Apache APISIX 2.13.0 released

News 2022-03-29 17:33:31 views: null

It has been more than half a year since the last LTS version of Apache APISIX was released. Today, the Apache APISIX community has brought a brand new LTS version - 2.13.0. This LTS version not only has more stable performance, but also supports more observability, service discovery plug-ins and a more complete multi-language development system.

If you want to try out new features while pursuing overall stability, consider upgrading your existing Apache APISIX to 2.13.0. Subsequent communities will also release a series of patch versions based on version 2.13.0.

Feature update

New: API is no longer exposed by default

In versions prior to 2.13.0, we allowed plugins to register APIs that could be called by clients. For example, the jwt-authplugin registers a JWT signing interface that clients can access to generate signatures for verification. But this design has a potential flaw - since the interface is exposed instead of the route, it cannot be secured as much as the route. Although the existing mechanism allows users to intercept interface access by writing the corresponding plugin interceptor, this method still has security risks.

So starting from version 2.13.0, we decided to make a breaking change and no longer expose the API by default **. **If the user needs to expose the interface, he needs to bind the interface to the corresponding route through the public-apiplugin . This approach brings two benefits:

  1. The registered API will have higher visibility. Currently, the registered API will only take effect through the display configuration, and the access method is also customized by the user.
  2. Allows more security protection options, registered APIs and routes have the same permission control.

Of course, there are other new changes in version 2.13.0, such as fixing the unreasonable behavior of historical versions. For specific optimization information, see 2.13.0 Changelog .

New feature: connect more monitoring systems at the observability level

As an API gateway, Apache APISIX has been committed to connecting more services and connecting more upstream and downstream observability. We build on this with every release, and 2.13.0 is no exception.

This time we added a tracing plugin:**opentelemetry** **, which allows sending OpenTelemetry tracing data to the configured collector. **Let's take a look at it simply through an example.

The collector is set in the static configuration:

plugin_attr:
  opentelemetry:
    resource:
      service.name: APISIX
      tenant.id: business_id
    collector:
      address: "127.0.0.1:4317"
    batch_span_processor:
      drop_on_queue_full: false
      max_queue_size: 6
      batch_timeout: 2
      inactive_timeout: 1
      max_export_batch_size: 2

Then you can enable tracing on a specific route:

curl http://127.0.0.1:9080/apisix/admin/routes/1  -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
    "methods": ["GET"],
    "uris": [
        "/uid/*"
    ],
    "plugins": {
        "opentelemetry": {
            "sampler": {
                "name": "always_on"
            }
        }
    },
    "upstream": {
        "type": "roundrobin",
        "nodes": {
            "127.0.0.1:8089": 1
        }
    }
}'

Requests that hit this route will report OpenTelemetry data to the corresponding collector.

In addition, we have added two log plugins to support reporting logs to ClickHouse and Loggly.

ClickHouse is one of the fastest OLAP databases on the planet. Apache APISIX supports sending access log and error log to ClickHouse, examples are as follows:

curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
      "plugins": {
            "clickhouse-logger": {
                "user": "default",
                "password": "a",
                "database": "default",
                "logtable": "test",
                "endpoint_addr": "http://127.0.0.1:8123"
            }
       },
      "upstream": {
           "type": "roundrobin",
           "nodes": {
               "127.0.0.1:1980": 1
           }
      },
      "uri": "/hello"
}'
curl http://127.0.0.1:9080/apisix/admin/plugin_metadata/error-log-logger -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
  "clickhouse": {
      "user": "default",
      "password": "a",
      "database": "error_log",
      "logtable": "t",
      "endpoint_addr": "http://127.0.0.1:8123"
  }
}'

Loggly is a log processing SaaS platform under SolarWinds. We support sending access logs through syslog or HTTP/HTTPS. An example is as follows:

Configure the reporting method

curl http://127.0.0.1:9080/apisix/admin/plugin_metadata/loggly -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
   "protocol": "http"
}'

Configure the route to be reported

curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
    "plugins":{
        "loggly":{
            "customer_token":"xxx",
        }
    },
    "upstream":{
        "type":"roundrobin",
        "nodes":{
            "127.0.0.1:80":1
        }
    },
    "uri":"/index.html"
}'

A more complete multi-language development system

Apache APISIX has supported Wasm (Proxy Wasm SDK) since version 2.11, but LTS version has not provided corresponding support. In this release of Apache APISIX 2.13.0, we have added and improved this feature.

After six months of development with more than 10,000 lines of code (including tests and documentation), APISIX now fully supports running Wasm code in four stages of processing request headers, request bodies, response headers, and response bodies . Version 2.13.0 is the first LTS version to support Wasm, which can be said to be a new milestone.

In addition to Wasm, we are also developing a traditional, RPC-based polyglot plugin system. Not long ago, we released version 0.2.0 of Python Runner. In a few days, we will also release Go Runner 0.3.0.

bug fix

  • SkyWalking and OpenTelemetry do not track authentication failures.

  • log-rotateThe cut log does not support completion on the hour.

  • deepcopyNo copying metatable.

  • request-validateHandling of duplicate keys in JSON.

  • prometheusRepeated calculation of metrics.

  • When conf.headersis missing , proxy-rewritein has conf.methodno effect.

  • traffic-splitFailed to match when the first rule fails.

  • etcd timeout triggered resync_delay.

  • protoDefinition conflict.

  • limit-countThe configuration is unchanged and the counter is reset.

  • The and counts for plugin-metadatathe Admin API are incorrect.global-rule

  • Labels are lost when merging route and service.

more details

In addition to the above features and components, the Apache APISIX 2.13.0 version also updates the following features:

  • grpc-transcode supports handling proto definitions with imports via a .pbfile .
  • Support getting upstream nodes from K8s configuration.
  • Added a csrfplugin to provide cross-site request forgery protection.
  • A new mockingplugin is added to facilitate the generation of test data.

Guess you like

Origin www.oschina.net/news/188799/apache-apisix-2-13-0-released
Recommended
Ranking
SpringBoot-integrate redis
[Sword pointing to offer] Interview question 03: Repeated numbers in an array
Arrangement "Offer Penalty for prove safety" string
Browser prevent the automatic generation of fill and Echo have been saved account solutions
Work hard and never slacken——2022 Yinmai Information Year-End Summary
Install jdk7 on Linux system
App common dependency management tools
EduCoder-Web程序设计基础-html5— 给表单组件添加说明-第1关:label标签相关概念
Machine learning - clustering - density clustering algorithm notes
Ant's large model is exposed, AI+ finance enters the "big model" era
Daily
More
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)

Code World

© 2018 codetd.com