OpenSecAtlas
OPENSECATLAS
11/12 free views
Tool
Other
API Security

apisix-docker

by apache

780stars
475forks
33watchers
Updated 10 months ago
About

A Dockerized deployment of Apache APISIX, a high-performance, dynamic API Gateway for managing and securing API traffic.

the docker for Apache APISIX

Primary Use Case

This tool is used to quickly deploy Apache APISIX API Gateway in containerized environments using Docker, enabling developers and DevOps teams to manage API traffic with features like load balancing, authentication, and observability. It is ideal for organizations looking to secure and automate API traffic management in both stand-alone and distributed configurations.

Key Features
  • Dynamic, real-time API Gateway
  • Supports stand-alone and etcd-based configuration modes
  • Rich traffic management including load balancing and canary release
  • Circuit breaking and authentication plugins
  • Observability features for API traffic
  • Handles both north-south and east-west traffic
  • Docker container deployment for easy setup
  • Integration with etcd for distributed configuration management

Installation

  • Start an APISIX container in stand-alone mode using: docker run -d --name apache-apisix -p 9080:9080 -e APISIX_STAND_ALONE=true apache/apisix
  • For etcd-based configuration, start an etcd container with: docker run -d --name etcd --net host -e ALLOW_NONE_AUTHENTICATION=yes -e ETCD_ADVERTISE_CLIENT_URLS=http://127.0.0.1:2379 bitnami/etcd:latest
  • Start APISIX container connected to etcd with: docker run -d --name apache-apisix --net host apache/apisix
  • Alternatively, create a Docker network with: docker network create apisix-network --driver bridge
  • Start etcd container on the created network with port mappings and environment variables
  • Create an APISIX configuration file (config.yaml) specifying etcd hosts and admin access
  • Start APISIX container on the created network referencing the config.yaml

Usage

>_ docker run -d --name apache-apisix -p 9080:9080 -e APISIX_STAND_ALONE=true apache/apisix

Starts the APISIX container in stand-alone mode with default configuration.

>_ docker exec -i apache-apisix sh -c 'cat > /usr/local/apisix/conf/apisix.yaml <<_EOC_ ... _EOC_'

Adds route and plugin configuration to the running APISIX container by overwriting the apisix.yaml file.

>_ curl http://127.0.0.1:9080/

Tests the APISIX API Gateway by sending a request to the configured route.

>_ docker run -d --name etcd --net host -e ALLOW_NONE_AUTHENTICATION=yes -e ETCD_ADVERTISE_CLIENT_URLS=http://127.0.0.1:2379 bitnami/etcd:latest

Starts an etcd container with no authentication, used as the configuration center for APISIX.

>_ docker run -d --name apache-apisix --net host apache/apisix

Starts APISIX container connected to the etcd configuration center using the host network.

>_ docker network create apisix-network --driver bridge

Creates a Docker virtual network for APISIX and etcd containers.

>_ docker run -d --name etcd --network apisix-network -p 2379:2379 -p 2380:2380 -e ALLOW_NONE_AUTHENTICATION=yes -e ETCD_ADVERTISE_CLIENT_URLS=http://127.0.0.1:2379 bitnami/etcd:latest

Starts etcd container on the created Docker network with port mappings.

>_ docker run -d --name apache-apisix --network apisix-network -p 9080:9080 -v $(pwd)/config.yaml:/usr/local/apisix/conf/config.yaml apache/apisix

Starts APISIX container on the Docker network using a custom configuration file.

Security Frameworks
Initial Access
Execution
Defense Evasion
Persistence
Collection
Usage Insights
  • Integrate APISIX Docker deployment into CI/CD pipelines to automate API security testing and enforcement.
  • Leverage APISIX’s dynamic routing and authentication plugins to implement adaptive API access controls mitigating exploitation risks.
  • Use APISIX observability features to detect anomalous API traffic patterns indicative of reconnaissance or attack attempts.
  • Combine APISIX with centralized etcd configuration for scalable, distributed API security management in microservices environments.
  • Conduct purple team exercises simulating API gateway attacks and defenses to improve detection and response capabilities.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about apisix-docker. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

This tool hasn't been indexed yet. Request indexing to enable AI chat.

Admin will review your request within 24 hours

Security Profile
Red Team40%
Blue Team70%
Purple Team60%
Details
LicenseApache License 2.0
LanguageDockerfile
Open Issues229
Topics
docker
api-gateway
cloud-native
microservices
api
reverse-proxy
api-management
loadbalancing
serverless
kubernetes

Related Tools

API-Security-Checklist icon

API-Security-Checklist

shieldfy/API-Security-Checklist

Documentation

Checklist of the most important security countermeasures when designing, testing, and releasing your API

22.9K
8 months ago
express-gateway icon

express-gateway

ExpressGateway/express-gateway

Tool

A microservices API Gateway built on top of Express.js

3.0K
8 months ago
API-Security icon

API-Security

OWASP/API-Security

Documentation

OWASP API Security Project

2.2K
8 months ago
akto icon

akto

akto-api-security/akto

Tool

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

1.4K
about 1 month ago
fizz-gateway-node icon

fizz-gateway-node

fizzgate/fizz-gateway-node

Tool

API聚合网关 An Aggregation API Gateway API集成、API脱敏、API安全、API溯源

1.0K
8 months ago
api-firewall icon

api-firewall

wallarm/api-firewall

Tool

Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

643
5 months ago