Install Ingress APISIX on K3S and Rancher RKE
This document explains how to install Ingress APISIX on k3S and Rancher RKE.
K3S is a certified Kubernetes distribution built for IoT and Edge computing, whilst Apache APISIX is also good at IoT (See MQTT plugin) and runs well on ARM architecture. It's a good choice to use Ingress APISIX as the north-south API gateway in K3S.
Prerequisites#
- Install K3S or Rancher RKE.
- Install Helm.
- Clone Apache APISIX Charts.
- Make sure your target namespace exists, kubectl operations through this document will be executed in namespace ingress-apisix.
Install APISIX#
Apache APISIX as the proxy plane of apisix-ingress-controller, should be deployed in advance.
cd /path/to/apisix-helm-chart
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo add apisix https://charts.apiseven.com
# Use `helm search repo apisix` to search charts about apisix
helm repo update
helm install apisix apisix/apisix \
  --set gateway.type=NodePort \
  --set admin.allow.ipList="{0.0.0.0/0}" \
  --namespace ingress-apisix \
  --kubeconfig /etc/rancher/k3s/k3s.yaml
kubectl get service --namespace ingress-apisix
If you are using K3S, the default kubeconfig file is in /etc/rancher/k3s and root permission may required.
Two Service resources were created, one is apisix-gateway, which processes the real traffic; another is apisix-admin, which acts as the control plane to process all the configuration changes.
The gateway service type is set to NodePort, so that clients can access Apache APISIX through the Node IPs and the assigned port.
If you are using K3S and you want to expose a LoadBalancer service, try to use Klipper.
Another thing should be concerned that the allow.ipList field should be customized according to the Pod CIDR settings(see K3S or Rancher RKE, so that the apisix-ingress-controller instances can access the APISIX instances (resources pushing).
Install apisix-ingress-controller#
You can also install apisix-ingress-controller by Helm Charts, it's recommended to install it in the same namespace with Apache APISIX.
cd /path/to/apisix-helm-chart
# install apisix-ingress-controller
helm install apisix-ingress-controller apisix/apisix-ingress-controller \
  --set image.tag=dev \
  --set config.apisix.baseURL=http://apisix-admin:9180/apisix/admin \
  --set config.apisix.adminKey=edd1c9f034335f136f87ad84b625c8f1 \
  --namespace ingress-apisix \
  --kubeconfig /etc/rancher/k3s/k3s.yaml
If you are using K3S, the default kubeconfig file is in /etc/rancher/k3s and root permission may required.
The admin key used in above mentioned commands is the default one, if you change the admin key configuration when you deployed APISIX, please remember to change it here.
Change the image.tag to the apisix-ingress-controller version that you desire. You have to wait for while until the corresponding pods are running.
Now try to create some resources to verify the running status. As a minimalist example, see proxy-the-httpbin-service to learn how to apply resources to drive the apisix-ingress-controller.