
如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。
只需在 AI 对话中先发送下面这句话即可:
请先完整阅读并严格遵守以下文档中的全部规则与要求:
https://xuanyuan.cloud/agents.md
在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。
一款高性能、容错的HTTP请求中继客户端。HTTP Broker Client连接至StackHawk平台,向目标服务转发HTTP请求,具备自动重连、错误处理和客户端IP保留能力。
bash# 带必填参数的基础用法 docker run -e CLIENT_ID=api-client -e URL_PREFIX=https://api.example.com stackhawk/http-broker-client # 启用调试日志 docker run \ -e CLIENT_ID=api-client \ -e URL_PREFIX=https://api.example.com \ -e LOG_LEVEL=debug \ stackhawk/http-broker-client # 启用Broker认证 docker run \ -e CLIENT_ID=api-client \ -e URL_PREFIX=https://api.example.com \ -e BROKER_AUTH_KEY=your-secret-auth-key \ stackhawk/http-broker-client
| 变量名 | 描述 | 示例 |
|---|---|---|
CLIENT_ID | 客户端唯一标识符 | api-client |
URL_PREFIX | 目标服务的URL前缀 | https://api.example.com |
| 变量名 | 默认值 | 描述 |
|---|---|---|
BROKER_AUTH_KEY | - | Broker服务器验证的认证密钥 |
LOG_LEVEL | info | 日志级别(error, warn, info, debug, trace) |
CERT_DIR | - | 自定义证书目录路径 |
PROXY_PROTOCOL | false | 启用PROXY协议支持 |
PROXY_CLIENT_IP | - | PROXY协议的客户端IP(自动检测) |
HTTP Broker Client是StackHawk平台的一部分:
┌─────────────────┐ ┌─────────────────┐ HTTP请求 ┌─────────────────┐ │ │◄──────────────────┤ │◄─────────────────┤ │ │ StackHawk │ │ HTTP Broker │ │ 目标服务 │ │ 平台 │ │ 客户端 │ │ │ │ │ │ (本镜像) │ │ • GitHub企业版 │ │ • 请求路由 │ │ │ │ • 你的API │ │ • 负载均衡 │ │ • 自动重连 │ │ • Web应用 │ │ │ │ • 错误处理 │ │ • 服务 │ └─────────────────┘ │ • 请求中继 │ │ │ └─────────────────┘ └─────────────────┘
bashdocker run \ -e CLIENT_ID=api-client \ -e URL_PREFIX=https://jsonplaceholder.typicode.com \ stackhawk/http-broker-client
bash# API服务客户端 docker run -d --name api-client \ -e CLIENT_ID=api-client \ -e URL_PREFIX=https://api.example.com \ stackhawk/http-broker-client # Web服务客户端 docker run -d --name web-client \ -e CLIENT_ID=web-client \ -e URL_PREFIX=https://web.example.com \ stackhawk/http-broker-client # 认证服务客户端 docker run -d --name auth-client \ -e CLIENT_ID=auth-client \ -e URL_PREFIX=https://auth.example.com \ stackhawk/http-broker-client
yamlapiVersion: apps/v1 kind: Deployment metadata: name: http-broker-client namespace: default spec: replicas: 1 selector: matchLabels: app: http-broker-client template: metadata: labels: app: http-broker-client spec: containers: - name: http-broker-client image: stackhawk/http-broker-client:latest env: - name: CLIENT_ID value: "production-api" - name: URL_PREFIX value: "https://api.production.com" - name: BROKER_AUTH_KEY valueFrom: secretKeyRef: name: broker-auth key: auth-key - name: LOG_LEVEL value: "warn" - name: PROXY_PROTOCOL value: "true" resources: requests: memory: "64Mi" cpu: "50m" limits: memory: "256Mi" cpu: "200m" livenessProbe: exec: command: - /bin/sh - -c - "pgrep http-broker-client" initialDelaySeconds: 30 periodSeconds: 30 --- apiVersion: v1 kind: Secret metadata: name: broker-auth namespace: default type: Opaque data: auth-key: eW91ci1wcm9kdWN0aW9uLWF1dGgta2V5 # base64编码的密钥
bashdocker run \ -e CLIENT_ID=dev-client \ -e URL_PREFIX=http://localhost:8080 \ -e LOG_LEVEL=debug \ --network host \ stackhawk/http-broker-client
为不同服务部署多个客户端:
yamlapiVersion: apps/v1 kind: Deployment metadata: name: api-client namespace: default spec: replicas: 1 selector: matchLabels: app: api-client template: metadata: labels: app: api-client spec: containers: - name: http-broker-client image: stackhawk/http-broker-client:latest env: - name: CLIENT_ID value: "api-client" - name: URL_PREFIX value: "https://api.example.com" - name: BROKER_AUTH_KEY valueFrom: secretKeyRef: name: broker-auth key: auth-key - name: LOG_LEVEL value: "info" resources: requests: memory: "64Mi" cpu: "50m" limits: memory: "128Mi" cpu: "100m" --- apiVersion: apps/v1 kind: Deployment metadata: name: web-client namespace: default spec: replicas: 1 selector: matchLabels: app: web-client template: metadata: labels: app: web-client spec: containers: - name: http-broker-client image: stackhawk/http-broker-client:latest env: - name: CLIENT_ID value: "web-client" - name: URL_PREFIX value: "https://web.example.com" - name: BROKER_AUTH_KEY valueFrom: secretKeyRef: name: broker-auth key: auth-key - name: LOG_LEVEL value: "info" resources: requests: memory: "64Mi" cpu: "50m" limits: memory: "128Mi" cpu: "100m"
使用Kubernetes ConfigMap或Secret挂载自定义证书以增强安全性:
yaml# 创建证书ConfigMap apiVersion: v1 kind: ConfigMap metadata: name: custom-certs data: ca-cert.pem: | -----BEGIN CERTIFICATE----- # 自定义CA证书内容 -----END CERTIFICATE----- --- apiVersion: apps/v1 kind: Deployment metadata: name: secure-client spec: replicas: 1 selector: matchLabels: app: secure-client template: metadata: labels: app: secure-client spec: containers: - name: http-broker-client image: stackhawk/http-broker-client:latest env: - name: CLIENT_ID value: "secure-client" - name: URL_PREFIX value: "https://secure-api.example.com" - name: CERT_DIR value: "/app/certs" volumeMounts: - name: custom-certs mountPath: /app/certs readOnly: true volumes: - name: custom-certs configMap: name: custom-certs
支持的证书格式:.pem, .crt, .cer, .cert
Broker认证密钥为客户端-服务器连接提供额外安全层,由StackHawk平台生成和提供。当客户端和服务器均配置后,仅持有正确密钥的客户端可建立连接。
bash# 带Broker认证的客户端 docker run \ -e CLIENT_ID=secure-client \ -e URL_PREFIX=https://api.example.com \ -e BROKER_AUTH_KEY=your-secret-auth-key \ stackhawk/http-broker-client # 使用Kubernetes Secrets管理 apiVersion: apps/v1 kind: Deployment metadata: name: secure-client spec: replicas: 1 selector: matchLabels: app: secure-client template: metadata: labels: app: secure-client spec: containers: - name: http-broker-client image: stackhawk/http-broker-client:latest env: - name: CLIENT_ID value: "secure-client" - name: URL_PREFIX value: "https://api.example.com" - name: BROKER_AUTH_KEY valueFrom: secretKeyRef: name: broker-auth key: auth-key
安全最佳实践:
启用PROXY协议以保留原始客户端IP地址:
bashdocker run \ -e CLIENT_ID=proxy-client \ -e URL_PREFIX=https://api.example.com \ -e PROXY_PROTOCOL=true \ -e PROXY_CLIENT_IP=192.168.1.100 \ stackhawk/http-broker-client
启用后,客户端会向目标请求添加以下头部:
X-Forwarded-For: 原始客户端IPX-Real-IP: 原始客户端IPX-Forwarded-Proto: 协议(http/https)X-Forwarded-Port: 原始客户端端口通过结构化日志监控客户端健康:
bash# 实时查看日志 docker logs -f <container-name> # 过滤特定日志级别 docker logs <container-name> 2>&1 | grep "ERROR\|WARN" # 检查连接状态 docker logs <container-name> 2>&1 | grep "Connected to server\|Disconnected from server"
关键日志事件:
bash# 高吞吐量场景确保足够资源 docker run \ --memory=256m \ --cpus=1.0 \ -e CLIENT_ID=high-perf-client \ -e URL_PREFIX=https://api.example.com \ stackhawk/http-broker-client
排查问题时,提高日志级别获取详细信息:
bash# 启用调试日志 docker run \ -e CLIENT_ID=your-client-id \ -e URL_PREFIX=https://your-api.com \ -e LOG_LEVEL=debug \ stackhawk/http-broker-client # 启用追踪日志获取最大细节 docker run \ -e CLIENT_ID=your-client-id \ -e URL_PREFIX=https://your-api.com \ -e LOG_LEVEL=trace \ stackhawk/http-broker-client
不同问题对应的关键日志事件:
连接问题:
认证问题:
目标服务问题:
配置问题:
latest: 最新稳定版v0.1.17: 特定版本main: 最新开发构建为极致性能与可靠性打造 ❤️
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
来自真实用户的反馈,见证轩辕镜像的优质服务