使用 helm 部署 apisix
apisix 介绍
Apache APISIX 是一个动态、实时、高性能的云原生 API 网关,提供了负载均衡、动态上游、灰度发布、服务熔断、身份认证、可观测性等丰富的流量管理功能。
官方地址:https://apisix.apache.org/zh/
部署
mkdir -p /data/yaml/apisix/apisix
cd /data/yaml/apisix/apisix
kubectl create ns apisix
helm repo add apisix https://charts.apiseven.com
helm pull apisix/apisix
# 可能版本有更新
tar zxvf apisix-2.6.0.tgz
cat my-values.yaml
resources:
limits:
cpu: 4
memory: 4Gi
requests:
cpu: 100m
memory: 200Mi
service:
http:
nodePort: 30078
tls:
nodePort: 30079
apisix:
ssl:
enabled: true
timezone: "Asia/Shanghai"
etcd:
global:
storageClass: "nfs-client"
resources:
limits:
cpu: 2
memory: 2Gi
requests:
cpu: 100m
memory: 100Mi
persistence:
size: 6Gi
dashboard:
enabled: true
config:
authentication:
users:
- username: admin
password: admin
resources:
limits:
cpu: 2
memory: 2Gi
requests:
cpu: 100m
memory: 100Mi
ingress-controller:
enabled: true
resources:
limits:
cpu: 2
memory: 2Gi
requests:
cpu: 100m
memory: 100Mi
config:
apisix:
serviceNamespace: apisix
helm -n apisix install apisix -f my-values.yaml ./apisix --dry-run
helm -n apisix install apisix -f my-values.yaml ./apisix
helm -n apisix ls
# 手动把 dashboard 端口暴露出去
cat svc-dashboard-nodeport.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: dashboard
name: apisix-dashboard-nodeport
namespace: apisix
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
nodePort: 30077
selector:
app.kubernetes.io/instance: apisix
app.kubernetes.io/name: dashboard
type: NodePort
kubectl apply -f svc-dashboard-nodeport.yaml
测试
# 获取 apisix-admin 的IP
kubectl -n apisix get svc|grep apisix-admin|awk '{print $3}'
# 这里的 svc 的 IP 是 10.109.243.244
curl -i "http://10.109.243.244:9180/apisix/admin/routes" -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"id": "getting-started-ip",
"uri": "/ip",
"upstream": {
"type": "roundrobin",
"nodes": {
"httpbin.org:80": 1
}
}
}'
# 172.16.16.108 是宿主节点的ip
curl "http://172.16.16.108:30078/ip"
# 返回类似下面结果
{
"origin": "183.94.122.205"
}
使用 Nginx 部署四层代理来接入外部流量
mkdir /data/software
cd /data/software/
# 上传 nginx-1.22.0.tar.gz 到该目录下
tar zxvf nginx-1.22.0.tar.gz
yum install gcc gcc-c++ pcre pcre-devel openssl openssl-devel -y
useradd nginx -s /sbin/nologin -M
cd nginx-1.22.0
./configure --user=nginx --group=nginx --prefix=/usr/local/nginx-1.22.0 --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --with-stream
make && make install
ln -s /usr/local/nginx-1.22.0 /usr/local/nginx
cd /usr/local/nginx/conf
cat nginx.conf
user nginx;
worker_processes auto;
events {
use epoll;
worker_connections 1024;
}
# 四层负载均衡
stream {
server {
listen 80;
proxy_pass 172.16.16.108:30078;
}
server {
listen 443;
proxy_pass 172.16.16.108:30079;
}
}
http {
server_tokens off;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 32k;
gzip_comp_level 3;
gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/javascript;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";
include ../conf.d/*.conf;
include ../conf.d/*/*.conf;
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
}
/usr/local/nginx/sbin/nginx -t
/usr/local/nginx/sbin/nginx
浏览器输入 Nginx 所在的 IP地址,成功完成代理
浙公网安备 33010602011771号