Comments (17)
will update today
from apisix-ingress-controller.
please confirm if you have set the right admin key.
from apisix-ingress-controller.
I tried to find api7/ingress-controller to access the admin-key of APISIX, but I did not find the corresponding option in the config.json file, may I ask where to configure the admin-key
from apisix-ingress-controller.
@gxthrj do you have time to take a look at this issue?
from apisix-ingress-controller.
@maxluo1992 Now we do not support a way to config admin-key, I am not sure how to configure them when we use multi-APISIX cluster with ingress.class
annotation. There should be many admin-keys
.
For now , I suggest you to remove the admin-key
and use allow_admin
to keep Admin API
safe.
from apisix-ingress-controller.
@maxluo1992 For now, apisix-ingress-controller do not support the config admin_key from Apache APISIX.
When using apisix-ingress-controller with APISIX, it is recommended to remove the admin_key setting. You can use allow_admin to restrict the access scope of the APISIX control plane to ensure security.
from apisix-ingress-controller.
I will organize this description into the document.
from apisix-ingress-controller.
Hi, I removed admin_key and used allow_admin settings as you suggested, but then the log message says admin_key is missing. Can you please suggest anything for my issue.
from apisix-ingress-controller.
ping @gxthrj
from apisix-ingress-controller.
Admin key should be stored in Kubernetes Secret, we should add secret informers to fetch them and use them when communicating with APISIX. @gxthrj @moonming @membphis
from apisix-ingress-controller.
Hi, I removed admin_key and used allow_admin settings as you suggested, but then the log message says admin_key is missing. Can you please suggest anything for my issue.
It is strange.
Please tell us what version of APISIX you are using.
And show the admin_key
section in config.yaml
and config-default.yaml
.
from apisix-ingress-controller.
Admin key should be stored in Kubernetes Secret, we should add secret informers to fetch them and use them when communicating with APISIX. @gxthrj @moonming @membphis
Yes, it is a way, but APISIX should know this secret, too. We can discuss this in #50 .
from apisix-ingress-controller.
It is strange.
Please tell us what version of APISIX you are using.
And show theadmin_key
section inconfig.yaml
andconfig-default.yaml
.
Hello, we used apache/apisix:latest image from docker hub and we completely commented out the admin_key part as below.
from apisix-ingress-controller.
I will try to reproduce with the latest version of APISIX
from apisix-ingress-controller.
any news?
from apisix-ingress-controller.
@maxluo1992 This is due to the lack of admin_key support, we will add some documents to tell users how to close APISIX's admin_key.
from apisix-ingress-controller.
@maxluo1992 See the point 4 in https://github.com/apache/apisix-ingress-controller/blob/master/docs/FAQ.md.
from apisix-ingress-controller.
Related Issues (20)
- request help: Not able to hit kubernetes local service using ApisixRoute and ApisixUpstream HOT 2
- feat: Add a "namespace" parameter to the "plugin_config" of apisixRoute, to share the same apisixPluginConfig between all namespaces of apisixRoutes HOT 2
- bug: APISIX ingress controller helm chart attempts to create resources that do not support lower than 1.19
- request help: Need help in installing Apisix 3.1 with yaml files in kubernetes cluster HOT 5
- feat: Is it possible to make the ingress controller work without allowing read access to all secrets in the cluster? HOT 3
- request help: How to start multiple unrelated ingress-apisix-composite-deployment to load traffic from different sources HOT 11
- bug: create ApisixRoute failed by k8s dynamic client-go HOT 3
- bug: CVE-2023-48795 Vulnerability
- request help: Chinese document plan
- bug: library etcd-adapter fixed a concurrent issue, need upgrade dependency mod version HOT 1
- bug: support skip_mtls_uri_regex for CRD kind: ApisixTls HOT 1
- help request: Apisix 3.8.0 version - ingress controller deployment issue HOT 1
- request help: large file upload not work HOT 2
- dependencies: update etcd-adapter version to latest
- bug: plugin config "concurrent map writes" HOT 1
- feat: As a user, I want to configure ApisixRoute with the multi-auth plugin, so that my service can support multiple authentication methods per route HOT 1
- feat: As a user, I want to configure External services using Kubernetes Ingress without CRD's HOT 3
- help request: Not able to use custom plugin with composite architecture approach HOT 6
- feat: can apisix-ingress-controller use plugin without apisix HOT 1
- bug: Upstream HealthCheck Issue - Unhealthy Upstream doesn't be excluded temporarily HOT 39
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apisix-ingress-controller.