Closed ldcsaa closed 10 months ago
etcd是容器吗?确保在apisix容器启动之前,etcd对外提供的2379端口可用啊。
注:我也用apache/apisix:3.7.0-debian的镜像启动过,并没有遇到这个问题
etcd是容器吗?确保在apisix容器启动之前,etcd对外提供的2379端口可用啊。
注:我也用apache/apisix:3.7.0-debian的镜像启动过,并没有遇到这个问题
是etcd,其它环境不变。分别用 apisix:3.5.0,apisix:3.6.0,apisix:3.7.0 镜像测试。其中 3.5.0 不报错,3.6.0和3.7.0都报上述错误。
以下是我的部分配置文件,如果把配置deployment.etcd.use_grpc
设置为false
则不会报错。
apisix:
node_listen: 9080
ssl:
enable: true
listen: # APISIX listening port in https.
- port: 9443
enable_http2: true
# - ip: 127.0.0.3 # Specific IP, If not set, the default value is `0.0.0.0`.
# port: 9445
# enable_http2: true
#ssl_trusted_certificate: /path/to/ca-cert # Specifies a file path with trusted CA certificates in the PEM format
# used to verify the certificate when APISIX needs to do SSL/TLS handshaking
# with external services (e.g. etcd)
ssl_protocols: TLSv1.2 TLSv1.3
ssl_ciphers: ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl_session_tickets: false # disable ssl_session_tickets by default for 'ssl_session_tickets' would make Perfect Forward Secrecy useless.
# ref: https://github.com/mozilla/server-side-tls/issues/135
key_encrypt_salt: # If not set, will save origin ssl key into etcd.
- edd1c9f0985e76a2 # If set this, the key_encrypt_salt should be an array whose elements are string, and the size is also 16, and it will encrypt ssl key with AES-128-CBC
# !!! So do not change it after saving your ssl, it can't decrypt the ssl keys have be saved if you change !!
# Only use the first key to encrypt, and decrypt in the order of the array.
fallback_sni: "hpsocket.com" # If set this, when the client doesn't send SNI during handshake, the fallback SNI will be used instead
enable_control: true
control:
ip: 0.0.0.0
port: 9090
deployment:
role: traditional
role_traditional:
config_provider: etcd
etcd:
host:
- "http://etcd:2379"
prefix: /apisix # configuration prefix in etcd
use_grpc: true # enable the experimental configuration sync via gRPC
timeout: 30 # 30 seconds. Use a much higher timeout (like an hour) if the `use_grpc` is true.
#resync_delay: 5 # when sync failed and a rest is needed, resync after the configured seconds plus 50% random jitter
#health_check_timeout: 10 # etcd retry the unhealthy nodes after the configured seconds
startup_retry: 2 # the number of retry to etcd during the startup, default to 2
user: "root" # root username for etcd
password: "123456" # root password for etcd
tls:
# To enable etcd client certificate you need to build APISIX-Base, see
# https://apisix.apache.org/docs/apisix/FAQ#how-do-i-build-the-apisix-base-environment
#cert: /path/to/cert # path of certificate used by the etcd client
#key: /path/to/key # path of key used by the etcd client
verify: true # whether to verify the etcd endpoint certificate when setup a TLS connection to etcd,
# the default value is true, e.g. the certificate will be verified strictly.
#sni: # the SNI for etcd TLS requests. If missed, the host part of the URL will be used.
@ldcsaa grpc support for etcd has been removed: https://github.com/apache/apisix/pull/10015
Please re-open if you have more questions
找到问题了,deployment.etcd.use_grpc
配置在3.6.0及其后续版本已被废除~~
Current Behavior
apache/apisix:3.7.0-debian Docker 镜像创建的容器启动后一直报错,提示:
failed to load the configuration: failed to start a etcd instance: /usr/local/openresty/lualib/resty/grpc.lua:102: The gRPC client engine is not initialized. Need to ensure the grpc engine exist in the defined NGX_GRPC_CLI_ENGINE_PATH. And the Nginx configuration contains 'thread_pool grpc-client-nginx-module'. And this library can not be loaded in the init phase.
(注:apache/apisix:3.5.0-debian Docker 镜像不会报这个错误)
Expected Behavior
不要报错
Error Logs
Steps to Reproduce
Environment