令 make install
步骤3:管理 Apache APISIX 服务
我们可以在 Apache APISIX 的目录下使用命令初始化依赖、启动服务和停止服务,也可以通过 apisix help 命令查看所有命令和对应的功能。
初始化依赖
运行以下命令初始化 NGINX 配置文件和 etcd。
# initialize NGINX config file and etcdapisix init
apisix init
启动 Apache APISIX
运行以下命令启动 Apache APISIX。
# start Apache APISIX serverapisix start
apisix start
停止运行 Apache APISIX
优雅停机 apisix quit 和强制停机 apisix stop都可以停止运行 Apache APISIX。建议您优先选择优雅停机的方式停止 Apache APISIX,因为这种停止方式能够保证 Apache APISIX 完成了已经接受到的请求之后再停止;而强制停机则是立即停止 Apache APISIX,在这种情况下,Apache APISIX 接收到但未完成的请求会随着强制停机一并停止。
执行优雅停机的命令如下所示:
# stop Apache APISIX server gracefully
apisix quit
执行强制停机的命令如下所示:
# stop Apache APISIX server immediately
apisix stop
查看其他操作
运行 apisix help 命令,查看返回结果,获取其他操作的命令和描述。
# more actions find by `help`
apisix help
步骤4:修改 Admin API key
您需要修改 Admin API 的 key,以保护 Apache APISIX。
请修改 conf/config.yaml 中的 apisix.admin_key 并重启服务,如下所示:
apisix:
# ... ...
admin_key
-
name: "admin"
key: lileihehanmeimei # 将原有的 key 修改为abcdefghabcdefgh
role: admin
当我们需要访问 Admin API 时,就可以使用上面记录的 key 了,如下所示:
curl http://127.0.0.1:9080/apisix/admin/routes?api_key=lileihehanmeimei -i
返回结果中的状态码 200 说明访问成功,如下所示:
HTTP/1.1 200 OK
Date: Wed, 15 Dec 2021 08:40:30 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/2.11.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 3600
{"node":{"nodes":{},"dir":true,"key":"\/apisix\/routes"},"action":"get","count":0}
在这个时候,如果您输入的 key 与 conf/config.yaml 中 apisix.admin_key 的值不匹配,例如,我们已知正确的 key 是 lileihehanmeimei,但是我们选择输入一个错误的 key,例如 wrong-key,如下所示:
curl http://127.0.0.1:9080/apisix/admin/routes?api_key=wrong-key -i
返回结果中的状态码 401 说明访问失败,原因是输入的 key 有误,未通过认证,触发 Unauthorized 错误,如下所示:
HTTP/1.1 401 Unauthorized
Date: Wed, 15 Dec 2021 08:41:10 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/2.11.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 3600
{"error_msg":"failed to check token"}
类似资料: