When it comes to API gateways, we are familiar with Gateway and Zuul in Spring Cloud system. When these gateways are used, they basically need to modify configuration files or develop functions by themselves. Today to introduce a powerful API gateway
apisix, with visual management functions, up to 30 plug-in support, I hope to help you!

Mall SpringBoot practical electricity project (50 k + star) address: https://github.com/macrozheng/mall

Introduction to the

Apisix is a cloud-based native microservice API gateway that provides the ultimate performance, security, open source, and extensible platform for APIs. Apisix is based on Nginx and ETCD implementation. Compared with traditional API gateway, Apisix has dynamic routing and plug-in hot loading, which is particularly suitable for API management in microservice system.

The core concept

Let’s take a look at some of the core concepts of Apisix that will help us in our next use!

  • Upstream: Viewed as a virtual host, load balancing a given number of target services according to configuration rules.
  • Route: Match client requests by defining some rules, then execute the configured plug-in on the matched request, and forward the request to the specified upstream.
  • Consumer: As an API gateway, it is sometimes necessary to know who the Consumer of an API is, which can often be used for authentication.
  • Service: You can think of it as an abstraction of a set of routes. It is usually one-to-one upstream, and there is usually a many-to-one relationship between routes and services.
  • Plugin: API gateway to enhance the operation of the request, can add a series of functions such as traffic limit, authentication, blacklist and so on to the request. Can be configured on consumers, services, and routes.

The installation

Since the official Docker Composer deployment solution is provided, it is very convenient to install the related services of Apisix with only one script, and we also use this solution for deployment here.

  • downloadapisix-dockerProject, in fact we only need to use one of themexampleDirectory on the line, download address:https://github.com/apache/api…

  • So let’s takeexampleUpload the directory to a Linux server to see what’s inside the directory;
DRWXRWXRWXRWX. 2 root root 25 Jun 19 10:12 apisix_conf # apisix. 2 root root 71 Jun 24 09:36 apisix_log # Apisix log file directory drwxrwxrwxrwxx. 2 root root 23 Jun 23 17:10 dashboard_conf # User-Dashboard configuration file directory -rwxrwxrwx. 1 root Root 1304 Jun 19 10:12 'compose' -alpine. YML # 'docker-compose' -alpine: 'compose' -rwxrwxrwxrwxx. 1 'root' 1453 Jun 19: 'compose' -alpine: 'compose' -alpine: 'compose' -alpine: 'compose Yml # docker-compose deployment script drwxrwxrwxrwxx. 2 root root 27 Jun 19 10:12 etcd_conf # ectd configuration file directory 2 root root 107 Jun 19 10:12 mkcert DRWXRWXRWX. 3 root root 31 Jun 23 17:06 etcd_data # ectd Upstream: "Upstream:" 2 root root 40 Jun 19 10:12 upstream: "Upstream:
  • fromdocker-compose.ymlIt can be found that the script not only starts Apisix, Apisix-Dashboard, ETCD, the three core services, but also starts two test Nginx services;
Version: "3" Services: # Apisix-Dashboard: Image: Apache/Apisix-Dashboard :2.7 Restart: always volumes: - ./dashboard_conf/conf.yaml:/usr/local/apisix-dashboard/conf/conf.yaml ports: - "9000:9000" networks: Apisix: # gateway Apisix: image: apache/ Apisix: 2.6-Alpine restart: always volumes: - ./apisix_log:/usr/local/apisix/logs - ./apisix_conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro depends_on: -etcd ##network_mode: host ports: - "9080:9080/ TCP "- "9443:9443/ TCP" network_mode: etcd: Image: bitnami/etcd:3.4.15 User: Root restart: always volumes: -./etcd_data:/ etcdi /etcd environment: ETCD_ENABLE_V2: "True" ALLOW_NONE_AUTHENTICATION: "yes" ETCD_ADVERTISE_CLIENT_URLS: "http://0.0.0.0:2379" ETCD_LISTEN_CLIENT_URLS: "yes" ETCD_ADVERTISE_CLIENT_URLS: "http://0.0.0.0:2379" ports: - "2379:2379/ TCP "networks: apisix: #" hello web1 web1: image: Nginx: 1.19.0 - alpine restart: always volumes: -)/upstream/web1. Conf: / etc/nginx/nginx. Conf ports: - "9081:80/ TCP "environment: -nginx_port =80 networks: apisix: # hello web2 web2: image: Nginx: 1.19.0 - alpine restart: always volumes: -)/upstream/web2. Conf: / etc/nginx/nginx. Conf ports: - "9082:80/tcp" environment: - NGINX_PORT=80 networks: apisix: networks: apisix: driver: bridge
  • indocker-compose.ymlUnder the directory where the file is located, use the following command to start all services at one time;
docker-compose -p apisix-docker up -d
  • After successful startup, use the following command to view the running status of all services;
docker-compose -p apisix-docker ps
Name Command State Ports ------------------------------------------------------------------------------------------------------------------------ -- apisix-docker_apisix-dashboard_1 /usr/local/apisix-dashboar ... Up 0.0.0.0:9000->9000/ TCP apisix-docker_apisix_1 sh-c /usr/bin/apisix init... The Up 0.0.0.0:9080 - > 9080 / TCP, 0.0.0.0:9443-9443 / TCP apisix - > docker_etcd_1 / opt/bitnami/scripts/etcd /... Up 0.0.0.0:2379->2379/ TCP, 2380/ TCP apisix-docker_web1_1 / docker-entryPoint.sh ngin... Up 0.0.0.0:9081->80/ TCP apisix-docker_web2_1 /docker-entrypoint.sh ngin... The Up 0.0.0.0:9082 - > 80 / TCP
  • Next, you can manage Apisix with the visual tool. The login password isadmin:admin, access address:http://192.168.5.78:9000/

  • After logging in, look at the interface, it is still very beautiful, Apisix is very simple to build, basically no pits;

  • There are also two testing services,web1Access Address:http://192.168.5.78:9081/

  • Another test serviceweb2Access Address:http://192.168.5.78:9082/

use

Apisix, as a new generation gateway, not only supports basic routing functionality, but also provides a wealth of plug-ins, which is very powerful.

The basic use

Let’s start with the basics of Apisix, having already started two Nginx test services
web1and
web2Next we will access them through Apisix’s routing capabilities.

  • First, we need to create the concept of Upstream, which is a virtual host that provides load-balancing functionality for real services.

  • createweb1Upstream, set the name, load balancing algorithm and target node information;

  • Create it again as described aboveweb2After the creation of the upstream, the upstream list is shown as follows;

  • To create aweb1Route, the Route can be used to match the client request, and then forward to the upstream;

  • Then select the upstream of the good route asweb1;

  • Next, select the plugins that need to be applied to the route. Apisix has a lot of plugins, up to 30. As a basic use, we will not choose the plugins for the time being.

  • To create aweb2After the route is created, the list of post-routes is shown below;

  • Next we access it through the Apisix gatewayweb1Services:http://192.168.5.78:9080/web1/

  • Next we access it through the Apisix gatewayweb2Services:http://192.168.5.78:9080/web2/

Use the advanced

Apisix has a rich set of capabilities that can be implemented by enabling plug-ins, but let’s look at a few that are useful.

The identity authentication

A very popular way to use JWT for authentication is also supported in Apisix and can be enabled
jwt-authPlug-in to implement.

  • First we need to create a Consumer object;

  • It is then enabled in the plug-in configurationjwt-authPlug-in;

  • Configured when the plug-in is enabledkeyandsecret;

  • After successfully creating the consumer list, the display is as follows;

  • Then create another route, and the route access path matches/auth/*, just enablejwt-authPlug-in can;

  • To access the interface to get the generated JWT Token, add two parameters,keyKey configured for the JWT plug-in,payloadFor custom load data stored in JWT, the JWT Token generates the address:http://192.168.5.78:9080/apis…

  • Don’t add JWT Token access router interface, will return 401, interface address: http://192.168.5.78:9080/auth/

  • In the request headerAuthorizationJWT Token can be accessed normally when added to.

  • Of course, Apisix supports not only this kind of authentication, but also the following kinds of authentication.

Current limiting function

Sometimes we need to limit the flow of the gateway, for example, each client IP can only access the interface twice in 30 seconds, can be enabled
limit-countPlug-in to implement.

  • We can select the configuration when creating the routelimit-countPlug-in;

  • Then thelimit-countPlugins are configured according toremote_addrTo limit current;

  • When we call the interface for the third time in 30 seconds, Apisix returns 503 to limit our call.

Cross-domain support

If you want the gateway to support cross-domain access, you can do so by enabling it
corsPlug-in to implement.

  • We can select the configuration when creating the routecorsPlug-in;

  • Then thecorsPlug-in configuration, configure the cross-domain access policy;

  • The call interface test can find that the interface has returned the CORS-related header.

conclusion

Experience a new generation of Apisix API gateway, with visual management of the gateway is not the same, simple to use, powerful! If your microservice is cloud native, try using it as a gateway.

Apisix is not a niche framework and is used by many major companies in China and abroad. If you want to know which companies are using Apisix, please refer to the links below.

https://github.com/apache/api…

The resources

The official documentation of Apisix is very friendly and supports Chinese language. It is the conscience of the industry! A quick review of the official documentation is enough to get the hang of Apisix.

The official document: https://apisix.apache.org/zh/…

Project source address

https://github.com/apache/api…

In this paper, making
https://github.com/macrozheng/mall-learningHas been included, welcome everyone STAR!