apisix/doc
Alex Zhang 5191374545
feat: support TLS connection with etcd. (#2548)
Support the TLS connection when communicating with etcd cluster. We added a configuration item to custom the certificate verification. Whether to setup TLS connection or not depends on the endpoints' scheme, for instance, when endpoints are:

```
etcd:
  host:
    - "https://127.0.0.1:2379"
    - "https://127.0.0.1:3379"
```

APISIX will originate TLS connection automatically, and the Server Name Indication extention will be set by the endpoint host (`127.0.0.1` in above case). Note by default APISIX will verify the certificate, close the verification in configuration explicitly if you want to bypass it.

```
etcd:
  tls:
    verfiy: false
```
2020-11-03 13:53:39 +08:00
..
images doc(readme): Contributor Over Time (#2454) 2020-10-27 10:42:15 +08:00
json plugin(prometheus): update json file for grafana dashboard (#2143) 2020-09-07 08:58:55 +08:00
plugins docs: add the consumer-restriction plugin to support consumer to subscribe to the documents of service (#2265) 2020-11-02 14:06:00 +08:00
zh-cn feat: support TLS connection with etcd. (#2548) 2020-11-03 13:53:39 +08:00
_navbar.md doc: Refactoring docs to support docsify (#1724) 2020-06-19 12:03:55 +08:00
_sidebar.md feat: implemented referer-restriction plugin (#2352) 2020-10-06 18:20:17 +08:00
admin-api.md doc: correct the guide of creating consumer guide in AdminAPI (#2513) 2020-10-26 22:07:37 +08:00
apisix-plugin-design.graffle doc: exported balancer phase for plugin. 2019-07-24 11:09:24 +08:00
architecture-design.md fix: English style mentioned by #2558 (#2559) 2020-10-29 18:53:23 +08:00
batch-processor.md doc: fix some doc styles by markdownlint (#1460) 2020-04-16 19:21:46 +08:00
benchmark.md doc: Refactoring docs to support docsify (#1724) 2020-06-19 12:03:55 +08:00
discovery.md feature: support multiple service discovery (#2556) 2020-10-30 20:34:10 +08:00
getting-started.md doc: fixed some typo and incorrect examples in getting-started.md and syslog.md (#2458) 2020-10-28 22:24:32 +08:00
grpc-proxy.md fix: English style mentioned by #2558 (#2559) 2020-10-29 18:53:23 +08:00
health-check.md doc: fixed typo in health-check.md (#2200) 2020-09-10 19:15:45 +08:00
how-to-build.md release: release 2.0 version. (#2283) 2020-10-27 10:11:04 +08:00
https.md feature: support multiple certificates(RSA and ECC) for single domain (#2089) 2020-08-24 09:23:06 +08:00
index.html doc: remove all ‘incubator’ in doc (#2014) 2020-08-07 07:57:09 +08:00
install-dependencies.md feat: support TLS connection with etcd. (#2548) 2020-11-03 13:53:39 +08:00
mtls.md feat: Support admin API authentication with SSL certificates (#1747) 2020-07-21 11:41:11 +08:00
plugin-develop.md feat: support storing metadata for plugins (#2268) 2020-09-23 21:02:56 +08:00
plugin-interceptors.md feat: use interceptors to protect plugin's route (#2416) 2020-10-17 17:45:26 +08:00
plugins.md fix: plugin hot reload should work on node (#2430) 2020-11-03 13:46:24 +08:00
powered-by.md doc: add more companies to power-by page (#2109) 2020-08-26 16:55:26 +08:00
profile.md doc: fix some doc styles for files in doc/ (#1475) 2020-04-20 09:07:42 +08:00
README.md doc(api-breaker): add doc in README and plugin list (#2580) 2020-10-31 07:30:06 +08:00
router-radixtree.md doc: update router variable example (#2351) 2020-10-04 13:52:04 +08:00
stand-alone.md fix: plugin hot reload should work on node (#2430) 2020-11-03 13:46:24 +08:00
stream-proxy.md doc: Refactoring docs to support docsify (#1724) 2020-06-19 12:03:55 +08:00

Chinese

Reference Documentation

Plugins

General

  • batch-requests: Allow you send mutiple http api via http pipeline.
  • hot reload: Hot reload without reload service.
  • HTTPS/TLS: Dynamic load the SSL Certificate by Server Name Indication (SNI).
  • serverlessAllows to dynamically run Lua code at different phase in APISIX.
  • redirect: URI redirect.

Transformation

  • response-rewrite: Set customized response status code, body and header to the client.
  • proxy-rewrite: Rewrite upstream request information.
  • grpc-transcode: REST <--> gRPC transcoding.
  • fault-injection: The specified response body, response code, and response time can be returned, which provides processing capabilities in different failure scenarios, such as service failure, service overload, and high service delay.

Authentication

  • key-auth: User authentication based on Key Authentication.
  • JWT-auth: User authentication based on JWT (JSON Web Tokens) Authentication.
  • basic-auth: User authentication based on Basic Authentication.
  • oauth: Provides OAuth 2 authentication and introspection.

Authorization

  • authz-keycloak: Authorization with Keycloak Identity Server.
  • wolf-rbac User Authentication and Authorization based on RBAC.

Security

Traffic

  • limit-req: Request rate limiting and adjustment based on the "leaky bucket" method.
  • limit-conn: Limite request concurrency (or concurrent connections).
  • limit-count: Rate limiting based on a "fixed window" implementation.
  • proxy-cache: Provides the ability to cache upstream response data.
  • request-validation: Validates requests before forwarding to upstream.
  • proxy-mirror: Provides the ability to mirror client requests.
  • api-breaker: Circuit Breaker for API that stops requests forwarding to upstream in case of unhealthy state.

Monitoring

  • prometheus: Expose metrics related to APISIX and proxied upstream services in Prometheus exposition format, which can be scraped by a Prometheus Server.
  • OpenTracing: Supports Zikpin and Apache SkyWalking.
  • Skywalking: Supports Apache SkyWalking.

Loggers

Deploy

AWS

The recommended approach is to deploy APISIX with AWS CDK on AWS Fargate which helps you decouple the APISIX layer and the upstream layer on top of a fully-managed and secure serverless container compute environment with autoscaling capabilities.

See this guide by Pahud Hsieh and learn how to provision the recommended architecture 100% in AWS CDK.

Kubernetes

See this guide and learn how to deploy apisix in Kubernetes.