Apache APISIX是一個動態的、實時的、高性能的 API 網關。它提供豐富的流量管理功能,例如負載均衡、動態上游服務、金絲雀發布、斷路、身份驗證、可觀察性等。您可以使用 Apache APISIX 來處理傳統的南北流量,以及服務之間的東西流量。2019 年 10 月份,深圳支流科技把網關 APISIX 貢獻給 Apache 基金會,他們提供商業版本,以下內容基於社區版本。
APISIX地址:https://github.com/apache/apisix
DashBoard:https://github.com/apache/apisix-dashboard
中文文檔地址:https://apisix.apache.org/zh/docs/apisix/getting-started/
1、安裝APISIX 和 APISIX Dashboard
官方文檔介紹了源碼包、RPM 包、Docker 以及Helm Chart安裝方式,這里我們在K8s 環境下使用 apisix, 所以選擇使用Helm Chart方式安裝,安裝文檔參見 https://apisix.apache.org/zh/docs/helm-chart/apisix/ 。
日前支流科技提供了一個在線 Helm Charts 倉庫 https://charts.apiseven.com, 用戶可通過該倉庫輕松安裝 Apache APISIX、Apache apisix-dashboard 和 Apache apisix-ingress-controller (而不需要提前 clone 對應的項目)
一共有3個Helm Chart:
- Apache APISIX Helm Chart :https://apisix.apache.org/zh/docs/helm-chart/apisix/
- Apache APISIX Dashboard Helm Chart: https://apisix.apache.org/zh/docs/helm-chart/apisix-dashboard
- Apache APISIX Ingress Controller Helm Chart: https://apisix.apache.org/zh/docs/helm-chart/apisix-ingress-controller
添加倉庫並獲取更新
helm repo add apisix https://charts.apiseven.com
helm repo update
查看倉庫可用的Charts包
helm search repo apisix
NAME CHART VERSION APP VERSION DESCRIPTION
apisix/apisix 0.7.2 2.10.0 A Helm chart for Apache APISIX
apisix/apisix-dashboard 0.3.0 2.9.0 A Helm chart for Apache APISIX Dashboard
apisix/apisix-ingress-controller 0.8.0 1.3.0 Apache APISIX Ingress Controller for Kubernetes
把apisix的Chart包拉取下來
[root@love:~/apisix-dome/dome ]# helm pull apisix/apisix
[root@love:~/apisix-dome/dome ]# ls
apisix-0.7.2.tgz
[root@love:~/apisix-dome/dome ]# tar -zxf apisix-0.7.2.tgz
[root@love:~/apisix-dome/dome ]# tree apisix
apisix
├── Chart.lock
├── charts
│ ├── apisix-dashboard
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── configmap.yaml
│ │ │ ├── deployment.yaml
│ │ │ ├── _helpers.tpl
│ │ │ ├── hpa.yaml
│ │ │ ├── ingress.yaml
│ │ │ ├── NOTES.txt
│ │ │ ├── serviceaccount.yaml
│ │ │ ├── service.yaml
│ │ │ └── tests
│ │ │ └── test-connection.yaml
│ │ └── values.yaml
│ ├── apisix-ingress-controller
│ │ ├── Chart.yaml
│ │ ├── crds
│ │ │ └── customresourcedefinitions.yaml
│ │ ├── README.md
│ │ ├── templates
│ │ │ ├── configmap.yaml
│ │ │ ├── deployment.yaml
│ │ │ ├── _helpers.tpl
│ │ │ ├── hpa.yaml
│ │ │ ├── NOTES.txt
│ │ │ ├── rbac.yaml
│ │ │ ├── service-account.yaml
│ │ │ ├── servicemonitor.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ └── etcd
│ ├── Chart.lock
│ ├── charts
│ │ └── common
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates
│ │ │ ├── _affinities.tpl
│ │ │ ├── _capabilities.tpl
│ │ │ ├── _errors.tpl
│ │ │ ├── _images.tpl
│ │ │ ├── _ingress.tpl
│ │ │ ├── _labels.tpl
│ │ │ ├── _names.tpl
│ │ │ ├── _secrets.tpl
│ │ │ ├── _storage.tpl
│ │ │ ├── _tplvalues.tpl
│ │ │ ├── _utils.tpl
│ │ │ ├── validations
│ │ │ │ ├── _cassandra.tpl
│ │ │ │ ├── _mariadb.tpl
│ │ │ │ ├── _mongodb.tpl
│ │ │ │ ├── _postgresql.tpl
│ │ │ │ ├── _redis.tpl
│ │ │ │ └── _validations.tpl
│ │ │ └── _warnings.tpl
│ │ └── values.yaml
│ ├── Chart.yaml
│ ├── ci
│ │ ├── values-disaster-recovery.yaml
│ │ ├── values-metrics.yaml
│ │ └── values-pdb.yaml
│ ├── README.md
│ ├── templates
│ │ ├── configmap.yaml
│ │ ├── cronjob.yaml
│ │ ├── extra-list.yaml
│ │ ├── _helpers.tpl
│ │ ├── NOTES.txt
│ │ ├── pdb.yaml
│ │ ├── podmonitor.yaml
│ │ ├── secrets.yaml
│ │ ├── serviceaccount.yaml
│ │ ├── snapshot-pvc.yaml
│ │ ├── statefulset.yaml
│ │ ├── svc-headless.yaml
│ │ └── svc.yaml
│ └── values.yaml
├── Chart.yaml
├── README.md
├── templates
│ ├── configmap.yaml
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ ├── service-admin.yaml
│ └── service-gateway.yaml
└── values.yaml
注:因為apisix的helm chart會安裝etcd作為存儲,但是需要創建storageClass存儲類,chart里面默認是沒有制定的,后續執行安裝的時候會提示找不到storageClass然后報錯,所以要在ack集群上提前創建好storageClass,以防報錯
創建完成storageClass以后去apisix/charts/etcd目錄下找到values.yaml,去掉storageClass前面的注釋
[root@love:~/apisix/charts/etcd]# vim values.yaml
[root@love:~/apisix/charts/etcd ]# cat values.yaml | grep apisix-etcd
storageClass: "apisix-etcd" #換成你創建的storageClass
安裝 Apache APISIX 到目標 Kubernetes 集群中
helm install apisix ./apisix --set gateway.type=NodePort --set admin.allow.ipList="" --namespace ingress-apisix
創建了四個Service資源,apisix-etcd 和 apisix-etcd-headless是etcd服務, 一個是處理真實流量的apisix-gateway,;另一個是充當控制平面來處理所有配置更改的服務apisix-admin
網關服務類型設置為NodePort,以便客戶端可以通過節點 IP 和分配的端口訪問 Apache APISIX。
還有一點需要注意的是,該allow.ipList字段要根據Pod CIDR設置進行自定義,請注意我這里偷懶把所有的ip 都打開了,這個在生產環境下是不推薦這么干的。這樣apisix-ingress-controller實例才能訪問APISIX實例
安裝apisix-dashboard,將其安裝在與 Apache APISIX 相同的命名空間中
helm install apisix-dashboard apisix/apisix-dashboard --namespace ingress-apisix
安裝 apisix-ingress-controller,將其安裝在與 Apache APISIX 相同的命名空間中
helm install apisix-ingress-controller apisix/apisix-ingress-controller --set config.apisix.baseURL=http://apisix-admin:9180/apisix/admin --set config.apisix.adminKey=edd1c9f034335f136f87ad84b625c8f1 --namespace ingress-apisix
上述命令中使用的管理密鑰是默認的,如果您在部署 APISIX 時更改了管理密鑰配置,請記住在此處更改。將image.tag 更改為您想要的 apisix-ingress-controller 版本。
檢查是否安裝成功:
[root@love.k8sworker1.130-57:~/apisix-dome/dome/apisix/charts/etcd ]# kubectl get all --namespace ingress-apisix
NAME READY STATUS RESTARTS AGE
pod/apisix-d8db9949f-2xw9c 1/1 Running 0 4d20h
pod/apisix-dashboard-b644c497c-zn8l2 1/1 Running 0 5d4h
pod/apisix-etcd-0 1/1 Running 1 11d
pod/apisix-etcd-1 1/1 Running 1 11d
pod/apisix-etcd-2 1/1 Running 1 11d
pod/apisix-ingress-controller-596dd4ccd5-k89l4 1/1 Running 0 4d19h
pod/aspnetappdemo-5d59c845cd-4nhp2 1/1 Running 0 11d
pod/web-685fc76fc9-pl7mf 1/1 Running 0 11d
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/apisix-admin ClusterIP 192.168.93.207 <none> 9180/TCP 11d
service/apisix-dashboard ClusterIP 192.168.156.236 <none> 80/TCP 11d
service/apisix-etcd ClusterIP 192.168.106.199 <none> 2379/TCP,2380/TCP 11d
service/apisix-etcd-headless ClusterIP None <none> 2379/TCP,2380/TCP 11d
service/apisix-gateway NodePort 192.168.32.130 <none> 80:30092/TCP 11d
service/apisix-ingress-controller ClusterIP 192.168.14.132 <none> 80/TCP 4d19h
service/aspnetdemo NodePort 192.168.161.193 <none> 80:32668/TCP 11d
service/web ClusterIP 192.168.56.122 <none> 8080/TCP 11d
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/apisix 1/1 1 1 11d
deployment.apps/apisix-dashboard 1/1 1 1 11d
deployment.apps/apisix-ingress-controller 1/1 1 1 4d19h
deployment.apps/aspnetappdemo 1/1 1 1 11d
deployment.apps/web 1/1 1 1 11d
NAME DESIRED CURRENT READY AGE
replicaset.apps/apisix-5979b8d95f 0 0 0 5d20h
replicaset.apps/apisix-59bc85dc6c 0 0 0 5d4h
replicaset.apps/apisix-5ccd567b94 0 0 0 5d4h
replicaset.apps/apisix-665b9b4c76 0 0 0 5d4h
replicaset.apps/apisix-6b6c56b48f 0 0 0 6d20h
replicaset.apps/apisix-6f97f57df5 0 0 0 5d4h
replicaset.apps/apisix-755fcbcb8 0 0 0 5d20h
replicaset.apps/apisix-7b5bf74c66 0 0 0 5d4h
replicaset.apps/apisix-8969bc44 0 0 0 5d4h
replicaset.apps/apisix-8fcb7896f 0 0 0 4d20h
replicaset.apps/apisix-d8db9949f 1 1 1 4d20h
replicaset.apps/apisix-dashboard-57b5474cfd 0 0 0 11d
replicaset.apps/apisix-dashboard-6b44dc8b49 0 0 0 5d20h
replicaset.apps/apisix-dashboard-b644c497c 1 1 1 5d4h
replicaset.apps/apisix-ingress-controller-596dd4ccd5 1 1 1 4d19h
replicaset.apps/aspnetappdemo-5d59c845cd 1 1 1 11d
replicaset.apps/web-685fc76fc9 1 1 1 11d
replicaset.apps/web-79d88c97d6 0 0 0 11d
NAME READY AGE
statefulset.apps/apisix-etcd 3/3 11d
NAME AGE
containernetworkfilesystem.storage.alibabacloud.com/default-cnfs-nas-2dcf9ba-20211020180121 54d
訪問apisix-dashboard 的默認用戶名/密碼是admin/admin
