Etcd部署
helm方式安装
1
2
3
4
5
| helm repo add bitnami https://charts.bitnami.com/bitnami
helm pull bitnami/etcd
tar -xvf etcd-9.1.0.tgz
#注释 修改对应参数
helm install etcd -n ingress-apisix --set persistence.enabled=true ./
|
配置stroageclass
1
2
3
4
5
6
| global:
storageClass: "nfs"
disasterRecovery:
enabled: true
pvc:
storageClassName: nfs
|
创建pvc存储–省略
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data-etcd-0
namespace: etcd
labels:
app.kubernetes.io/component: etcd
app.kubernetes.io/instance: etcd
app.kubernetes.io/name: etcd
spec:
storageClassName: nfs
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
|
apisix等组件部署
helm配置
1
2
3
4
5
6
7
8
| helm repo add apisix https://charts.apiseven.com
helm pull apisix apisix/apisix
tar -xvf apisix-2.1.0.tgz
#默认情况下 apisix-ingress-controller 监视api group 中的[Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/)`networking/v1`资源,但是,如果您的 Kubernetes 集群早于`v1.19`,则需要更改 ingress 监视版本,这里修改apisix/charts/apisix-ingress-controller/values.yaml中ingressVersion=networking/v1beta1
# 安装
helm install apisix -n ingress-apisix --set etcd.enabled=false ./apisix
|
修改etcd配置
1
2
3
4
5
6
7
8
| #注释 修改etcd等对应参数
vim apisix/values.yaml
externalEtcd:
# -- if etcd.enabled is false, use external etcd, support multiple address, if your etcd cluster enables TLS, please use https scheme, e.g. https://127.0.0.1:2379.
host:
# host or ip e.g. http://172.20.128.89:2379
- http://etcd.etcd.svc.cluster.local:2379
- 密码
|
https://apisix.apache.org/docs/helm-chart/apisix-ingress-controller/
开启apisix- dashboard
1
2
3
4
5
6
7
8
9
10
11
12
13
14
| dashboard:
enabled: true
config:
conf:
etcd:
# -- Supports defining multiple etcd host addresses for an etcd cluster
endpoints:
- etcd.etcd.svc.cluster.local:2379
# -- apisix configurations prefix
prefix: "/apisix"
# -- Specifies etcd basic auth username if enable etcd auth
username: root
# -- Specifies etcd basic auth password if enable etcd auth
password: XXXXXX
|
开启apisix-ingress-controller
1
2
3
4
5
| ingress-controller:
enabled: true
config:
apisix:
adminAPIVersion: "v3"
|
接入k8s服务发现
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
| 修改apisix config配置文件添加如下内容:
discovery:
kubernetes: { }
#注释 赋予权限
#kind: ServiceAccount
#apiVersion: v1
#metadata:
# name: apisix-k8s
# namespace: apisix
#---
#
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: apisix-k8s
rules:
- apiGroups: [ "" ]
resources: [ endpoints ]
verbs: [ get,list,watch ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: apisix-k8s
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: apisix-k8s
subjects:
- kind: ServiceAccount
name: default
namespace: apisix
|
创建测试服务
1
2
3
4
5
6
7
8
9
10
11
12
13
14
| kubectl run nginx --image=nginx
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
selector:
run: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
clusterIP: None
|
配置路由
1
2
| 选择服务发现kubernetes
服务名称:default/nginx:80(命名空间/服务名:端口)
|
访问
访问apisix-gateway地址端口
配置ApisixRoute
创建路由
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| ---
apiVersion: apisix.apache.org/v2
kind: ApisixRoute
metadata:
name: test
spec:
http:
- name: rule1
match:
hosts:
- 1.test.testkai.com
paths:
- /*
backends:
- serviceName: nginx
servicePort: 80
|
访问
域名->nginx->apisix-gateway->pod
避坑点
- 请部署在ingress-apisix命名空间中,apisix-ingress-controller启动初始化会去连接apisix
1
2
3
4
5
| initContainers:
- command:
- sh
- -c
- until nc -z apisix-admin.ingress-apisix.svc.cluster.local 9180 ; do echo waiting for apisix-admin; sleep 2; done;
|