You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2021/11/24 02:38:57 UTC
[GitHub] [apisix] ImCHT opened a new issue #5597: request help: delete etcd key after starting apisix, then error: no healthy etcd endpoint available
ImCHT opened a new issue #5597:
URL: https://github.com/apache/apisix/issues/5597
### Issue description
Apisix doesn't cache etcd private key in memory? After I delete etcd key file after starting apisix, it can not connect to the etcd. For security reasons, I need to delete the etcd private key file.
This is my apisix config about etcd:
This is the apisix error log:
### Environment
- apisix version (cmd: `apisix version`):2.9
- OS (cmd: `uname -a`):eulerosv2r9.x86_64
- OpenResty / Nginx version (cmd: `nginx -V` or `openresty -V`):
-
- etcd version, if have (cmd: run `curl http://127.0.0.1:9090/v1/server_info` to get the info from server-info API):
-
- apisix-dashboard version, if have:
- the plugin runner version, if the issue is about a plugin runner (cmd: depended on the kind of runner):
- luarocks version, if the issue is about installation (cmd: `luarocks --version`):
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] ImCHT closed issue #5597: request help: delete etcd key after starting apisix, then error: no healthy etcd endpoint available
Posted by GitBox <gi...@apache.org>.
ImCHT closed issue #5597:
URL: https://github.com/apache/apisix/issues/5597
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] ImCHT commented on issue #5597: request help: delete etcd key after starting apisix, then error: no healthy etcd endpoint available
Posted by GitBox <gi...@apache.org>.
ImCHT commented on issue #5597:
URL: https://github.com/apache/apisix/issues/5597#issuecomment-977856098
Yes, it works well. And after I regenerate the etcd key file, apisix can resume the communication with etcd.
image-20211122105536589
Ok, I know. I may use one-way authentication and iptables to implement two-way authentication.
Thanks!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] ImCHT commented on issue #5597: request help: delete etcd key after starting apisix, then error: no healthy etcd endpoint available
Posted by GitBox <gi...@apache.org>.
ImCHT commented on issue #5597:
URL: https://github.com/apache/apisix/issues/5597#issuecomment-977855160
Yes, it works well. And after I regenerate the etcd key file, apisix can resume the communication with etcd.
Ok, I know. I may use one-way authentication and iptables to implement two-way authentication.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #5597: request help: delete etcd key after starting apisix, then error: no healthy etcd endpoint available
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #5597:
URL: https://github.com/apache/apisix/issues/5597#issuecomment-977515634
if you don't delete etcd key file, would it work well?
AFAIK, we can not delete etcd key file. in extreme cases, worker would exit abnormally after APISIX is running, and then fork a new worker process, which will fail if etcd key file does not exist. data in memory is not permanent.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] ImCHT removed a comment on issue #5597: request help: delete etcd key after starting apisix, then error: no healthy etcd endpoint available
Posted by GitBox <gi...@apache.org>.
ImCHT removed a comment on issue #5597:
URL: https://github.com/apache/apisix/issues/5597#issuecomment-977855160
Yes, it works well. And after I regenerate the etcd key file, apisix can resume the communication with etcd.
Ok, I know. I may use one-way authentication and iptables to implement two-way authentication.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org