From de8b63c5f22b1efb631d2f62809e8a917a73e2bd Mon Sep 17 00:00:00 2001 From: kappa Date: Sun, 15 Mar 2026 11:40:13 +0900 Subject: [PATCH] =?UTF-8?q?apisix:=20hcv.inouter.com=20=EC=98=A4=EC=82=AC?= =?UTF-8?q?=EC=B9=B4=E2=86=92=EC=84=9C=EC=9A=B8=20=EC=9D=B4=EC=A0=84,=20ad?= =?UTF-8?q?min=20API=20=EC=A7=81=EC=A0=91=20=EC=A0=91=EA=B7=BC=20=EB=B0=98?= =?UTF-8?q?=EC=98=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- infra/apisix-manual.md | 9 ++++----- infra/apisix.md | 12 ++++++------ 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/infra/apisix-manual.md b/infra/apisix-manual.md index 3ef7c76..d3e5c18 100644 --- a/infra/apisix-manual.md +++ b/infra/apisix-manual.md @@ -8,15 +8,14 @@ tags: [infra, apisix, manual] ### 서울 (incus-hp2) ```bash -sudo incus exec apisix -- sh -# Admin API -sudo incus exec apisix -- curl -s http://127.0.0.1:9180/apisix/admin/routes -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' +# Admin API (LAN에서 직접 접근, incus proxy device) +curl -s http://10.179.99.126:9180/apisix/admin/routes -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' ``` ### 오사카 (apisix-osaka) ```bash -ssh apisix-osaka -curl -s http://127.0.0.1:9180/apisix/admin/routes -H 'X-API-KEY: ' +# Admin API (Tailscale 네트워크에서 직접 접근) +curl -s http://100.108.39.107:9180/apisix/admin/routes -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' ``` ## Admin API diff --git a/infra/apisix.md b/infra/apisix.md index 88191b7..a4a4a14 100644 --- a/infra/apisix.md +++ b/infra/apisix.md @@ -11,7 +11,7 @@ updated: 2026-03-15 ``` BunnyCDN(inouter, ID 5316471) → apisix-osaka(172.233.93.180) → 백엔드 ``` -- 용도: Ironclad 인프라 서비스 (ironclad.it.com, hcv, gitea, n8n, twilio 등) +- 용도: Ironclad 인프라 서비스 (ironclad.it.com, gitea, n8n, twilio 등) - 보안: SafeLine WAF + CrowdSec 연동 - upstream: incus-jp1 내부(10.253.x), K3s Traefik @@ -21,17 +21,17 @@ BunnyCDN(inouter, ID 5316471) → apisix-osaka(172.233.93.180) → 백엔드 ``` - 용도: KR존 리버스 프록시 - upstream: K3s Traefik (192.168.9.134/214/135:443) -- 라우트: nocodb.inouter.com (nocodb, nocodb-nuxt) +- 라우트: nocodb.inouter.com (nocodb, nocodb-nuxt), hcv.inouter.com (hcv-inouter-com) - SSL: cert-manager wildcard `*.inouter.com` 인증서 - SafeLine WAF 연동 (chaitin-waf 플러그인) -- Admin API: `incus exec apisix -- curl http://127.0.0.1:9180/apisix/admin` +- Admin API: `curl http://10.179.99.126:9180/apisix/admin` (incus proxy device, 192.168.9.0/24에서 접근 가능) ### BunnyCDN Pull Zone 매핑 | Zone | Origin | 방향 | 주요 Hostnames | |---|---|---|---| -| inouter (5316471) | 172.233.93.180 | → 오사카 | anvil.it.com, hcv.inouter.com, gitea, n8n, kroki | -| actions (5330178) | 220.120.65.245 | → 서울 | actions.it.com (nocodb는 BunnyCDN 우회, 직접 연결) | +| inouter (5316471) | 172.233.93.180 | → 오사카 | anvil.it.com, gitea, n8n, kroki | +| actions (5330178) | 220.120.65.245 | → 서울 | actions.it.com, hcv.inouter.com (nocodb/hcv는 BunnyCDN 우회, 직접 연결) | ## ironclad.it.com 라우트 @@ -55,7 +55,7 @@ APISIX 라우트 ID: twilio-jp-inouter-com → [[twilio]] ## hcv.inouter.com 라우트 -APISIX 라우트 hcv-inouter-com → K3s Traefik (192.168.9.134/214/135:443, roundrobin, scheme https). upstream ID: hcv-inouter-com. [[vault]] UI/API 서빙. BunnyCDN pull zone inouter (ID 5316471)에 hostname 추가 완료 (2026-03-12). K3s 노드 IP 변경 반영 (2026-03-14). +APISIX 서울 라우트 hcv-inouter-com → K3s Traefik (192.168.9.134/214/135:443, roundrobin, scheme https). upstream ID: hcv-inouter-com. [[vault]] UI/API 서빙. DNS: k3s.inouter.com CNAME (LAN 직접 연결, BunnyCDN 우회). BunnyCDN pull zone actions (ID 5330178)에 hostname 등록. 오사카에서 서울로 이전 (2026-03-15). ## nocodb.inouter.com 라우트