Expose services with an APIG Ingress

Use APIG Ingress to expose in-cluster services through Cloud-native API Gateway.

Important

For security reasons, APIG Ingress does not allow you to expose services in the kube-system namespace.

Prerequisites

You have created an ACK managed cluster that runs Kubernetes 1.18 or later.
You have granted the required permissions to the APIG Controller.

Install the APIG Controller

Log on to the ACK console. In the left navigation pane, click Clusters.
On the Clusters page, click the name of your cluster. In the left navigation pane, click Components and Add-ons.
On the Add-ons page, search for APIG and click Install on the APIG Controller card.
In the Install APIG Controller dialog box, configure the parameters and click OK.
- Create:
  
  Automatically creates a pay-as-you-go Cloud-native API Gateway instance with the apig.small.x1 specification.
  Important
  - When you select Create, an ApigConfig resource and a Cloud-native API Gateway instance are created by default. Deleting the ApigConfig resource also deletes the associated Cloud-native API Gateway instance. Do not delete the ApigConfig resource.
  - If an IngressClass named apig already exists in the cluster, the add-on does not create an ApigConfig resource or a Cloud-native API Gateway instance.
- Select Existing VPC :
  
  Select an existing pay-as-you-go Cloud-native API Gateway instance. The instance must be in the same VPC as the cluster and not bound to another cluster.
If a Failed to pass the precheck. error occurs during installation, grant the required permissions to the APIG Controller.
After installation, an ApigConfig resource named apig-controller-pro-{clusterid} appears in the cluster. In the Cloud-native API Gateway console, a gateway instance named apig-controller-pro-{clusterid} appears in the corresponding region.

Create a sample application

On the Clusters page, click the name of your cluster. In the left navigation pane, click Workloads > Deployments.

On the Deployments page, click Create from YAML. Use the following YAML to deploy a Deployment named httpbin and a Service named httpbin.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: httpbin
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: httpbin
  template:
    metadata:
      labels:
        app: httpbin
        version: v1
    spec:
      containers:
        - image: registry.cn-hangzhou.aliyuncs.com/mse-ingress/go-httpbin
          args:
            - "--version=v1"
          imagePullPolicy: Always
          name: httpbin
---
apiVersion: v1
kind: Service
metadata:
  name: httpbin
  namespace: default
spec:
  ports:
    - port: 8080
      protocol: TCP
  selector:
    app: httpbin
  type: ClusterIP

Click View and verify the pod status is Running.

Configure the APIG Ingress

In the navigation pane on the left, choose Ingresses > Ingresses. On the Ingresses page, click Create Ingress.
In the Create Ingress dialog box, set Gateway Type to APIG Ingress, Ingresses to Prefix Match, and Path to / to forward requests to the httpbin service, and click OK.
On the Ingresses page, find the Ingress endpoint in the Endpoint column. Access endpoint/version or gateway public IP/version from a browser or CLI. A response of version: v1 confirms the Ingress works.
Log on to the Cloud-native API Gateway console. In the corresponding gateway instance, find an API whose name contains {gwid}-ingress.

References

Manage APIG Ingress