blob: f63d17dd6c94aaaf2d53a8ffbda4b7f818c65ea7 [file] [log] [blame] [view]
---
title: GKE (Google)
keywords:
- APISIX ingress
- Apache APISIX
- Kubernetes ingress
- Google Cloud Platform
description: Guide to install APISIX ingress controller on Google Kubernetes Engine (GKE).
---
<!--
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
-->
This guide explains how you can install APISIX ingress on [Google Kubernetes Engine (GKE)](https://cloud.google.com/kubernetes-engine).
## Prerequisites
Setting up APISIX ingress on GKE requires the following:
* [Create a GKE cluster](https://cloud.google.com/kubernetes-engine/docs/deploy-app-cluster#create_cluster) on Google Cloud.
* Install [Google Cloud SDK](https://cloud.google.com/sdk) and update the credentials in your kube config file or use the [shell](https://cloud.google.com/shell).
* Install [Helm](https://helm.sh/).
## Install APISIX and ingress controller
The script below installs APISIX and the ingress controller:
```shell
helm repo add apisix https://charts.apiseven.com
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
kubectl create ns ingress-apisix
helm install apisix apisix/apisix \
--set gateway.type=LoadBalancer \
--set ingress-controller.enabled=true \
--namespace ingress-apisix \
--set ingress-controller.config.apisix.serviceNamespace=ingress-apisix
kubectl get service --namespace ingress-apisix
```
:::note
By default, APISIX ingress controller will watch the apiVersion of `networking.k8s.io/v1`.
If the target Kubernetes version is under `v1.19`, add the flag `--set ingress-controller.config.kubernetes.ingressVersion=networking/v1beta1`.
Else, if your Kubernetes cluster version is under `v1.16`, set the flag `--set ingress-controller.config.kubernetes.ingressVersion=extensions/v1beta1`.
:::
This will create the five resources mentioned below:
* `apisix-gateway`: dataplane the process the traffic.
* `apisix-admin`: control plane that processes all configuration changes.
* `apisix-ingress-controller`: ingress controller which exposes APISIX.
* `apisix-etcd` and `apisix-etcd-headless`: stores configuration and handles internal communication.
The gateway service type will be set to `LoadBalancer`. Clients can access Apache APISIX through the [GKE Load Balancer](https://cloud.google.com/kubernetes-engine/docs/concepts/service#services_of_type_loadbalancer).
You can find the load balancer IP address by running:
```shell
kubectl get service apisix-gateway --namespace ingress-apisix -o jsonpath='{.status.loadBalancer.ingress[].ip}'
```
You should now be able to use APISIX ingress controller. You can try running this [minimal example](../tutorials/proxy-the-httpbin-service.md) to see if everything is working perfectly.
## Next steps
### Enable SSL
SSL is disabled by default. You can enable it by adding the flag `--set gateway.tls.enabled=true`.
### Change default keys
It is recommended to change the default keys for security:
```shell
--set ingress-controller.config.apisix.adminKey=ADMIN_KEY_GENERATED_BY_YOURSELF
```
```shell
--set admin.credentials.admin=ADMIN_KEY_GENERATED_BY_YOURSELF
```
```shell
--set admin.credentials.viewer=VIEWER_KEY_GENERATED_BY_YOURSELF
```
:::note
The `ingress-controller.config.apisix.adminKey` and `admin.credentials.admin` must be the same. It is better if these are not same as `admin.credentials.viewer`.
:::