使用k8s部署前打包镜像：

FROM centos:7

ARG APISIX_VERSION=2.11.0
LABEL apisix_version=“${APISIX_VERSION}”

RUN yum install -y https://repos.apiseven.com/packages/centos/apache-apisix-repo-1.0-1.noarch.rpm
&& yum install -y https://repos.apiseven.com/packages/centos/7/x86_64/apisix-$APISIX_VERSION-0.el7.x86_64.rpm
&& yum clean all \

WORKDIR /usr/local/apisix
ADD jdk-8u311-linux-x64.tar.gz /opt/
EXPOSE 9080 9443 9180
ENV JAVA_HOME=/opt/jdk1.8.0_311
ENV PATH=$PATH:$JAVA_HOME/bin/
CMD [“sh”, “-c”, “/usr/bin/apisix init && /usr/bin/apisix init_etcd && /usr/local/openresty/bin/openresty -p /usr/local/apisix -g ‘daemon off;’”]

config.yaml：

    apisix:node_listen: 9080             # APISIX listening portenable_heartbeat: trueenable_admin: trueenable_admin_cors: trueenable_debug: falseenable_dev_mode: false          # Sets nginx worker_processes to 1 if set to trueenable_reuseport: true          # Enable nginx SO_REUSEPORT switch if set to true.enable_ipv6: trueconfig_center: etcd             # etcd: use etcd to store the config value# yaml: fetch the config value from local yaml file `/your_path/conf/apisix.yaml`#proxy_protocol:                 # Proxy Protocol configuration#  listen_http_port: 9181        # The port with proxy protocol for http, it differs from node_listen and port_admin.# This port can only receive http request with proxy protocol, but node_listen & port_admin# can only receive http request. If you enable proxy protocol, you must use this port to# receive http request with proxy protocol#  listen_https_port: 9182       # The port with proxy protocol for https#  enable_tcp_pp: true           # Enable the proxy protocol for tcp proxy, it works for stream_proxy.tcp option#  enable_tcp_pp_to_upstream: true # Enables the proxy protocol to the upstream serverproxy_cache:                     # Proxy Caching configurationcache_ttl: 10s                 # The default caching time if the upstream does not specify the cache timezones:                         # The parameters of a cache- name: disk_cache_one         # The name of the cache, administrator can be specify# which cache to use by name in the admin apimemory_size: 50m             # The size of shared memory, it's used to store the cache indexdisk_size: 1G                # The size of disk, it's used to store the cache datadisk_path: "/tmp/disk_cache_one" # The path to store the cache datacache_levels: "1:2"           # The hierarchy levels of a cache#  - name: disk_cache_two#    memory_size: 50m#    disk_size: 1G#    disk_path: "/tmp/disk_cache_two"#    cache_levels: "1:2"allow_admin:                  # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow- 127.0.0.1/24#   - "::/64"port_admin: 9180# Default token when use API to call for Admin API.# *NOTE*: Highly recommended to modify this value to protect APISIX's Admin API.# Disabling this configuration item means that the Admin API does not# require any authentication.admin_key:# admin: can everything for configuration data- name: "admin"key: edd1c9f034335f136f87ad84b625c8f1role: admin# viewer: only can view configuration data- name: "viewer"key: 4054f7cf07e344346cd3f287985e76a2role: viewerrouter:http: 'radixtree_uri'         # radixtree_uri: match route by uri(base on radixtree)# radixtree_host_uri: match route by host + uri(base on radixtree)ssl: 'radixtree_sni'          # radixtree_sni: match route by SNI(base on radixtree)# dns_resolver:##   - 127.0.0.1##   - 172.20.0.10##   - 114.114.114.114##   - 223.5.5.5##   - 1.1.1.1##   - 8.8.8.8#dns_resolver_valid: 30resolver_timeout: 5ssl:enable: falseenable_http2: truelisten_port: 9443ssl_protocols: "TLSv1 TLSv1.1 TLSv1.2 TLSv1.3"ssl_ciphers: "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA"nginx_config:                     # config for render the template to genarate nginx.conferror_log: "/usr/local/apisix/logs/error.log"error_log_level: "warn"         # warn,errorworker_rlimit_nofile: 20480     # the number of files a worker process can open, should be larger than worker_connectionsevent:worker_connections: 10620http:access_log: "/usr/local/apisix/logs/access.log"keepalive_timeout: 60s         # timeout during which a keep-alive client connection will stay open on the server side.client_header_timeout: 60s     # timeout for reading client request header, then 408 (Request Time-out) error is returned to the clientclient_body_timeout: 60s       # timeout for reading client request body, then 408 (Request Time-out) error is returned to the clientsend_timeout: 10s              # timeout for transmitting a response to the client.then the connection is closedunderscores_in_headers: "on"   # default enables the use of underscores in client request header fieldsreal_ip_header: "X-Real-IP"    # http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_headerreal_ip_from:                  # http://nginx.org/en/docs/http/ngx_http_realip_module.html#set_real_ip_from- 127.0.0.1- 'unix:'etcd:host:                                 # it's possible to define multiple etcd hosts addresses of the same etcd cluster.- "http://apisix-etcd.default.svc.cluster.local:2379"(如果使用的是k8s集群里面的使用这种格式，如果是自建的直接使用IP+端口)prefix: "/apisix"     # apisix configurations prefixtimeout: 30   # 30 secondsplugins:                          # plugin list- api-breaker- authz-keycloak- basic-auth- batch-requests- consumer-restriction- cors- echo- fault-injection- grpc-transcode- hmac-auth- http-logger- ip-restriction- ua-restriction- jwt-auth- kafka-logger- key-auth- limit-conn- limit-count- limit-req- node-status- openid-connect- authz-casbin- prometheus- proxy-cache- proxy-mirror- proxy-rewrite- redirect- referer-restriction- request-id- request-validation- response-rewrite- serverless-post-function- serverless-pre-function- sls-logger- syslog- tcp-logger- udp-logger- uri-blocker- wolf-rbac- zipkin- server-info- traffic-split- gzip- real-ipstream_plugins:- mqtt-proxy- ip-restriction- limit-connplugin_attr:server-info:report_interval: 60report_ttl: 3600

学习时间：