You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by ju...@apache.org on 2021/10/10 15:41:00 UTC
[apisix-website] 11/11: docs: update images
This is an automated email from the ASF dual-hosted git repository.
juzhiyuan pushed a commit to branch chore-docusaurus
in repository https://gitbox.apache.org/repos/asf/apisix-website.git
commit 7c94695efb5d7ae6f6667fa0e146e51a542e85a8
Author: juzhiyuan <ju...@apache.org>
AuthorDate: Sun Oct 10 23:07:11 2021 +0800
docs: update images
---
...Helps-Apache-APISIX-Improve-System-Stability.md | 6 +++---
...ors-the-golden-metric-of-openSource-projects.md | 14 ++++++-------
...onnect-Plugin-for-Centralized-Authentication.md | 24 +++++++++++-----------
.../08/25/Auth-with-Casbin-in-Apache-APISIX.md | 2 +-
...na-Data-Security-and-Privacy-Protection-Team.md | 2 +-
...255\243\345\274\217\345\217\221\345\270\203.md" | 2 +-
...s-Mesh-helps-Apache-APISIX-improve-stability.md | 4 ++--
...ss-Control-Bypass-Vulnerability-Announcement.md | 2 +-
...of-Apache-APISIX-Ingress-Controller-released.md | 2 +-
.../21/use-Java-to-write-Apache-APISIX-plugins.md | 4 ++--
...n-source-gateway-and-ingress-controller-fast.md | 16 +++++++--------
.../06/30/etcd3-support-HTTP-access-perfectly.md | 4 ++--
.../2021/07/25/apachecon-asia.md | 18 ++++++++--------
...use-of-plugin-orchestration-in-Apache-APISIX.md | 14 ++++++-------
.../08/09/Apache-APISIX-in-China-Mobile-Cloud.md | 2 +-
.../2021/08/11/interview-TuZhengsong.md | 4 ++--
...ors-the-golden-metric-of-openSource-projects.md | 14 ++++++-------
.../08/18/Auth-with-Casbin-in-Apache-APISIX.md | 2 +-
.../2021/08/19/go-makes-Apache-APISIX-better.md | 2 +-
.../2021/08/19/weekly-report.md | 2 +-
.../2021/08/21/shanghai-meetup.md | 8 ++++----
...onnect-Plugin-for-Centralized-Authentication.md | 24 +++++++++++-----------
...s-you-quickly-with-Apache-APISIX-development.md | 2 +-
23 files changed, 87 insertions(+), 87 deletions(-)
diff --git a/website/blog/2021/08/12/Chaos-Mesh-Helps-Apache-APISIX-Improve-System-Stability.md b/website/blog/2021/08/12/Chaos-Mesh-Helps-Apache-APISIX-Improve-System-Stability.md
index d96fd3e..5a22e83 100644
--- a/website/blog/2021/08/12/Chaos-Mesh-Helps-Apache-APISIX-Improve-System-Stability.md
+++ b/website/blog/2021/08/12/Chaos-Mesh-Helps-Apache-APISIX-Improve-System-Stability.md
@@ -19,7 +19,7 @@ tags: [Practical Case]
[Apache APISIX](https://github.com/apache/apisix) is a cloud-native, high-performance, scaling microservices API gateway. It is one of the Apache Software Foundation's top-level projects and serves hundreds of companies around the world, processing their mission-critical traffic, including finance, the Internet, manufacturing, retail, and operators. Our customers include NASA, the European Union’s digital factory, China Mobile, and Tencent.
-
+
As our community grows, Apache APISIX’s features more frequently interact with external components, making our system more complex and increasing the possibility of errors. To identify potential system failures and build confidence in the production environment, we introduced the concept of Chaos Engineering.
@@ -63,7 +63,7 @@ We deployed a Chaos Engineering experiment using the following steps:
3. We used network chaos to add a five second network latency and then retested. This time, `set route` failed, `get route` succeeded, etcd could be connected to, and RPS had no significant change compared to the previous experiment. The experiment met our expectations.
-
+
### Scenario #2
@@ -75,7 +75,7 @@ Our troubleshooting revealed that the etcd Lua API used by Apache APISIX selecte
After we fixed this problem, we added a health check to the etcd Lua API to ensure that a large number of requests would not be sent to the disconnected etcd node. To avoid flooding the log with errors, we added a fallback mechanism when the etcd cluster was completely disconnected.
-
+
## Our future plans
diff --git a/website/blog/2021/08/14/contributors-the-golden-metric-of-openSource-projects.md b/website/blog/2021/08/14/contributors-the-golden-metric-of-openSource-projects.md
index 55e8144..587c52f 100644
--- a/website/blog/2021/08/14/contributors-the-golden-metric-of-openSource-projects.md
+++ b/website/blog/2021/08/14/contributors-the-golden-metric-of-openSource-projects.md
@@ -30,7 +30,7 @@ Star number: This is the most direct indicator, it represents the project has at
Issue and PR counts: Also GitHub provides the Insights feature, shown in the following image.
-
+
You can select the number of new and closed issues and PRs for this open source project, can also filter by period.
@@ -40,7 +40,7 @@ GitHub insights provides a great developer perspective, but it’s not perfect:
The following graph shows the commit frequency statistics of Apache APISIX from it’s first day, which shows that Apache APISIX has maintained a very stable and continuous activities, but this metric is also a bit thin: you can’t see the data of which developers submitted these commits
-
+
after reading so many indicators, still you can’t get your answer, don’t you think that choosing an open source project is so complicated? Wait!
@@ -49,11 +49,11 @@ As maintainers and developers of open source projects, we also need such golden
## Contributor growth
-
+
## Monthly Active Contributors
-
+
As you can clearly see from the two tables above, Apache APISIX has seen a steady growth in contributors since its first day, with about 25 contributors participating each month.
@@ -65,7 +65,7 @@ The contributor growth line plot is based on the date of the first commit by eac
By showing line plot for multiple repo in the same chart at the same time, we can also visually compare the development of different communities.
-
+
In the graph above, we can see that the number of contributors to Apache APISIX is growing at a very fast rate, and in just two years, the number of contributors has almost caught up with or even surpassed other open source API gateway projects.
@@ -73,13 +73,13 @@ The monthly contributor line plot is derived from the number of contributors com
Compared to the contributor growth line plot, the monthly contributors are a better measure of how the community has grown in a short period of time.
-
+
For example, in the graph above, we can see that Apache APISIX has the highest and most consistent number of monthly contributors of any open source API gateway project.
This explains why Apache APISIX has been able to catch up with its friends in terms of total contributors in such a short period of time since it’s first day of open source.
-
+
The above graph is comparison of monthly contributors between different MQ community, which is also widely discussed on Twitter. With this chart, we can see that Apache Pulsar is catching up to Apache Kafka in terms of contributors of the month.
diff --git a/website/blog/2021/08/16/Using-the-Apache-APISIX-OpenID-Connect-Plugin-for-Centralized-Authentication.md b/website/blog/2021/08/16/Using-the-Apache-APISIX-OpenID-Connect-Plugin-for-Centralized-Authentication.md
index b578c26..ba02206 100644
--- a/website/blog/2021/08/16/Using-the-Apache-APISIX-OpenID-Connect-Plugin-for-Centralized-Authentication.md
+++ b/website/blog/2021/08/16/Using-the-Apache-APISIX-OpenID-Connect-Plugin-for-Centralized-Authentication.md
@@ -41,7 +41,7 @@ You can see the flow of traditional authentication in the figure below.
First, the user initiates a request, then the gateway receives the request and forwards it to the corresponding application services, and finally, the application services interact with the identity provider to complete the authorization.
-
+
### Centralized Identity Authentication Mode
@@ -49,7 +49,7 @@ Unlike traditional authentication, the centralized identity mode removes user au
First, the user initiates a request, then the gateway itself takes charge of the user authentication process, interacting with the identity provider and sending them an authorization request. The identity provider returns user identity information (user info). After the gateway identifies the user, it forwards the user identity information (user info) to the services in a request header.
-
+
Compared with the traditional authentication mode, centralized identity mode has the following advantages:
@@ -62,7 +62,7 @@ OpenID Connect (OIDC) is a centralized identity authentication mode. The benefit
### OpenID Authentication Process
-
+
1. APISIX initiates an authentication request to the Identity Provider.
2. The user logs in and authenticates on the Identity Provider.
@@ -83,20 +83,20 @@ Have an Okta account ready for use.
### Step 1: Configuring Okta
1. Log in to your Okta account and click "Create App Integration" to create an Okta application.
- 
+ 
2. Select "OIDC-OpenID Connect" for the Sign-in method, and select "Web Application" for the Application type.
- 
+ 
3. Set the redirect URL for login and logout. The "Sign-in redirect URIs" are links a user can go to after a successful login, and the "Sign-out redirect URIs" are links a user goes to after a successful logout. In this example, we set both sign-in and sign-out redirect URIs to `http://127.0.0.1:9080/`.
- 
+ 
4. After finishing the settings, click "Save" to save the changes.
- 
+ 
5. Visit the General page of the application to obtain the following configuration, which is required to configure Apache APISIX OpenID Connect.
- Client ID: OAuth client ID, the application ID, which corresponds to client_id and {YOUR_CLIENT_ID} below.
- Client secret: OAuth client secret, the application key, which corresponds to client_secret and {YOUR_CLIENT_SECRET} below.
- Okta domain: The domain name used by the application, corresponding to {YOUR_ISSUER} below.
-
+
### Step 2: Install Apache APISIX
@@ -222,7 +222,7 @@ curl -XPOST 127.0.0.1:9080/apisix/admin/routes -H "X-Api-Key: edd1c9f034335f136
### Step 4: Access Apache APISIX
1. Visit "http://127.0.0.1:9080/get" and the page is redirected to the Okta login page because the OpenID Connect plugin is enabled.
- 
+ 
2. Enter the username and password for the user's Okta account and click "Sign In" to log in to your Okta account.
3. After successful login, you can access the get page in "httpbin.org". The "httpbin.org/get" page will return the requested data with X-Access-Token,X-Id-Token, and X-Userinfo as follows.
@@ -234,15 +234,15 @@ curl -XPOST 127.0.0.1:9080/apisix/admin/routes -H "X-Api-Key: edd1c9f034335f136
**X-Access-Token**: Apache APISIX puts the access token obtained from the user provider into the X-Access-Token request header, optionally via the access_token_in_authorization_header in the plugin configuration Authorization request header.
-
+
**X-Id-Token**: Apache APISIX will get the Id token from the user provider through the base64 encoding into the X-Id-Token request header, you can choose whether to enable this function through the set_id_token_header in the plugin configuration, the default is enabled.
-
+
**X-Userinfo**: Apache APISIX will get the user information from the user provider and put it into X-Userinfo after encoding it with Base64, you can choose whether to enable this feature through set_userinfo_header in the plugin configuration, it is set to be on by default.
-
+
As you can see, Apache APISIX will carry the X-Access-Token, X-Id-Token, and X-Userinfo request headers to the upstream. The upstream can parse these headers to get the user IDid information and user metadata.
diff --git a/website/blog/2021/08/25/Auth-with-Casbin-in-Apache-APISIX.md b/website/blog/2021/08/25/Auth-with-Casbin-in-Apache-APISIX.md
index ea5e5bc..1d515ca 100644
--- a/website/blog/2021/08/25/Auth-with-Casbin-in-Apache-APISIX.md
+++ b/website/blog/2021/08/25/Auth-with-Casbin-in-Apache-APISIX.md
@@ -44,7 +44,7 @@ The authz-casbin plugin uses three parameters for authorization: `subject`, `obj
For example, if you want to create a model to access three resources: main page`/`, resource1 `/res1`, and resource2 `/res2`, you will need a model that looks like the figure below:
-
+
In this model, all users, including Jack, have access to the main page `/`. Users with administrator privileges, such as Alice and Bob, can access all pages and resources (main page `/`, resource1 `/res1`, and resource 2 `/res2`). Thus, you need to restrict users without administrator privileges to access specific resources using the GET request method. The required model is shown in the code block below:
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/01/11/interview-Apache-APISIX-contributor-Wang-Pengcheng-Senior-Security-Advisor-of-PwC-South-China-Data-Security-and-Privacy-Protection-Team.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/01/11/interview-Apache-APISIX-contributor-Wang-Pengcheng-Senior-Security-Advisor-of-PwC-South-China-Data-Security-and-Privacy-Protection-Team.md
index d236dcf..25b8517 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/01/11/interview-Apache-APISIX-contributor-Wang-Pengcheng-Senior-Security-Advisor-of-PwC-South-China-Data-Security-and-Privacy-Protection-Team.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/01/11/interview-Apache-APISIX-contributor-Wang-Pengcheng-Senior-Security-Advisor-of-PwC-South-China-Data-Security-and-Privacy-Protection-Team.md
@@ -43,4 +43,4 @@ tags: [Interview]
Apache APISIX 的第一个 CVE:Apache APISIX Admin API 默认 Token 漏洞(CVE-2020-13945)。[安全漏洞详情](https://nvd.nist.gov/vuln/detail/CVE-2020-13945)
-
+
diff --git "a/website/i18n/zh/docusaurus-plugin-content-blog/2021/05/25/Apache APISIX 2.6.0-Release \346\255\243\345\274\217\345\217\221\345\270\203.md" "b/website/i18n/zh/docusaurus-plugin-content-blog/2021/05/25/Apache APISIX 2.6.0-Release \346\255\243\345\274\217\345\217\221\345\270\203.md"
index f2bab46..66e1a62 100644
--- "a/website/i18n/zh/docusaurus-plugin-content-blog/2021/05/25/Apache APISIX 2.6.0-Release \346\255\243\345\274\217\345\217\221\345\270\203.md"
+++ "b/website/i18n/zh/docusaurus-plugin-content-blog/2021/05/25/Apache APISIX 2.6.0-Release \346\255\243\345\274\217\345\217\221\345\270\203.md"
@@ -26,7 +26,7 @@ APISIX 现在支持通过 Lua 语言编写插件,在代理请求的过程中
从 2.6 版本开始,借助 plugin runner,APISIX 支持运行非 Lua 语言编写的插件。架构图如下:
-
+
APISIX 会以 sidecar 的形式运行 plugin runner。
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/16/Chaos-Mesh-helps-Apache-APISIX-improve-stability.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/16/Chaos-Mesh-helps-Apache-APISIX-improve-stability.md
index fcc87fe..4822ccf 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/16/Chaos-Mesh-helps-Apache-APISIX-improve-stability.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/16/Chaos-Mesh-helps-Apache-APISIX-improve-stability.md
@@ -44,7 +44,7 @@ Apache APISIX 是 Apache 基金会下的顶级项目,目前在生产环境中
#### 场景一
-
+
用一幅图来描述这个场景。对照上面的五个步骤,首先需要找到衡量 Apache APISIX 正常运行的可量化指标。在测试时最主要的方法是利用 Grafana 对 Apache APISIX 运行指标进行监测,找到可衡量的指标后,在 CI 中就可以从 Prometheus 中单独提取数据进行比较判断,这里使用了路由转发的 Request per Second(RPS)和 etcd 的可连接性 作为评价指标。另一点就是需要对日志进行分析,对于 Apache APISIX 就是查看 Nginx 的 error.log 判断是否有报错以及报错是否符合预期。
@@ -52,7 +52,7 @@ Apache APISIX 是 Apache 基金会下的顶级项目,目前在生产环境中
#### 场景二
-
+
进行同样的对照组实验之后引入 pod-kill chaos,复现了预期的错误。在随机删除集群中少数 etcd 节点的情况下,etcd 可连接性表现出时有时无,日志则打印出了大量连接拒绝的报错。更加有趣的是,在删除 etcd 端点列表的第一个或第三个节点时,设置路由正常返回,而只有在删除 etcd 端点列表中的第二个节点时,设置路由会报错 “connection refused”。
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/17/Apache-APISIX-Dashboard-Access-Control-Bypass-Vulnerability-Announcement.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/17/Apache-APISIX-Dashboard-Access-Control-Bypass-Vulnerability-Announcement.md
index 1ee7423..3c0088a 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/17/Apache-APISIX-Dashboard-Access-Control-Bypass-Vulnerability-Announcement.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/17/Apache-APISIX-Dashboard-Access-Control-Bypass-Vulnerability-Announcement.md
@@ -42,7 +42,7 @@ CVE 详细信息:https://nvd.nist.gov/vuln/detail/CVE-2021-33190
该漏洞是由平安科技银河安全实验室的 Vern 发现,并向 Apache 软件基金会上报该漏洞。感谢 Vern 和平安科技银河安全实验室对 Apache APISIX 社区的贡献。
-
+
## 拓展阅读
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/18/first-GA-version-v1.0-of-Apache-APISIX-Ingress-Controller-released.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/18/first-GA-version-v1.0-of-Apache-APISIX-Ingress-Controller-released.md
index 9d105b8..d8f674b 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/18/first-GA-version-v1.0-of-Apache-APISIX-Ingress-Controller-released.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/18/first-GA-version-v1.0-of-Apache-APISIX-Ingress-Controller-released.md
@@ -25,7 +25,7 @@ Apache APISIX Ingress Controller 是一个使用 Apache APISIX 作为数据面
整体架构如下:
-
+
## v1.0 最新特性
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/21/use-Java-to-write-Apache-APISIX-plugins.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/21/use-Java-to-write-Apache-APISIX-plugins.md
index 471be0f..b01e2a9 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/21/use-Java-to-write-Apache-APISIX-plugins.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/21/use-Java-to-write-Apache-APISIX-plugins.md
@@ -29,7 +29,7 @@ Apache APISIX 支持多语言编写插件了!不会 Lua 也没关系,现在
### 1.2 Apache APISIX 多语言支持架构图
-
+
上图左边是 Apache APISIX 的工作流程,右边的 plugin runner 是指插件运行器,泛指多语言支持的项目。本文档下面提到的 apisix-java-plugin-runner 项目就是支持 Java 语言的 plugin runner。
@@ -71,7 +71,7 @@ ext-plugin:
如果你是使用 IDEA 进行开发,那么配置好的环境变量示意如下:
-
+
apisix-java-plugin-runner 相当于 server 端,在启动时会主动创建 `/tmp/runner.sock` 文件,并在这个文件上与 Apache APISIX 进行 Unix Domain Socket 通信。
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/23/deploy-great-open-source-gateway-and-ingress-controller-fast.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/23/deploy-great-open-source-gateway-and-ingress-controller-fast.md
index 55de0d4..d0e1b9c 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/23/deploy-great-open-source-gateway-and-ingress-controller-fast.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/23/deploy-great-open-source-gateway-and-ingress-controller-fast.md
@@ -30,27 +30,27 @@ Apache APISIX 是一款开源的高性能、动态云原生网关,由深圳支
在 Rancher 的 *Tools - Catalogs* 页面可以进行商店(catalogs)的配置,我们在这里[添加 Apache APISIX 的 Helm 仓库](https://github.com/apache/apisix-helm-chart)。
-
+
保存完成后,即可选择 *Apps* 页面进行 Apache APISIX 的部署了。选择 *Launch* 便可看到 Apache APISIX 的仓库信息了。这里我们直接选择 apisix 即可。
-
+
-
+
接下来着只需要在此页面中进行简单的配置即可。 **因为我们想要同时部署 APISIX Ingress controller,所以在底部的 Answers 中填入 `ingress-controller.enabled=true` 这个配置项** 。保存即可完成部署。
-
+
稍等片刻即可完成部署。
-
+
## 部署示例项目
我们使用 `kennethreitz/httpbin` 作为示例项目进行演示。这里也直接在 Rancher 中完成部署。
-
+
## 使用 Apache APISIX 作为网关代理
@@ -139,13 +139,13 @@ root@apisix:~$ curl http://172.18.0.2:32763/get -H "HOST: httpbin.org"
我们可以直接在 Rancher 中添加 Ingress ,Apache APISIX Ingress controller 会自动将路由规则同步至 Apache APISIX 中,完成服务的代理。
-
+
注意右下角, 我们添加了 `kubernetes.io/ingress.class: apisix` 的 annotation 配置,用于支持集群内多 ingress-controller 的场景。
保存后,可看到如下界面:
-
+
在终端下测试是否代理成功:
```shell
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/30/etcd3-support-HTTP-access-perfectly.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/30/etcd3-support-HTTP-access-perfectly.md
index a5fe59d..8ffa80e 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/30/etcd3-support-HTTP-access-perfectly.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/06/30/etcd3-support-HTTP-access-perfectly.md
@@ -41,7 +41,7 @@ Apache APISIX 开始用 etcd 的时候,用的是 etcd v2 的 API。从 Apache
我们采用了第二种方案,给 etcd 提了个 PR:https://github.com/etcd-io/etcd/pull/13077
-
+
最新发布的 v3.5.0 版本就包含了我们贡献的这个改动。如果你遇到 “grpc: received message larger than max”,不妨试一下这个版本。这一改动也被 etcd 开发者 backport 到 3.4 分支上了。3.4 分支的下一个发布,也会带上这个改动。
@@ -95,7 +95,7 @@ TLS Web Server Authentication
etcd 上也有关于这个问题的 issue:https://github.com/etcd-io/etcd/issues/9785
-
+
### 结语
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/07/25/apachecon-asia.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/07/25/apachecon-asia.md
index 36c4550..3283266 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/07/25/apachecon-asia.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/07/25/apachecon-asia.md
@@ -20,7 +20,7 @@ ApacheCon 是 Apache 软件基金会的官方全球系列会议。自 1998 年
ApacheCon Asia 是 ApacheCon 组委会针对亚太地区举办的 ApacheCon 在线会议,主要目标在于更好地服务亚太地区快速增长的 Apache 用户和贡献者。ApacheCon Asia 2021 将于今年 8 月 6-8 日在线举办。
-
+
近期 ApacheCon Asia 2021 团队正式公布了大会日程,Apache APISIX 社区积极参与本次年度开源盛会,共提报了 8 个 API/微服务技术相关的议题,内容丰富,欢迎关注。同时,ApacheCon Asia 2021 也为无法参加在线会议的各位开源爱好者提供了每个议题的回放和录播视频,详情请移步 [Apache Local Community 北京本地社区](https://space.bilibili.com/609014805)。
@@ -38,7 +38,7 @@ Apache APISIX 是 Apache 顶级项目,也是全球最活跃的开源网关项
### 分享嘉宾
-
+
陈焱山 — 毕业后一直从事分布式存储软件开发及架构方案设计工作,深度参与了移动云建设过程,重点完成了对象存储相关的主要技术方案选型及落地开发建设工作。同时,在分布式对象存储领域拥有丰富的实战经验,目前正在思考基于 APISIX 七层网关实现对象存储流量治理工作,实现架构进一步升级。
@@ -56,7 +56,7 @@ Apache APISIX 是 Apache 顶级项目,也是全球最活跃的开源网关项
### 分享嘉宾
-
+
陈军旭 — 互联网老兵,曾任职于新浪、迅雷、360 等知名互联网公司,Apache APISIX Committer。
@@ -74,7 +74,7 @@ Apache APISIX 是领先的 API 网关 OSS 之一。为了确保一切按计划
### 分享嘉宾
-
+
吴舒旸 — Apache APISIX 和 Chaos Mesh 的 Committer,他领导了 Chaos Mesh 与 Apache APISIX CI 的整合工作。
@@ -90,7 +90,7 @@ Apache APISIX 是领先的 API 网关 OSS 之一。为了确保一切按计划
### 分享嘉宾
-
+
朱欣欣 — Apache APISIX Committer,有多年 CDN 工作经验,熟悉网关。
@@ -106,7 +106,7 @@ Apache APISIX 是领先的 API 网关 OSS 之一。为了确保一切按计划
### 分享嘉宾
-
+
王院生 — 开源爱好者 Apache APISIX 创始人和 PMC 成员。
@@ -122,7 +122,7 @@ Apache APISIX 是领先的 API 网关 OSS 之一。为了确保一切按计划
### 分享嘉宾
-
+
张超 — Apache APISIX PMC,OpenResty 贡献者,开源爱好者,现在正在研究 Service Mesh、Kubernetes 和 API Gateway。
@@ -142,7 +142,7 @@ Apache APISIX 是最受欢迎的 API 网关之一:https://github.com/apache/ap
### 分享嘉宾
-
+
罗泽轩 — Apache APISIX PMC,OpenResty 开发者。
@@ -158,7 +158,7 @@ Apache APISIX 是最受欢迎的 API 网关之一:https://github.com/apache/ap
### 分享嘉宾
-
+
金卫 — Apache APISIX PMC,Apache apisix-ingress-controller Founder,Apache Skywalking Committer。
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/07/27/use-of-plugin-orchestration-in-Apache-APISIX.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/07/27/use-of-plugin-orchestration-in-Apache-APISIX.md
index a6abba1..1d1e69a 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/07/27/use-of-plugin-orchestration-in-Apache-APISIX.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/07/27/use-of-plugin-orchestration-in-Apache-APISIX.md
@@ -24,7 +24,7 @@ Apache APISIX 是一个生产可用的七层全流量处理平台,可作为 AP
如下方架构图所示,Apache APISIX 分为数据面(左侧)与控制面(右侧)两部分:通过控制面下发配置到 ETCD,数据面借助丰富的插件处理内外流量。
-
+
Apache APISIX 暴露了一组接口,方便我们为 API 绑定插件。如果我们希望为 API 增加限速能力,只需为 API 绑定 `limit-req` 插件:
@@ -80,7 +80,7 @@ curl -X PUT http://127.0.0.1:9080/apisix/admin/routes/1 -d '
那么 Apache APISIX 是如何与低代码能力结合的呢?这需要数据面 Apache APISIX 与控制面 Apache APISIX Dashboard 共同配合完成。整体流程如下:
-
+
### Apache APISIX
@@ -100,7 +100,7 @@ curl -X PUT http://127.0.0.1:9080/apisix/admin/routes/1 -d '
为了生成合法、有效的 script 函数,ManagerAPI 选择了 DAG 有向无环图的数据结构进行底层设计,并自主研发了 `dag-to-lua` [项目](https://github.com/api7/dag-to-lua):它将根节点作为开始节点,根据判断条件决定下一个流转插件,这将有效避免逻辑死循环。如下为 DAG 数据结构的示意图:
-
+
对应到 ManagerAPI 接收的 `script` 参数上,示例如下:
@@ -148,21 +148,21 @@ curl -X PUT http://127.0.0.1:9080/apisix/admin/routes/1 -d '
在 Web 侧,经过挑选、对比与项目验证,我们选择了蚂蚁金服开源的 X6 图编辑引擎作为插件编排 Web 部分的底层框架,除了完善、清晰的文档外,一系列开箱即用的交互组件以及节点可定制化能力也是我们选择它的原因。
-
+
在编排实现过程中,我们抽象出了通用元件与插件元件的概念:通用元件是指开始节点、结束节点与条件判断节点,插件元件则是每一个可用的 Apache APISIX 插件,通过将这些元件拖拽到画板中来完成插件编排的流程。如图所示:
-
+
在拖拽过程中,我们需要限制一系列的边界条件,这里有几个例子:
当插件未配置时,系统将出现「存在未配置的元件」的错误提示,可以直观地看到哪个插件没有配置数据:
-
+
当编辑某条 API 时,若该 API 已经绑定了插件数据,当使用插件编排模式时,系统在检测后将出现警告信息,只有用户明确确认希望使用编排模式时,系统才能继续进行。这可以有效避免 API 数据被误操作的情况。
-
+
此外,还存在诸如开始元件只能有一个输出、条件判断元件只能有一个输入等情况。试想:如果系统不加限制地让用户操作,不合理的插件组合既无意义,又会产生无法预料的错误,因此不断丰富边界条件,也是在设计插件编排时需要着重考虑的问题。
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/09/Apache-APISIX-in-China-Mobile-Cloud.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/09/Apache-APISIX-in-China-Mobile-Cloud.md
index bde4dd8..4c76bc0 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/09/Apache-APISIX-in-China-Mobile-Cloud.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/09/Apache-APISIX-in-China-Mobile-Cloud.md
@@ -24,7 +24,7 @@ tags: [Interview]
当前,我主要关注于对象存储在交互编排、流量治理等方面的能力,促进我们第四代对象存储产品进一步实现架构升级。同时,我们也希望能够基于 Ingress Controller 的能力,来实现统一流量访问入口,并包括灰度发布、流量管控等功能。这些是我们当前正在做的一些工作。
-
+
**Q:您说的这些内容多少都与 Apache APISIX 有关联,您在今年 ApacheCon 亚洲大会上也有一场分享,想问下您会带来哪些精彩分享?**
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/11/interview-TuZhengsong.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/11/interview-TuZhengsong.md
index 5f23f8f..8b9885c 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/11/interview-TuZhengsong.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/11/interview-TuZhengsong.md
@@ -23,7 +23,7 @@ tags: [Interview]
历时 282 天,屠正松(GitHub ID:tzssangglass)从开源社区的小白成长为了 Apache APISIX 的 committer。
-
+
屠正松因深度参与 Apache APISIX 的开发,在社区中贡献很多,2021 年 7 月 22 日被推选为 Apache APISIX committer。
@@ -80,7 +80,7 @@ tags: [Interview]
当时正松内心非常的兴奋,马上按照那个新手指南的引导把 PR 提上去了。然后接受 Code Review 的意见,进一步修改代码。终于,在 10 月 18 号,PR 顺利地 merge 进了仓库。
-
+
“当时我非常的激动,感觉自己终于实质性地参与到开源社区里面去了。我可以给 Apache 基金会的顶级项目提交代码了!作为一个技术工作者,这是一种技术上的自信。”
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/14/contributors-the-golden-metric-of-openSource-projects.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/14/contributors-the-golden-metric-of-openSource-projects.md
index 26c27b1..df8eab5 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/14/contributors-the-golden-metric-of-openSource-projects.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/14/contributors-the-golden-metric-of-openSource-projects.md
@@ -28,7 +28,7 @@ tags: [Community]
- Issue 和 PR 数:GitHub 提供了 Insights 功能,如下图所示:
-
+
可以选择最近一周、最近一个月的时间内,这个开源项目的 Issue 和 PR 的新建和关闭数。上图是 Apache APISIX 最近一个月的数据。
@@ -36,7 +36,7 @@ GitHub insights 提供了一个非常棒的开发者视角,但还不够完美
- Commit 频率和数据:下图是 Apache APISIX 从项目创建到现在的 Commit 频率统计,可以看出 Apache APISIX 保持了非常稳定和持续的开发,但这个指标也略显单薄:看不到提交这些 Commit 的开发者的数据;
-
+
看到这里,你是不是觉得选择一个开源项目好复杂,看了这么多指标都得不出答案。有没有一个“金指标”,一个通过 marketing 砸不出来的指标?一个能够体现“开发者为核心”的指标?
@@ -44,11 +44,11 @@ GitHub insights 提供了一个非常棒的开发者视角,但还不够完美
## 贡献者增长
-
+
## 月度活跃贡献者
-
+
通过上面两个表格,你可以清晰的看到 Apache APISIX 从创办至今,贡献者都保持着稳定的增长,每个月都有 25 个左右的代码贡献者参与其中。
@@ -60,7 +60,7 @@ GitHub insights 提供了一个非常棒的开发者视角,但还不够完美
通过同时展示同一领域中的多个仓库,我们也可以直观比较不同社区的发展情况。
-
+
在上图中,我们可以看到 Apache APISIX 的贡献者人数以非常快的速度增长,仅仅用了两年时间,贡献者人数就基本赶上甚至超越了其他开源网关项目。
@@ -68,13 +68,13 @@ GitHub insights 提供了一个非常棒的开发者视角,但还不够完美
相比贡献者增长曲线,月度贡献者可以更好衡量短时间内的社区发展情况。
-
+
例如在上图中,我们可以看到如今 Apache APISIX 是多个开源网关项目中的月度贡献者人数最多、最稳定的。
这也解释了为何 Apache APISIX 可以在开源后如此短的时间内在总贡献者人数上赶上友商们。
-
+
上面这张比较开源消息中间件社区的月度贡献者的图,曾在推特引发热议。
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/18/Auth-with-Casbin-in-Apache-APISIX.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/18/Auth-with-Casbin-in-Apache-APISIX.md
index 7b31aae..093590a 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/18/Auth-with-Casbin-in-Apache-APISIX.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/18/Auth-with-Casbin-in-Apache-APISIX.md
@@ -40,7 +40,7 @@ authz-casbin 插件可以把路由匹配和请求授权这两个功能很好地
authz-casbin 插件使用三个参数来进行授权:subject、object 和 action。subject 是用户名,代指请求中的用户;object 是将要被访问的 URL 链接也就是将被访问的资源;action 是请求授权的行为,比如读操作(read)或者是写操作(write)。
假如,我们想要创建一个模型来访问三个资源:/,/res1,/res2,我们想要一个类似于这样的模型:
-
+
在这个模型中,所有的用户,例如 Jack,可以访问主页面(/)。而像 Alice 和 Bob 具有管理员权限的用户则可以访问所有的页面和资源(/res1,/res2,/)。这样,我们就需要来限制没有管理员权限的用户只能使用 GET 请求方法访问特定的资源。所需要的模型如下:
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/19/go-makes-Apache-APISIX-better.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/19/go-makes-Apache-APISIX-better.md
index 0bd0eba..1dd7ad2 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/19/go-makes-Apache-APISIX-better.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/19/go-makes-Apache-APISIX-better.md
@@ -143,7 +143,7 @@ APISIX_LISTEN_ADDRESS=unix:/tmp/runner.sock APISIX_CONF_EXPIRE_TIME=3600 ./go-ru
首先要安装 Apache APISIX,需要和 Go Runner 位于同一实例上。
-
+
上图左边是 Apache APISIX 的工作流程,右边的 plugin runner 负责运行不同语言编写的外部插件。apisix-go-plugin-runner 就是这样支持 Go 语言的 runner。
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/19/weekly-report.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/19/weekly-report.md
index 3587b44..fe2daed 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/19/weekly-report.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/19/weekly-report.md
@@ -36,7 +36,7 @@ tags: [Events]
链接:https://github.com/apache/apisix/issues/4800
**问题描述**:Admin API 中关于创建 Route 入参 (vars) 的描述有错误.
-
+
**解决方案**:在 json 中,方括号表示数组,而花括号表示对象。这里明显是想表述是数组嵌套数组的方式,但是用两个花括号在 json 里面是错误的书写方式。所以这里应该是方括号。
```json
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/21/shanghai-meetup.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/21/shanghai-meetup.md
index e104229..f7e8537 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/21/shanghai-meetup.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/21/shanghai-meetup.md
@@ -30,7 +30,7 @@ tips:疫情防控不放松,我们将会控制现场活动规模,名额有
## 活动安排
-
+
## 议题介绍
@@ -78,7 +78,7 @@ Apache APISIX 从开源第一天就以社区方式成长,短短两年时间产
参加 Meetup,与讲师互动,有机会获得 Apache APISIX 最新周边:超大鼠标垫、精致马克杯、Apache APISIX 徽章、定制雨伞。
-
+
## 参与方式
@@ -90,10 +90,10 @@ Apache APISIX 从开源第一天就以社区方式成长,短短两年时间产
如果不能到现场参加 Meetup,关注 Apache APISIX 视频号观看直播。
-
+
## 入群交流
欢迎关注 Apache APISIX 公众号,在后台回复关键字“上海”,加入 Apache APISIX 上海交流群。
-
+
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/25/Using-the-Apache-APISIX-OpenID-Connect-Plugin-for-Centralized-Authentication.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/25/Using-the-Apache-APISIX-OpenID-Connect-Plugin-for-Centralized-Authentication.md
index 5d47957..61f1b20 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/25/Using-the-Apache-APISIX-OpenID-Connect-Plugin-for-Centralized-Authentication.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/08/25/Using-the-Apache-APISIX-OpenID-Connect-Plugin-for-Centralized-Authentication.md
@@ -29,13 +29,13 @@ tags: [Practical Case]
在传统认证模式下,各个应用服务需要单独支持身份认证,例如当用户未登录时访问登录接口,接口返回 301 跳转页面。应用需要开发维护 Session 以及和身份提供商的认证交互等逻辑。传统认证模式的流程如下图所示:首先由用户发起请求(request),然后由网关接收请求并将其转发至对应的应用服务,最后由应用服务与身份提供方对接,完成身份认证(authorization)。
-
+
### 集中认证模式
与传统认证模式不同,集中身份认证模式把用户认证从应用服务中抽离了出来,以 Apache APISIX 为例,集中认证的流程如下图所示:首先由用户发起请求(request),然后由前置的网关负责用户认证流程,与身份提供方对接,向身份提供方发送身份认证(authorization)请求。身份提供方返回用户身份信息(user info)。网关完成用户身份识别后,将用户身份信息通过请求头的形式转发至后端应用。
-
+
相比较传统认证模式,集中认证模式下有如下优点:
@@ -58,7 +58,7 @@ OpenID 认证过程有以下 7 个步骤,如下图所示。
6. APISIX 将 Access Token 发送到 Identity Provider 的 User Endpoint,以进行获取用户身份。
7. 通过认证后,User Endpoint 将 User info 发送到 APISIX,完成身份验证。
-
+
## 如何使用 Apache APISIX 的 OpenID Connect 插件配置 Okta 认证
@@ -71,20 +71,20 @@ OpenID 认证过程有以下 7 个步骤,如下图所示。
### 步骤一:配置 Okta
1. 登录你的 Okta 账号,并创建一个 Okta 应用,选择 OIDC 登录模式以及 Web Application 应用类型。
- 
- 
+ 
+ 
2. 设置登录和登出的跳转 URL。
其中 “Sign-in redirect URIs” 为登录成功允许跳转的链接地址,“Sign-out redirect URIs” 表示登出之后跳转的链接地址。在这个示例中,我们将登录成功跳转和登出之后跳转的链接地址都设置为 `http://127.0.0.1:9080/`。
- 
+ 
3. 完成设置以后,单击“Save”保存修改。
- 
+ 
4. 访问应用的 General 页面,获取以下配置,配置 Apache APISIX OpenID Connect 时需要提供这些信息:
- Client ID:OAuth client ID,即应用的 ID,与下文的 `client_id` 和 `{YOUR_CLIENT_ID}` 对应。
- Client secret:OAuth client secret,即应用密钥,与下文的 `client_secret` 和 `{YOUR_CLIENT_SECRET}` 对应。
- Okta domain:应用使用的域名,与下文的 discovery 中的 `{YOUR_ISSUER}` 对应。
-
+
### 安装 Apache APISIX
@@ -213,7 +213,7 @@ curl -XPOST 127.0.0.1:9080/apisix/admin/routes -H "X-Api-Key: edd1c9f034335f136
1. 访问 http://127.0.0.1:9080/get ,因为开启了 OpenID Connect 插件,所以页面被重定向到 Okta 登录页面。
-
+
2. 输入用户在 Okta 注册的账号密码,单击“Sign in”,登录 Okta 账户。
@@ -229,15 +229,15 @@ curl -XPOST 127.0.0.1:9080/apisix/admin/routes -H "X-Api-Key: edd1c9f034335f136
**X-Access-Token**:Apache APISIX 将从用户提供商获取到的 access token 放入 X-Access-Token 请求头,可以通过插件配置中的 access_token_in_authorization_header 来选择是否放入 Authorization 请求头中。
-
+
**X-Id-Token**:Apache APISIX 将从用户提供商获取到的 ID token 通过 base64 编码之后放入 X-Id-Token 请求头,可以通过插件配置中的 set_id_token_header 来选择是否开启该功能,默认为为开启状态。
-
+
**X-Userinfo**: Apache APISIX 将从用户提供商获取到的用户信息,通过 base64 编码之后放入 X-Userinfo,你可以通过插件配置中的 set_userinfo_header 来选择是否开启该功能,默认为开启状态。
-
+
由此可以看到,Apache APISIX 将会携带 X-Access-Token,X-Id-Token,X-Userinfo 三个请求头传递至上游。上游可以通过解析这几个头部,从而获取到用户 ID 信息和用户的元数据。
diff --git a/website/i18n/zh/docusaurus-plugin-content-blog/2021/09/06/python-helps-you-quickly-with-Apache-APISIX-development.md b/website/i18n/zh/docusaurus-plugin-content-blog/2021/09/06/python-helps-you-quickly-with-Apache-APISIX-development.md
index b7fc4e6..c7464a6 100644
--- a/website/i18n/zh/docusaurus-plugin-content-blog/2021/09/06/python-helps-you-quickly-with-Apache-APISIX-development.md
+++ b/website/i18n/zh/docusaurus-plugin-content-blog/2021/09/06/python-helps-you-quickly-with-Apache-APISIX-development.md
@@ -41,7 +41,7 @@ tags: [Practical Case]
之间的一道桥梁,通过 `Python Runner` 可以把 `Python` 直接应用到 `APISIX` 的插件开发中,最重要的还是希望让更多对 `Apache APISIX` 和 `API 网关` 感兴趣的 `Python开发者`
通过这个项目更多的了解使用 `Apache APISIX`,以下为 `Apache APISIX` 多语言支持的架构图。
-
+
上图左边是 `Apache APISIX` 的工作流程,右边的 `Plugin Runner` 是各语言的插件运行器,本文介绍的 `apisix-python-plugin-runner` 就是支持 `Python`
语言的 `Plugin Runner`。