alexsun/compose-anything
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add apisix/etcd/grafana/prometheus

Browse Source
This commit is contained in:
Sun-ZhenXing
2025-09-26 16:40:04 +08:00
parent 8e096fb9a7
commit 30014852ca
17 changed files with 1473 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/apisix/.env.example Normal file
View File

@@ -0,0 +1,34 @@
# Apache APISIX Environment Variables
# APISIX image version
APISIX_VERSION=3.13.0-debian
# Host port mapping for HTTP traffic (9080)
APISIX_HTTP_PORT_OVERRIDE=9080
# Host port mapping for HTTPS traffic (9443)
APISIX_HTTPS_PORT_OVERRIDE=9443
# Host port mapping for Admin API (9180)
APISIX_ADMIN_PORT_OVERRIDE=9180
# Run APISIX in standalone mode (without etcd)
APISIX_STAND_ALONE=false
# etcd image version
ETCD_VERSION=v3.6.0
# Host port mapping for etcd client connections (2379)
ETCD_CLIENT_PORT_OVERRIDE=2379
# APISIX Dashboard image version
APISIX_DASHBOARD_VERSION=3.0.1-alpine
# Host port mapping for Dashboard (9000)
APISIX_DASHBOARD_PORT_OVERRIDE=9000
# Dashboard admin username
APISIX_DASHBOARD_USER=admin
# Dashboard admin password - CHANGE THIS FOR PRODUCTION!
APISIX_DASHBOARD_PASSWORD=admin

209
src/apisix/README.md Normal file
View File

@@ -0,0 +1,209 @@
# Apache APISIX
[English](./README.md) | [中文](./README.zh.md)
This service deploys Apache APISIX, a dynamic, real-time, high-performance cloud-native API gateway.
## Services
- `apisix`: The APISIX API gateway.
- `etcd`: The configuration storage backend for APISIX.
- `apisix-dashboard` (optional): Web UI for managing APISIX configuration.
## Environment Variables
| Variable Name | Description | Default Value |
| ------------------------------ | ---------------------------------------------------- | --------------- |
| APISIX_VERSION | APISIX image version | `3.13.0-debian` |
| APISIX_HTTP_PORT_OVERRIDE | Host port mapping for HTTP traffic (9080) | `9080` |
| APISIX_HTTPS_PORT_OVERRIDE | Host port mapping for HTTPS traffic (9443) | `9443` |
| APISIX_ADMIN_PORT_OVERRIDE | Host port mapping for Admin API (9180) | `9180` |
| APISIX_STAND_ALONE | Run APISIX in standalone mode (without etcd) | `false` |
| ETCD_VERSION | etcd image version | `v3.6.0` |
| ETCD_CLIENT_PORT_OVERRIDE | Host port mapping for etcd client connections (2379) | `2379` |
| APISIX_DASHBOARD_VERSION | APISIX Dashboard image version | `3.0.1-alpine` |
| APISIX_DASHBOARD_PORT_OVERRIDE | Host port mapping for Dashboard (9000) | `9000` |
| APISIX_DASHBOARD_USER | Dashboard admin username | `admin` |
| APISIX_DASHBOARD_PASSWORD | Dashboard admin password | `admin` |
Please modify the `.env` file as needed for your use case.
## Volumes
- `apisix_logs`: A volume for storing APISIX logs.
- `etcd_data`: A volume for storing etcd configuration data.
- `dashboard_conf`: A volume for storing Dashboard configuration.
- `config.yaml`: Optional custom APISIX configuration file (mount to `/usr/local/apisix/conf/config.yaml`).
- `apisix.yaml`: Optional custom APISIX route configuration file (mount to `/usr/local/apisix/conf/apisix.yaml`).
## Network Ports
- `9080`: HTTP traffic port
- `9443`: HTTPS traffic port
- `9180`: Admin API port
- `9000`: Dashboard web interface (optional)
- `2379`: etcd client port
## Usage
### Basic Setup
1. Start the services:
```bash
docker compose up -d
```
2. Access the Admin API:
```bash
curl http://localhost:9180/apisix/admin/routes
```
### With Dashboard
To enable the web dashboard, use the `dashboard` profile:
```bash
docker compose --profile dashboard up -d
```
Access the dashboard at `http://localhost:9000` with credentials:
- Username: `admin` (configurable via `APISIX_DASHBOARD_USER`)
- Password: `admin` (configurable via `APISIX_DASHBOARD_PASSWORD`)
### Creating Routes
#### Using Admin API
Create a simple route:
```bash
curl -X PUT http://localhost:9180/apisix/admin/routes/1 \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
-H 'Content-Type: application/json' \
-d '{
"uri": "/get",
"upstream": {
"type": "roundrobin",
"nodes": {
"httpbin.org:80": 1
}
}
}'
```
Test the route:
```bash
curl http://localhost:9080/get
```
#### Using Dashboard
1. Access the dashboard at `http://localhost:9000`
2. Login with admin credentials
3. Navigate to "Route" section
4. Create and configure routes through the web interface
### Configuration Files
#### Custom APISIX Configuration
Mount a custom `config.yaml` file:
```yaml
volumes:
- ./config.yaml:/usr/local/apisix/conf/config.yaml
```
Example `config.yaml`:
```yaml
apisix:
node_listen: 9080
enable_ipv6: false
enable_admin: true
port_admin: 9180
etcd:
host:
- "http://etcd:2379"
prefix: "/apisix"
timeout: 30
plugin_attr:
prometheus:
export_addr:
ip: "0.0.0.0"
port: 9091
```
#### Standalone Mode
For simple setups without etcd, enable standalone mode:
```env
APISIX_STAND_ALONE=true
```
Mount an `apisix.yaml` file with route definitions:
```yaml
volumes:
- ./apisix.yaml:/usr/local/apisix/conf/apisix.yaml
```
### SSL/TLS Configuration
To enable HTTPS:
1. Mount SSL certificates
2. Configure SSL in `config.yaml`
3. Create SSL-enabled routes
Example SSL volume mount:
```yaml
volumes:
- ./ssl:/usr/local/apisix/conf/cert
```
### Plugins
APISIX supports numerous plugins for authentication, rate limiting, logging, etc.:
- Authentication: `jwt-auth`, `key-auth`, `oauth`
- Rate Limiting: `limit-req`, `limit-conn`, `limit-count`
- Observability: `prometheus`, `zipkin`, `skywalking`
- Security: `cors`, `csrf`, `ip-restriction`
Enable plugins through the Admin API or Dashboard.
## Security Notes
- **Change the default Admin API key** (`edd1c9f034335f136f87ad84b625c8f1`) in production
- **Change dashboard credentials** for production use
- Configure proper SSL/TLS certificates for HTTPS
- Use authentication plugins for sensitive routes
- Implement rate limiting to prevent abuse
- Regular security updates are recommended
## Monitoring
APISIX provides built-in metrics for Prometheus:
- Enable the `prometheus` plugin
- Metrics available at `http://localhost:9091/apisix/prometheus/metrics`
## Performance Tuning
- Adjust worker processes based on CPU cores
- Configure appropriate buffer sizes
- Use connection pooling for upstream services
- Enable response caching when appropriate
## License
Apache APISIX is licensed under the Apache 2.0 license.

209
src/apisix/README.zh.md Normal file
View File

@@ -0,0 +1,209 @@
# Apache APISIX
[English](./README.md) | [中文](./README.zh.md)
本服务部署 Apache APISIX这是一个动态、实时、高性能的云原生 API 网关。
## 服务
- `apisix`: APISIX API 网关。
- `etcd`: APISIX 的配置存储后端。
- `apisix-dashboard`(可选): 用于管理 APISIX 配置的 Web UI。
## 环境变量
| 变量名 | 描述 | 默认值 |
| ------------------------------ | ------------------------------------- | --------------- |
| APISIX_VERSION | APISIX 镜像版本 | `3.13.0-debian` |
| APISIX_HTTP_PORT_OVERRIDE | HTTP 流量的主机端口映射9080 | `9080` |
| APISIX_HTTPS_PORT_OVERRIDE | HTTPS 流量的主机端口映射9443 | `9443` |
| APISIX_ADMIN_PORT_OVERRIDE | Admin API 的主机端口映射9180 | `9180` |
| APISIX_STAND_ALONE | 以独立模式运行 APISIX不使用 etcd | `false` |
| ETCD_VERSION | etcd 镜像版本 | `v3.6.0` |
| ETCD_CLIENT_PORT_OVERRIDE | etcd 客户端连接的主机端口映射2379 | `2379` |
| APISIX_DASHBOARD_VERSION | APISIX Dashboard 镜像版本 | `3.0.1-alpine` |
| APISIX_DASHBOARD_PORT_OVERRIDE | Dashboard 的主机端口映射9000 | `9000` |
| APISIX_DASHBOARD_USER | Dashboard 管理员用户名 | `admin` |
| APISIX_DASHBOARD_PASSWORD | Dashboard 管理员密码 | `admin` |
请根据您的使用情况修改 `.env` 文件。
## 数据卷
- `apisix_logs`: 用于存储 APISIX 日志的数据卷。
- `etcd_data`: 用于存储 etcd 配置数据的数据卷。
- `dashboard_conf`: 用于存储 Dashboard 配置的数据卷。
- `config.yaml`: 可选的自定义 APISIX 配置文件(挂载到 `/usr/local/apisix/conf/config.yaml`)。
- `apisix.yaml`: 可选的自定义 APISIX 路由配置文件(挂载到 `/usr/local/apisix/conf/apisix.yaml`)。
## 网络端口
- `9080`: HTTP 流量端口
- `9443`: HTTPS 流量端口
- `9180`: Admin API 端口
- `9000`: Dashboard Web 界面(可选)
- `2379`: etcd 客户端端口
## 使用方法
### 基本设置
1. 启动服务:
```bash
docker compose up -d
```
2. 访问 Admin API
```bash
curl http://localhost:9180/apisix/admin/routes
```
### 使用 Dashboard
要启用 Web 仪表板,使用 `dashboard` 配置文件:
```bash
docker compose --profile dashboard up -d
```
在 `http://localhost:9000` 访问仪表板,凭据:
- 用户名: `admin`(可通过 `APISIX_DASHBOARD_USER` 配置)
- 密码: `admin`(可通过 `APISIX_DASHBOARD_PASSWORD` 配置)
### 创建路由
#### 使用 Admin API
创建简单路由:
```bash
curl -X PUT http://localhost:9180/apisix/admin/routes/1 \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
-H 'Content-Type: application/json' \
-d '{
"uri": "/get",
"upstream": {
"type": "roundrobin",
"nodes": {
"httpbin.org:80": 1
}
}
}'
```
测试路由:
```bash
curl http://localhost:9080/get
```
#### 使用 Admin Dashboard
1. 在 `http://localhost:9000` 访问仪表板
2. 使用管理员凭据登录
3. 导航到"路由"部分
4. 通过 Web 界面创建和配置路由
### 配置文件
#### 自定义 APISIX 配置
挂载自定义 `config.yaml` 文件:
```yaml
volumes:
- ./config.yaml:/usr/local/apisix/conf/config.yaml
```
示例 `config.yaml`
```yaml
apisix:
node_listen: 9080
enable_ipv6: false
enable_admin: true
port_admin: 9180
etcd:
host:
- "http://etcd:2379"
prefix: "/apisix"
timeout: 30
plugin_attr:
prometheus:
export_addr:
ip: "0.0.0.0"
port: 9091
```
#### 独立模式
对于不使用 etcd 的简单设置,启用独立模式:
```env
APISIX_STAND_ALONE=true
```
挂载带有路由定义的 `apisix.yaml` 文件:
```yaml
volumes:
- ./apisix.yaml:/usr/local/apisix/conf/apisix.yaml
```
### SSL/TLS 配置
要启用 HTTPS
1. 挂载 SSL 证书
2. 在 `config.yaml` 中配置 SSL
3. 创建启用 SSL 的路由
SSL 卷挂载示例:
```yaml
volumes:
- ./ssl:/usr/local/apisix/conf/cert
```
### 插件
APISIX 支持众多插件,用于身份验证、速率限制、日志记录等:
- 身份验证: `jwt-auth`、`key-auth`、`oauth`
- 速率限制: `limit-req`、`limit-conn`、`limit-count`
- 可观察性: `prometheus`、`zipkin`、`skywalking`
- 安全性: `cors`、`csrf`、`ip-restriction`
通过 Admin API 或 Dashboard 启用插件。
## 安全注意事项
- **在生产环境中更改默认 Admin API 密钥**`edd1c9f034335f136f87ad84b625c8f1`
- **为生产使用更改仪表板凭据**
- 为 HTTPS 配置适当的 SSL/TLS 证书
- 对敏感路由使用身份验证插件
- 实施速率限制以防止滥用
- 建议定期进行安全更新
## 监控
APISIX 为 Prometheus 提供内置指标:
- 启用 `prometheus` 插件
- 指标可在 `http://localhost:9091/apisix/prometheus/metrics` 获得
## 性能调优
- 根据 CPU 核心数调整工作进程
- 配置适当的缓冲区大小
- 为上游服务使用连接池
- 在适当时启用响应缓存
## 许可证
Apache APISIX 采用 Apache 2.0 许可证。

121
src/apisix/docker-compose.yaml Normal file
View File

@@ -0,0 +1,121 @@
x-default: &default
restart: unless-stopped
volumes:
- &localtime /etc/localtime:/etc/localtime:ro
- &timezone /etc/timezone:/etc/timezone:ro
logging:
driver: json-file
options:
max-size: 100m
services:
apisix:
<<: *default
image: apache/apisix:${APISIX_VERSION:-3.13.0-debian}
container_name: apisix
ports:
- "${APISIX_HTTP_PORT_OVERRIDE:-9080}:9080"
- "${APISIX_HTTPS_PORT_OVERRIDE:-9443}:9443"
- "${APISIX_ADMIN_PORT_OVERRIDE:-9180}:9180"
volumes:
- *localtime
- *timezone
- apisix_logs:/usr/local/apisix/logs
# Optional: Mount custom configuration
# - ./config.yaml:/usr/local/apisix/conf/config.yaml
# - ./apisix.yaml:/usr/local/apisix/conf/apisix.yaml
environment:
- APISIX_STAND_ALONE=${APISIX_STAND_ALONE:-false}
depends_on:
- etcd
deploy:
resources:
limits:
cpus: '1.0'
memory: 1G
reservations:
cpus: '0.25'
memory: 256M
etcd:
<<: *default
image: quay.io/coreos/etcd:${ETCD_VERSION:-v3.6.0}
container_name: apisix-etcd
ports:
- "${ETCD_CLIENT_PORT_OVERRIDE:-2379}:2379"
volumes:
- *localtime
- *timezone
- etcd_data:/etcd-data
environment:
- ETCD_NAME=apisix-etcd
- ETCD_DATA_DIR=/etcd-data
- ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379
- ETCD_ADVERTISE_CLIENT_URLS=http://etcd:2379
- ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd:2380
- ETCD_INITIAL_CLUSTER=apisix-etcd=http://etcd:2380
- ETCD_INITIAL_CLUSTER_STATE=new
- ETCD_INITIAL_CLUSTER_TOKEN=apisix-etcd-cluster
- ETCD_AUTO_COMPACTION_RETENTION=1
- ETCD_QUOTA_BACKEND_BYTES=2147483648
- ETCD_HEARTBEAT_INTERVAL=100
- ETCD_ELECTION_TIMEOUT=1000
- ETCD_ENABLE_V2=false
command:
- etcd
- --name=apisix-etcd
- --data-dir=/etcd-data
- --listen-client-urls=http://0.0.0.0:2379
- --advertise-client-urls=http://etcd:2379
- --listen-peer-urls=http://0.0.0.0:2380
- --initial-advertise-peer-urls=http://etcd:2380
- --initial-cluster=apisix-etcd=http://etcd:2380
- --initial-cluster-state=new
- --initial-cluster-token=apisix-etcd-cluster
- --auto-compaction-retention=1
- --quota-backend-bytes=2147483648
- --heartbeat-interval=100
- --election-timeout=1000
- --enable-v2=false
deploy:
resources:
limits:
cpus: '0.5'
memory: 512M
reservations:
cpus: '0.1'
memory: 128M
# Optional: APISIX Dashboard
apisix-dashboard:
<<: *default
image: apache/apisix-dashboard:${APISIX_DASHBOARD_VERSION:-3.0.1-alpine}
container_name: apisix-dashboard
ports:
- "${APISIX_DASHBOARD_PORT_OVERRIDE:-9000}:9000"
volumes:
- *localtime
- *timezone
- dashboard_conf:/usr/local/apisix-dashboard/conf
environment:
- APISIX_DASHBOARD_USER=${APISIX_DASHBOARD_USER:-admin}
- APISIX_DASHBOARD_PASSWORD=${APISIX_DASHBOARD_PASSWORD:-admin}
depends_on:
- apisix
profiles:
- dashboard
deploy:
resources:
limits:
cpus: '0.5'
memory: 512M
reservations:
cpus: '0.1'
memory: 128M
volumes:
apisix_logs:
etcd_data:
dashboard_conf: