This article shows the procedure of installing and deploying Apache and Apache Ingress Controller in the Rancher App Store (Catalog), and how to proxy Kubernetes services through them.

Prerequisite​

Existing Kubernetes clusters are all hosted on Rancher.

Step 1: Configure Helm Chart in Rancher​

Visit Rancher’s Tools — Catalogs page.

Click “Edit Catalog”, enter https://github.com/apache/-helm-chart in “Catalog URL” to add the Helm repository for Apache in Rancher.

Click “Save” to save the changes.

Select the Apps page, select Launch to see the Apache repository information. Here we can directly select “” to deploy Apache .

Since we want to deploy Ingress controller at the same time, fill in the ingress-controller.enabled=true in the Answers at the bottom. Then click 'Save" to complete the deployment.

Wait a few moments for the deployment to complete.

Step 2: Deploy an Example Project​

We use kennethreitz/httpbin as a sample project for demonstration purpose. The deployment is also done directly in Rancher.

Step 3: Use Apache as an API Gateway to Proxy Services​

First, We demonstrate how to use Apache as a gateway to proxy services in a Kubernetes cluster.

root@:~$ kubectl -n  exec -it `kubectl -n  get pods -l app.kubernetes.io/name= -o name` -- bashbash-5.1# curl httpbin.default/get{  "args": {},  "headers": {    "Accept": "*/*",    "Host": "httpbin.default",    "User-Agent": "curl/7.76.1"  },  "origin": "10.244.3.3",  "url": "http://httpbin.default/get"}

You can see that the sample project can be accessed normally from within the Apache Pod. Next, we use Apache to proxy the sample project.

Here we use curl to call the admin interface of Apache to create a route. All requests with a host header of httpbin.org are forwarded to the actual application service httpbin.default:80.

bash-5.1# curl "http://127.0.0.1:9180//admin/routes/1" -H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '{  "uri": "/*",  "host": "httpbin.org",  "upstream": {    "type": "roundrobin",    "nodes": {      "httpbin.default:80": 1    }  }}'{"action":"set","node":{"value":{"uri":"\/*","create_time":1623834078,"update_time":1623834078,"priority":0,"upstream":{"type":"roundrobin","hash_on":"vars","pass_host":"pass","nodes":{"httpbin.default:80":1},"scheme":"http"},"id":"1","status":1,"host":"httpbin.org"},"key":"\/\/routes\/1"}}

You will get an output similar to the above code block. Next, verify that the proxy is successful.

bash-5.1# curl http://127.0.0.1:9080/get -H "HOST: httpbin.org"{  "args": {},  "headers": {    "Accept": "*/*",    "Host": "httpbin.org",    "User-Agent": "curl/7.76.1",    "X-Forwarded-Host": "httpbin.org"  },  "origin": "127.0.0.1",  "url": "http://httpbin.org/get"}

The above output shows that the sample project traffic has been proxied through Apache . Next, let’s try accessing the sample project from outside the cluster via Apache .

root@:~$ kubectl  -n  get svc -l app.kubernetes.io/name=NAME             TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE-admin     ClusterIP   10.96.142.88    <none>        9180/TCP       51m-gateway   NodePort    10.96.158.192   <none>        80:32763/TCP   51m

When deployed using Helm chart, the Apache port is exposed by default as a NodePort. We use the Node IP + NodePort port for access testing.

root@:~$ curl http://172.18.0.2:32763/get -H "HOST: httpbin.org"{  "args": {},  "headers": {    "Accept": "*/*",    "Host": "httpbin.org",    "User-Agent": "curl/7.58.0",    "X-Forwarded-Host": "httpbin.org"  },  "origin": "10.244.3.1",  "url": "http://httpbin.org/get"}

As you can see, Apache is able to proxy services within a Kubernetes cluster outside the cluster.

Step 4: Use Apache Ingress Controller Proxy Service​

We can add Ingress directly to Rancher and the Apache Ingress controller will automatically synchronize the routing rules to Apache to complete the proxy for the service.

Note in the bottom right corner, we have added the annotation configuration kubernetes.io/ingress.class: to support multiple ingress-controller scenarios in the cluster.

After saving, you can see the following screen.

Test if the proxy is successful under the terminal：

root@:~$ curl http://172.18.0.2:32763/get -H "HOST: httpbin-ing.org"{  "args": {},  "headers": {    "Accept": "*/*",    "Host": "httpbin-ing.org",    "User-Agent": "curl/7.58.0",    "X-Forwarded-Host": "httpbin-ing.org"  },  "origin": "10.244.3.1",  <span class="token string" style="color: rgb(