You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2020/12/01 06:04:51 UTC
[GitHub] [apisix-docker] membphis commented on a change in pull request #91: feat: modify docs for Apache APISIX 2.1
membphis commented on a change in pull request #91:
URL: https://github.com/apache/apisix-docker/pull/91#discussion_r533091870
##########
File path: example/apisix_conf/config.yaml
##########
@@ -1,137 +1,22 @@
apisix:
Review comment:
missing Apache License header, any way we can fix this in new PR
##########
File path: example/apisix_conf/config.yaml
##########
@@ -1,137 +1,22 @@
apisix:
node_listen: 9080 # APISIX listening port
- enable_heartbeat: true
- enable_admin: true
- enable_admin_cors: true # Admin API support CORS response headers.
- enable_debug: false
- enable_dev_mode: false # Sets nginx worker_processes to 1 if set to true
- enable_reuseport: true # Enable nginx SO_REUSEPORT switch if set to true.
- enable_ipv6: true
- config_center: etcd # etcd: use etcd to store the config value
- # yaml: fetch the config value from local yaml file `/your_path/conf/apisix.yaml`
- #proxy_protocol: # Proxy Protocol configuration
- # listen_http_port: 9181 # The port with proxy protocol for http, it differs from node_listen and port_admin.
- # This port can only receive http request with proxy protocol, but node_listen & port_admin
- # can only receive http request. If you enable proxy protocol, you must use this port to
- # receive http request with proxy protocol
- # listen_https_port: 9182 # The port with proxy protocol for https
- # enable_tcp_pp: true # Enable the proxy protocol for tcp proxy, it works for stream_proxy.tcp option
- # enable_tcp_pp_to_upstream: true # Enables the proxy protocol to the upstream server
+ allow_admin: # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
+ - 127.0.0.0/24 # If we don't set any IP list, then any IP access is allowed by default.
+ - 172.17.0.0/24
- proxy_cache: # Proxy Caching configuration
- cache_ttl: 10s # The default caching time if the upstream does not specify the cache time
- zones: # The parameters of a cache
- - name: disk_cache_one # The name of the cache, administrator can be specify
- # which cache to use by name in the admin api
- memory_size: 50m # The size of shared memory, it's used to store the cache index
- disk_size: 1G # The size of disk, it's used to store the cache data
- disk_path: "/tmp/disk_cache_one" # The path to store the cache data
- cache_levels: "1:2" # The hierarchy levels of a cache
- # - name: disk_cache_two
- # memory_size: 50m
- # disk_size: 1G
- # disk_path: "/tmp/disk_cache_two"
- # cache_levels: "1:2"
-
-# allow_admin: # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
-# - 127.0.0.0/24 # If we don't set any IP list, then any IP access is allowed by default.
-# - 172.17.0.0/24
- # - "::/64"
- # port_admin: 9180 # use a separate port
-
- # Default token when use API to call for Admin API.
- # *NOTE*: Highly recommended to modify this value to protect APISIX's Admin API.
- # Disabling this configuration item means that the Admin API does not
- # require any authentication.
admin_key:
- -
- name: "admin"
+ - name: "admin"
key: edd1c9f034335f136f87ad84b625c8f1
role: admin # admin: manage all configuration data
# viewer: only can view configuration data
- -
- name: "viewer"
+ - name: "viewer"
key: 4054f7cf07e344346cd3f287985e76a2
role: viewer
- router:
- http: 'radixtree_uri' # radixtree_uri: match route by uri(base on radixtree)
- # radixtree_host_uri: match route by host + uri(base on radixtree)
- ssl: 'radixtree_sni' # radixtree_sni: match route by SNI(base on radixtree)
- # stream_proxy: # TCP/UDP proxy
- # tcp: # TCP proxy port list
- # - 9100
- # - 9101
- # udp: # UDP proxy port list
- # - 9200
- # - 9211
- dns_resolver: # default DNS resolver, with disable IPv6 and enable local DNS
- - 127.0.0.11
- - 114.114.114.114
- - 223.5.5.5
- - 1.1.1.1
- - 8.8.8.8
- dns_resolver_valid: 30 # valid time for dns result 30 seconds
- resolver_timeout: 5 # resolver timeout
- ssl:
- enable: true
- enable_http2: true
- listen_port: 9443
- ssl_protocols: "TLSv1 TLSv1.1 TLSv1.2 TLSv1.3"
- ssl_ciphers: "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
-
-nginx_config: # config for render the template to genarate nginx.conf
- error_log: "logs/error.log"
- error_log_level: "warn" # warn,error
- worker_rlimit_nofile: 20480 # the number of files a worker process can open, should be larger than worker_connections
- event:
- worker_connections: 10620
- http:
- access_log: "logs/access.log"
- keepalive_timeout: 60s # timeout during which a keep-alive client connection will stay open on the server side.
- client_header_timeout: 60s # timeout for reading client request header, then 408 (Request Time-out) error is returned to the client
- client_body_timeout: 60s # timeout for reading client request body, then 408 (Request Time-out) error is returned to the client
- send_timeout: 10s # timeout for transmitting a response to the client.then the connection is closed
- underscores_in_headers: "on" # default enables the use of underscores in client request header fields
- real_ip_header: "X-Real-IP" # http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_header
- real_ip_from: # http://nginx.org/en/docs/http/ngx_http_realip_module.html#set_real_ip_from
- - 127.0.0.1
- - 'unix:'
- #lua_shared_dicts: # add custom shared cache to nginx.conf
- # ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
etcd:
host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster.
- "http://172.18.5.10:2379" # multiple etcd address
prefix: "/apisix" # apisix configurations prefix
timeout: 3 # 3 seconds
Review comment:
the default value is 30 sec now
##########
File path: example/apisix_conf/config.yaml
##########
@@ -1,137 +1,22 @@
apisix:
node_listen: 9080 # APISIX listening port
- enable_heartbeat: true
- enable_admin: true
- enable_admin_cors: true # Admin API support CORS response headers.
- enable_debug: false
- enable_dev_mode: false # Sets nginx worker_processes to 1 if set to true
- enable_reuseport: true # Enable nginx SO_REUSEPORT switch if set to true.
- enable_ipv6: true
Review comment:
do we need to disable `ipv6 ` by default for docker?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org