BestHub
Sign in
Cloud Native 11 min read

Deploying Apache APISIX as a Kubernetes Ingress Controller with Helm

This article introduces Apache APISIX, a high‑performance API gateway built on OpenResty and etcd, explains its architecture, demonstrates how to install it as a Kubernetes Ingress controller using Helm charts, and shows configuration, routing, and dashboard usage with example manifests and commands.

DevOps Cloud Academy
DevOps Cloud Academy
DevOps Cloud Academy
Deploying Apache APISIX as a Kubernetes Ingress Controller with Helm

Apache APISIX is a dynamic, real‑time, high‑performance API gateway based on OpenResty and etcd, offering features such as load balancing, dynamic routing, A/B testing, rate limiting, circuit breaking, authentication, monitoring, and service observability for both north‑south and east‑west traffic.

Compared with traditional API gateways, APISIX provides dynamic routing and hot‑loaded plugins, supports multiple protocols (HTTP/HTTPS, HTTP2, Dubbo, QUIC, MQTT, TCP/UDP), includes a built‑in Dashboard, and allows custom plugin development.

The architecture separates the data plane (handling client requests) and the control plane (managing routes via etcd). The control plane watches etcd for route and upstream changes, while the data plane processes traffic accordingly.

APISIX Ingress

APISIX can serve as a Kubernetes Ingress controller. The controller component manages configuration and distributes it, while the APISIX proxy handles business traffic. Users apply custom CRD resources with kubectl apply , and the controller watches these resources to update APISIX via its admin API.

APISIX Ingress adopts a split data‑plane/control‑plane architecture, allowing flexible deployment of the data plane inside or outside the Kubernetes cluster, unlike Ingress Nginx which couples both planes in a single pod.

Key features of the APISIX Ingress controller include:

Fully dynamic routing with advanced match rules and support for over 50 built‑in plugins and custom plugins.

CRD support for declarative configuration.

Compatibility with native Ingress resources.

Traffic splitting.

Automatic service registration and discovery.

Flexible load‑balancing strategies with health checks.

Support for gRPC and TCP layer‑4 proxying.

Installation

Install APISIX in a Kubernetes cluster using the official Helm chart. First, add the chart repository:

➜ helm repo add apisix https://charts.apiseven.com
➜ helm repo update

Fetch and extract the chart, then create a custom values file (e.g., apisix/ci/prod.yaml ) to enable the Ingress controller and configure components:

# ci/prod.yaml
apisix:
  enabled: true

  nodeSelector:  # fixed to node2
    kubernetes.io/hostname: node2

gateway:
  type: NodePort
  externalTrafficPolicy: Cluster
  http:
    enabled: true
    servicePort: 80
    containerPort: 9080

etcd:
  enabled: true  # creates a 3‑node etcd cluster by default
  replicaCount: 1

dashboard:
  enabled: true

ingress-controller:
  enabled: true
  config:
    apisix:
      serviceName: apisix-admin
      serviceNamespace: apisix
Note: The official Helm chart’s etcd multi‑node support may require template adjustments; for testing, a single‑node etcd cluster is used.

If a default StorageClass is not present, install an NFS provisioner to provide one:

➜ helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/
➜ helm upgrade --install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \
    --set nfs.server=192.168.31.31 \
    --set nfs.path=/var/lib/k8s/data \
    --set image.repository=cnych/nfs-subdir-external-provisioner \
    --set storageClass.defaultClass=true -n kube-system

After the StorageClass is created, install APISIX with the custom values:

➜ helm upgrade --install apisix ./apisix -f ./apisix/ci/prod.yaml -n apisix

The deployment should show running pods and services for APISIX, its dashboard, etcd, and the ingress controller.

Testing

Create an ApisixRoute resource to expose the dashboard:

apiVersion: apisix.apache.org/v2beta2
kind: ApisixRoute
metadata:
  name: dashboard
  namespace: apisix
spec:
  http:
  - name: root
    match:
      hosts:
      - apisix.qikqiak.com
      paths:
      - "/*"
    backends:
    - serviceName: apisix-dashboard
      servicePort: 80

The ingress controller translates this CRD into APISIX configuration, which can be verified with:

➜ kubectl get apisixroute -n apisix

Access the dashboard via the APISIX gateway NodePort (default credentials: admin/admin). The dashboard UI displays the created route and its upstream service, demonstrating how APISIX maps Kubernetes Endpoints to upstreams and handles load balancing.

The APISIX dashboard also allows configuring plugins, traffic splitting, authentication, and other advanced features directly from the UI, and supports both CRD‑based and native Ingress resources.

Cloud NativeKubernetesAPI GatewayIngressAPISIXHelm
DevOps Cloud Academy
Written by

DevOps Cloud Academy

Exploring industry DevOps practices and technical expertise.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment