dantegarden opened a new issue #921: URL: https://github.com/apache/apisix-ingress-controller/issues/921
我在k8s集群中部署了Apisix Ingress 2.12.1,apisix可以正常工作。 我想写一个自定义插件用于实现特殊的鉴权逻辑,通过参考[apisix-python-plugin-runner](https://github.com/apache/apisix-python-plugin-runner)的master分支,写了一个自定义插件的demo: ```python3 class Authorization(PluginBase): def name(self) -> str: """ The name of the plugin registered in the runner :return: """ return "authorization" def config(self, conf: Any) -> Any: """ Parse plugin configuration :param conf: :return: """ return conf def filter(self, conf: Any, request: Request, response: Response): """ The plugin executes the main function :param conf: plugin configuration after parsing :param request: request parameters and information :param response: response parameters and information :return: """ host = request.get_var("host") method = request.get_method() print("host:", host, "method", method) # print plugin configuration print(conf) # 1.获取token cookie = request.get_header("cookie") if not cookie: unauthorized(response) try: token = None cookie_items = cookie.split(";") for cookie_item in cookie_items: key, value = cookie_item.split("=", 1) key = key.strip() if key == "login_ticket": token = value.strip() token = urllib.parse.unquote(token, encoding='utf-8') break if not token: unauthorized(response) return except Exception as err: print(err) traceback.print_exc() internal_error(response) ``` 然后我重新制作了apisix镜像,Dockerfile如下: ``` FROM apache/apisix:2.12.1-alpine ADD ./apisix-python-plugin-runner /apisix-python-plugin-runner RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories && \ apk add --update python3 py3-pip && \ apk add gcc g++ make libffi-dev openssl-dev libtool && \ python3 -m pip install --upgrade pip -i https://pypi.douban.com/simple/ && \ python3 -m pip install a6pluginprotos==0.2.1 click==8.0.1 minicache==0.0.1 PyYAML==5.4.1 --ignore-installed -i https://pypi.douban.com/simple/ RUN cd /apisix-python-plugin-runner && \ make setup && \ make install ``` 我将helm template中的镜像改完新制作的镜像,并修改configmap,使config.yml增加: ``` ext-plugin: cmd: - python3 - /apisix-python-plugin-runner/bin/py-runner - start ``` 随后我重新`helm install apisix`,pod可以正常启动,原本的apisixroute也可以正常代理流量。 我尝试创建一个ApisixRoute,并使用我的自定义插件: ```yaml apiVersion: apisix.apache.org/v2beta2 kind: ApisixRoute metadata: name: demo-test namespace: default spec: http: - name: rule1 match: hosts: - a1.demo.test paths: - /* backends: - serviceName: demo-svc servicePort: 30000 websocket: true plugins: - name: authorization enable: true config: conf: - name: "authorization" value: "{\"redis\": {\"host\":\"192.168.1.64\", \"port\":6379, \"password\":\"OneFlow@123456\", \"database\":0}}" ``` 此时访问 http://a1.demo.test 返回: ```json { error_msg: "404 Route Not Found" } ``` 将上面yaml中的plugins移除,重新创建apisixroute,访问http://a1.demo.test可以正常转发。 由于apisix-python-plugin-runner文档过于简单,不知道究竟应该如何在k8s中使用。 我想知道如何使用自定义plugin?能否提供一个apisix ingress与apisix-python-plugin-runner结合的demo? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
