There are new requirements for API gateways in the field of microservices: higher flexibility, higher performance requirements, and cloud native.
APISIX is based on etcd to save and synchronize configuration, not relational databases such as Postgres or MySQL.
This not only eliminates polling, makes the code more concise, but also makes configuration synchronization more real-time. At the same time, there will be no single point in the system, which is more usable.
In addition, APISIX has dynamic routing and hot loading of plug-ins, which is especially suitable for API management under micro-service system.
One of the goals of APISIX design and development is the highest performance in the industry. Specific test data can be found here:benchmark
APISIX is the highest performance API gateway with a single-core QPS of 23,000, with an average delay of only 0.6 milliseconds.
Yes, in version 0.6 we have dashboard built in, you can operate APISIX through the web interface.
Of course, APISIX provides flexible custom plugins for developers and businesses to write their own logic.
For the configuration center, configuration storage is only the most basic function, and APISIX also needs the following features:
- Cluster
- Transactions
- Multi-version Concurrency Control
- Change Notification
- High Performance
See more etcd why.
Why is it that installing APISIX dependencies with Luarocks causes timeout, slow or unsuccessful installation?
There are two possibilities when encountering slow luarocks:
- Server used for luarocks installation is blocked
- There is a place between your network and github server to block the 'git' protocol
For the first problem, you can use https_proxy or use the --server option to specify a luarocks server that you can access or access faster.
Run the luarocks config rocks_servers command(this command is supported after luarocks 3.0) to see which server are available.
If using a proxy doesn't solve this problem, you can add --verbose option during installation to see exactly how slow it is. Excluding the first case, only the second that the git protocol is blocked. Then we can run git config --global url."https://".insteadOf git:// to using the 'HTTPS' protocol instead of git.
An example, foo.com/product/index.html?id=204&page=2, gray release based on id in the query string in URL as a condition:
- Group A:id <= 1000
- Group B:id > 1000
here is the way:
curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"uri": "/index.html",
"vars": [
["arg_id", "<=", "1000"]
],
"plugins": {
"redirect": {
"uri": "/test?group_id=1"
}
}
}'
curl -i http://127.0.0.1:9080/apisix/admin/routes/2 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"uri": "/index.html",
"vars": [
["arg_id", ">", "1000"]
],
"plugins": {
"redirect": {
"uri": "/test?group_id=2"
}
}
}'Here is the operator list of current lua-resty-radixtree:
https://github.com/iresty/lua-resty-radixtree#operator-list
An example, redirect http://foo.com to https://foo.com
There are several different ways to do this.
- Directly use the
http_to_httpsinredirectplugin:
curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"uri": "/hello",
"host": "foo.com",
"plugins": {
"redirect": {
"http_to_https": true
}
}
}'- Use with advanced routing rule
varswithredirectplugin:
curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"uri": "/hello",
"host": "foo.com",
"vars": [
[
"scheme",
"==",
"http"
]
],
"plugins": {
"redirect": {
"uri": "https://$host$request_uri",
"ret_code": 301
}
}
}'serverlessplugin:
curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"uri": "/hello",
"plugins": {
"serverless-pre-function": {
"phase": "rewrite",
"functions": ["return function() if ngx.var.scheme == \"http\" and ngx.var.host == \"foo.com\" then ngx.header[\"Location\"] = \"https://foo.com\" .. ngx.var.request_uri; ngx.exit(ngx.HTTP_MOVED_PERMANENTLY); end; end"]
}
}
}'Then test it to see if it works:
curl -i -H 'Host: foo.com' http://127.0.0.1:9080/helloThe response body should be:
HTTP/1.1 301 Moved Permanently
Date: Mon, 18 May 2020 02:56:04 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://foo.com/hello
Server: APISIX web server
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>openresty</center>
</body>
</html>
When you install the OpenResty on MacOs 10.15, you may face this error
> brew install openresty
Updating Homebrew...
==> Auto-updated Homebrew!
Updated 1 tap (homebrew/cask).
No changes to formulae.
==> Installing openresty from openresty/brew
Warning: A newer Command Line Tools release is available.
Update them from Software Update in System Preferences or
https://developer.apple.com/download/more/.
==> Downloading https://openresty.org/download/openresty-1.15.8.2.tar.gz
Already downloaded: /Users/wusheng/Library/Caches/Homebrew/downloads/4395089f0fd423261d4f1124b7beb0f69e1121e59d399e89eaa6e25b641333bc--openresty-1.15.8.2.tar.gz
==> ./configure -j8 --prefix=/usr/local/Cellar/openresty/1.15.8.2 --pid-path=/usr/local/var/run/openresty.pid --lock-path=/usr/
Last 15 lines from /Users/wusheng/Library/Logs/Homebrew/openresty/01.configure:
DYNASM host/buildvm_arch.h
HOSTCC host/buildvm.o
HOSTLINK host/buildvm
BUILDVM lj_vm.S
BUILDVM lj_ffdef.h
BUILDVM lj_bcdef.h
BUILDVM lj_folddef.h
BUILDVM lj_recdef.h
BUILDVM lj_libdef.h
BUILDVM jit/vmdef.lua
make[1]: *** [lj_folddef.h] Segmentation fault: 11
make[1]: *** Deleting file `lj_folddef.h'
make[1]: *** Waiting for unfinished jobs....
make: *** [default] Error 2
ERROR: failed to run command: gmake -j8 TARGET_STRIP=@: CCDEBUG=-g XCFLAGS='-msse4.2 -DLUAJIT_NUMMODE=2 -DLUAJIT_ENABLE_LUA52COMPAT' CC=cc PREFIX=/usr/local/Cellar/openresty/1.15.8.2/luajit
If reporting this issue please do so at (not Homebrew/brew or Homebrew/core):
https://github.com/openresty/homebrew-brew/issues
These open issues may also help:
Can't install openresty on macOS 10.15 https://github.com/openresty/homebrew-brew/issues/10
The openresty-debug package should use openresty-openssl-debug instead https://github.com/openresty/homebrew-brew/issues/3
Fails to install OpenResty https://github.com/openresty/homebrew-brew/issues/5
Error: A newer Command Line Tools release is available.
Update them from Software Update in System Preferences or
https://developer.apple.com/download/more/.This is an OS incompatible issue, you could fix by these two steps
brew edit openresty/brew/openresty- add
\ -fno-stack-checkin with-luajit-xcflags line.
The default log level for APISIX is warn. However You can change the log level to info if you want to trace the messages print by core.log.info.
Steps:
-
Modify the parameter
error_log_level: "warn"toerror_log_level: "info"in conf/config.yaml -
Reload or restart APISIX
Now you can trace the info level log in logs/error.log.
The Apache APISIX plugin supports hot reloading.
See the Hot reload section in plugins for how to do that.
By default, APISIX only listens on port 9080 when handling HTTP requests. If you want APISIX to listen on multiple ports, you need to modify the relevant parameters in the configuration file as follows:
-
Modify the parameter of HTTP port listen
node_listeninconf/config.yaml, for example:apisix: node_listen: - 9080 - 9081 - 9082Handling HTTPS requests is similar, modify the parameter of HTTPS port listen
ssl.listen_portinconf/config.yaml, for example:apisix: ssl: listen_port: - 9443 - 9444 - 9445 -
Reload or restart APISIX
etcd provides subscription functions to monitor whether the specified keyword or directory is changed (for example: watch, watchdir).
APISIX uses etcd.watchdir to monitor directory content changes:
- If there is no data update in the monitoring directory: the process will be blocked until timeout or other errors occurred.
- If the monitoring directory has data updates: etcd will return the new subscribed data immediately (in milliseconds), and APISIX will update it to the memory cache.
With the help of etcd which incremental notification feature is millisecond-level , APISIX achieve millisecond-level of configuration synchronization.
By default, APISIX will read the instance id from conf/apisix.uid. If it is not found, and no id is configured, APISIX will generate a uuid as the instance id.
If you want to specify a meaningful id to bind APISIX instance to your internal system, you can configure it in conf/config.yaml, for example:
```
apisix:
id: "your-meaningful-id"
```
Why there are a lot of "failed to fetch data from etcd, failed to read etcd dir, etcd key: xxxxxx" errors in error.log?
First please make sure the network between APISIX and etcd cluster is not partitioned.
If the network is healthy, please check whether your etcd cluster enables the gRPC gateway. However, The default case for this feature is different when use command line options or configuration file to start etcd server.
- When command line options is in use, this feature is enabled by default, the related option is
--enable-grpc-gateway.
etcd --enable-grpc-gateway --data-dir=/path/to/dataNote this option is not shown in the output of etcd --help.
- When configuration file is used, this feature is disabled by default, please enable
enable-grpc-gatewayexplicitly.
# etcd.json
{
"enable-grpc-gateway": true,
"data-dir": "/path/to/data"
}Indeed this distinction was eliminated by etcd in their master branch, but not backport to announced versions, so be care when deploy your etcd cluster.