0

我在使用 Analytics 3.1.0 运行 APIM 时遇到了一些问题,似乎卡在了某个点,最后由于无法加载或找不到 API 列表而显示错误。我们检查了文档中的每一步,日志没有向我们显示任何配置错误。证书似乎没问题,因为我没有在日志中看到 SSL 连接错误。API Manager 模块与工作人员正常连接

我的部署包括 nginx 代理和带有 SQL Server 数据库的一体化节点(我已经测试了 MySQL 获得相同的行为)。

请问有什么想法吗?

在此先感谢,大卫

显示错误时的 img 捕获

================ nginx ================

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events { } 

http {

   upstream am-back.inda.es {
        server 172.x.x.33:9443;
   }

   upstream gw-back.inda.es {
        server 172.x.x.33:8243;
   }

   upstream an-back.inda.es {
        server 172.x.x.33:9643;
   }

   server {
        listen 80;
        server_name apiam.inda.es;
        rewrite ^/(.*) https://apiam.inda.es/$1 permanent;
   }

   server {
        listen 443;
        server_name apiam.inda.es;
        proxy_set_header X-Forwarded-Port 443;
        ssl on;
        #ssl_certificate /etc/nginx/ssl/STAR_inda_es.crt;
        #ssl_certificate_key /etc/nginx/ssl/private.key;
        ssl_certificate /root/autocerts/inda_auto.crt;
        ssl_certificate_key /root/autocerts/inda_auto.key;
        location / {
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_read_timeout 5m;
            proxy_send_timeout 5m;
            proxy_pass https://am-back.inda.es;
        }

        access_log /etc/nginx/log/am/https/access.log;
        error_log /etc/nginx/log/am/https/error.log;
   }

   server {
        listen 443;
        server_name apigw.inda.es;
        proxy_set_header X-Forwarded-Port 443;
        ssl on;
        #ssl_certificate /etc/nginx/ssl/STAR_inda_es.crt;
        #ssl_certificate_key /etc/nginx/ssl/private.key;
        ssl_certificate /root/autocerts/inda_auto.crt;
        ssl_certificate_key /root/autocerts/inda_auto.key;
        location / {
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_read_timeout 5m;
            proxy_send_timeout 5m;
            proxy_pass https://gw-back.inda.es;
         }

         access_log /etc/nginx/log/gw/https/access.log;
         error_log /etc/nginx/log/gw/https/error.log;
   }

   server {
        listen 443;
        server_name apian.inda.es;
        proxy_set_header X-Forwarded-Port 443;
        ssl on;
        #ssl_certificate /etc/nginx/ssl/STAR_inda_es.crt;
        #ssl_certificate_key /etc/nginx/ssl/private.key;
        ssl_certificate /root/autocerts/inda_auto.crt;
        ssl_certificate_key /root/autocerts/inda_auto.key;
        location / {
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_read_timeout 5m;
            proxy_send_timeout 5m;
            proxy_pass https://an-back.inda.es;
         }

         access_log /etc/nginx/log/an/https/access.log;
         error_log /etc/nginx/log/an/https/error.log;
   }
}

================ WSO2 APIM deployment.toml ================

[transport.https.properties]
proxyPort = 443

[server]
hostname = "apiam.inda.es"
node_ip = "127.0.0.1"
#offset=0
mode = "single" #single or ha
base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}"
#discard_empty_caches = false
server_role = "default"

[super_admin]
username = "admin"
password = "admin"
create_admin_account = true

.
.
.

[apim.analytics]
enable = true
store_api_url = "https://localhost:7444"
#username = "$ref{super_admin.username}"
#password = "$ref{super_admin.password}"
#event_publisher_type = "default"
#event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher"
#publish_response_size = true
.
.
.

================ 从仪表板部署中提取================

.
.
.
## Authentication configuration
auth.configs:
  type: apim
  ssoEnabled: true
  properties:
    adminScope: apim_analytics:admin_carbon.super
    allScopes: apim_analytics:admin apim_analytics:product_manager apim_analytics:api_developer apim_analytics:app_developer apim_analytics:devops_engineer apim_analytics:analytics_viewer apim_analytics:everyone openid apim:api_view apim:subscribe
    adminUsername: admin
    adminPassword: admin
    kmDcrUrl: https://localhost.inda.es:9443/client-registration/v0.16/register
    kmTokenUrlForRedirection: https://apiam.inda.es/oauth2
    kmTokenUrl: https://localhost.inda.es:9443/oauth2
    kmUsername: admin
    kmPassword: admin
    portalAppContext: analytics-dashboard
    businessRulesAppContext : business-rules
    cacheTimeout: 30
    baseUrl: https://apian.inda.es
    grantType: authorization_code
    publisherUrl: https://localhost.inda.es:9443
    devPortalUrl: https://localhost.inda.es:9443
    externalLogoutUrl: https://localhost.inda.es:9443/oidc/logout
.
.
.
4

2 回答 2

1

好吧,我遇到了同样的问题,我在我的 nginx 配置中使用这个标头解决了这个问题:

proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade";

来源:https ://medium.com/microservices-on-wso2/configuring-analytics-with-api-manager-bde5ef7ee741

于 2020-04-14T13:32:48.280 回答
0

使用透明代理选项(nginx plus 或 hapoxy)解决并将源 IP 暴露给端点。

于 2020-04-13T12:28:40.960 回答