KubeSphere
This guide explains how you can install APISIX ingress on KubeSphere distributed operating system.
#
PrerequisitesSetting up APISIX ingress on KubeSphere requires the following:
- Install KubeSphere on Linux or minimally on Kubernetes.
- Install Helm.
#
Install APISIX and ingress controllerThe script below installs APISIX and the ingress controller:
helm repo add apisix https://charts.apiseven.com
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
kubectl create ns ingress-apisix
helm install apisix apisix/apisix \
--set gateway.type=NodePort \
--set ingress-controller.enabled=true \
--namespace ingress-apisix \
--set ingress-controller.config.apisix.serviceNamespace=ingress-apisix
kubectl get service --namespace ingress-apisix
note
By default, APISIX ingress controller will watch the apiVersion of networking.k8s.io/v1
.
If the target Kubernetes version is under v1.19
, add the flag --set ingress-controller.config.kubernetes.ingressVersion=networking/v1beta1
.
Else, if your Kubernetes cluster version is under v1.16
, set the flag --set ingress-controller.config.kubernetes.ingressVersion=extensions/v1beta1
.
This will create the five resources mentioned below:
apisix-gateway
: dataplane the process the traffic.apisix-admin
: control plane that processes all configuration changes.apisix-ingress-controller
: ingress controller which exposes APISIX.apisix-etcd
andapisix-etcd-headless
: stores configuration and handles internal communication.
The gateway service type is set to NodePort
. Clients can access APISIX through the Node IPs and the assigned port. To use a service of type LoadBalancer
with KubeSphere use a bare-metal load balancer implementation like openelb.
You should now be able to use APISIX ingress controller. You can try running this minimal example to see if everything is working perfectly.
#
Next steps#
Enable SSLSSL is disabled by default. You can enable it by adding the flag --set gateway.tls.enabled=true
.
#
Change default keysIt is recommended to change the default keys for security:
--set ingress-controller.config.apisix.adminKey=ADMIN_KEY_GENERATED_BY_YOURSELF
--set admin.credentials.admin=ADMIN_KEY_GENERATED_BY_YOURSELF
--set admin.credentials.viewer=VIEWER_KEY_GENERATED_BY_YOURSELF
note
The ingress-controller.config.apisix.adminKey
and admin.credentials.admin
must be the same. It is better if these are not same as admin.credentials.viewer
.