Re: [I] bug: APISIX 3.13.0/3.12.0/3.9.1 hangs indefinitely on `init_etcd` phase preventing route synchronization [apisix]

Thu, 18 Dec 2025 22:49:49 -0800 


unsw-luopan commented on issue #12580:
URL: https://github.com/apache/apisix/issues/12580#issuecomment-3673810588

   Hi @joggerjoel ,has the issue been resolved? I meet the same problem, but 
when I remove TLS config about ETCD in apisix_conf/config.yaml, apisix can run 
successfully.  
   I asked llm how to solve it, all envs are normal, etcd, pem, network. I 
write a script  to jump etcd init, then apisix can run successfully.
   
   docker-compose.yml
   services:
     apisix:
       image: apache/apisix:${APISIX_IMAGE_TAG:-3.13.0-debian}
       restart: always
       privileged: true
       command: ["/bin/bash", "/custom-start.sh"]
       volumes:
         - ./apisix_conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro
         - ./apisix_conf/apisix.yaml:/usr/local/apisix/conf/apisix.yaml:ro
         - ./certs:/etc/etcd/certs:ro
         - ./logs:/usr/local/apisix/logs
         - ./custom-start.sh:/custom-start.sh:ro  # 挂载自定义脚本
   #    network_mode: host
       ports:
         - "9180:9180/tcp"
         - "9080:9080/tcp"
         - "9093:9091/tcp"
         - "9443:9443/tcp"
         - "9092:9092/tcp"
       networks:
         apisix:
   
   custom-start.sh
   #!/bin/bash
   set -e
   echo "=== 自定义 APISIX 启动脚本(生成配置 + 跳过 ETCD 初始化) ==="
   # 1. 清理残留文件
   rm -rf /usr/local/apisix/logs/*.pid /usr/local/apisix/logs/*.sock
   rm -rf /usr/local/apisix/conf/nginx.conf  # 清理旧配置
   # 2. 验证证书
   if [ -f "/etc/etcd/certs/etcd.pem" ] && [ -f "/etc/etcd/certs/etcd-key.pem" 
] && [ -f "/etc/etcd/certs/ca.pem" ]; then
     openssl x509 -in /etc/etcd/certs/etcd.pem -text -noout >/dev/null 2>&1 && 
echo "etcd.pem 格式正常"
     openssl rsa -in /etc/etcd/certs/etcd-key.pem -check >/dev/null 2>&1 && 
echo "etcd-key.pem 格式正常"
     openssl x509 -in /etc/etcd/certs/ca.pem -text -noout >/dev/null 2>&1 && 
echo "ca.pem 格式正常"
     echo "证书验证通过"
   else
     echo "警告:未找到 ETCD 证书,后续连接 ETCD 可能失败"
   fi
   # 3. 关键步骤:仅生成 Nginx 配置文件(不启动 APISIX,不执行 init_etcd)
   echo "=== 生成 APISIX Nginx 配置文件 ==="
   /usr/bin/apisix init  # 仅生成 nginx.conf 和目录结构,无 ETCD 初始化逻辑
   # 4. 直接启动 Nginx(使用生成的配置文件)
   echo "=== 启动 Nginx(APISIX 核心) ==="
   /usr/local/openresty/nginx/sbin/nginx -p /usr/local/apisix -c conf/nginx.conf
   # 5. 阻塞容器
   echo "=== APISIX 启动成功! ==="
   tail -f /dev/null
   
   @Baoyuantop I don't know whether this is a bug, the etcd culster with tls 
config cause etcd init hangs on. Llm says maybe the implementation about lua's 
openssl is different with the origin openssl .When I remove tls config or jump 
etcd init step(I manually add init configuration, use etcdctl), apisix can run 
successfully.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to