demos/api7-demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
daecf80731b8ad603641045f32ad5fce7772b93a
api7-demo/helm/api7ee-demo-k8s/README.md
d.viti f9d529ac87 Rename Helm chart to api7ee-demo-k8s 
- Changed chart name from api7ee to api7ee-demo-k8s in Chart.yaml
- Renamed helm/api7ee directory to helm/api7ee-demo-k8s
- Updated all references in build.yml workflow
- Updated all references in helm-release.yml workflow
- Updated main README.md with new chart name
- Updated Helm chart README with new chart name
- Verified all old references have been replaced
- Chart packages correctly as api7ee-demo-k8s-{version}.tgz
2025-10-03 02:31:23 +02:00

217 lines
5.4 KiB
Markdown
Raw Blame History

# API7 Enterprise Edition Helm Chart
This Helm chart deploys the API7 Enterprise Edition demo application, consisting of a Web frontend and API backend service.
## Prerequisites
- Kubernetes 1.19+
- Helm 3.8.0+
- PV provisioner support in the underlying infrastructure (optional)
- Ingress controller (e.g., NGINX Ingress Controller)
## Installation
### Add the Helm repository (if published)
```bash
helm repo add api7ee https://git.commandware.com/api/packages/demos/helm
helm repo update
```
### Install the chart
```bash
# Install with default values
helm install my-api7ee ./helm/api7ee-demo-k8s-demo-k8s
# Install in a specific namespace
helm install my-api7ee ./helm/api7ee-demo-k8s-demo-k8s --namespace api7ee --create-namespace
# Install with custom values file
helm install my-api7ee ./helm/api7ee-demo-k8s-demo-k8s -f custom-values.yaml
```
## Configuration
### API7 Gateway Integration
This Helm chart includes automatic API7 Gateway configuration using ADC (API7 Declarative CLI). When `api7.enabled` is set to `true`, the chart will:
1. **Deploy ADC Configuration**: Creates routes, services, and upstreams for your applications
2. **Configure TLS/SSL**: Manages certificates via cert-manager or custom certificates
3. **Enable Service Discovery**: Uses Kubernetes native service discovery
4. **Apply Security Policies**: Configures rate limiting, CORS, and authentication
5. **Auto-publish Routes**: Optionally publishes routes automatically after deployment
### Key Configuration Options
| Parameter | Description | Default |
|-----------|-------------|---------|
| `web.enabled` | Enable Web component | `true` |
| `web.replicaCount` | Number of Web replicas | `2` |
| `web.image.repository` | Web image repository | `api7ee/web` |
| `web.image.tag` | Web image tag | `main` |
| `web.service.port` | Web service port | `8000` |
| `api.enabled` | Enable API component | `true` |
| `api.replicaCount` | Number of API replicas | `3` |
| `api.image.repository` | API image repository | `api7ee/api` |
| `api.image.tag` | API image tag | `main` |
| `api.service.port` | API service port | `8080` |
| `ingress.enabled` | Enable ingress | `true` |
| `ingress.hosts[0].host` | Ingress hostname | `demo.commandware.it` |
| `api7.enabled` | Enable API7 ADC configuration | `true` |
| `api7.gateway.adminUrl` | API7 Gateway Admin API URL | `http://api7-gateway.api7ee:9180` |
| `api7.hosts` | Hosts for API7 routing | `[demo.commandware.it]` |
| `api7.tls.certManager.enabled` | Use cert-manager for TLS | `true` |
| `api7.autoPublish` | Auto-publish routes | `true` |
### Custom Values Examples
#### Configure API7 Gateway:
```yaml
api7:
enabled: true
gateway:
adminUrl: http://your-api7-gateway:9180
adminKey: "your-admin-key-here"
group: production
hosts:
- api.yourdomain.com
tls:
certManager:
enabled: true
issuer: letsencrypt-prod
plugins:
rateLimit:
enabled: true
count: 1000
timeWindow: 60
auth:
enabled: true
consumers:
- username: api-client
apiKey: secure-api-key-12345
```
#### Using a private registry:
```yaml
global:
imageRegistry: my-registry.example.com
imagePullSecrets:
- name: my-registry-secret
```
#### Enabling autoscaling:
```yaml
web:
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
targetCPUUtilizationPercentage: 70
```
#### Custom resource limits:
```yaml
api:
resources:
limits:
cpu: 2000m
memory: 2Gi
requests:
cpu: 1000m
memory: 1Gi
```
## Upgrading
```bash
# Upgrade to a new version
helm upgrade my-api7ee ./helm/api7ee-demo-k8s-demo-k8s
# Upgrade with new values
helm upgrade my-api7ee ./helm/api7ee-demo-k8s-demo-k8s --set web.replicaCount=3
```
## Uninstallation
```bash
# Uninstall the release
helm uninstall my-api7ee
# Uninstall from a specific namespace
helm uninstall my-api7ee --namespace api7ee
```
## Monitoring
If metrics are enabled, the services expose Prometheus-compatible metrics:
```yaml
metrics:
enabled: true
serviceMonitor:
enabled: true
interval: 30s
```
## Troubleshooting
### API7 ADC Sync Issues
If the ADC sync job fails:
```bash
# Check the job status
kubectl get jobs -l app.kubernetes.io/instance=my-api7ee
# View job logs
kubectl logs job/my-api7ee-adc-sync
# Manually run ADC sync
kubectl run adc-debug --rm -it --image=ghcr.io/api7/adc:latest -- /bin/sh
```
### Verify API7 Configuration
```bash
# Check if routes are configured
curl -H "X-API-KEY: your-admin-key" http://api7-gateway:9180/apisix/admin/routes
# Check service discovery
curl -H "X-API-KEY: your-admin-key" http://api7-gateway:9180/apisix/admin/upstreams
```
### Check deployment status:
```bash
kubectl get deployments -l app.kubernetes.io/instance=my-api7ee
```
### View logs:
```bash
# Web component logs
kubectl logs -l app.kubernetes.io/instance=my-api7ee,app.kubernetes.io/component=web
# API component logs
kubectl logs -l app.kubernetes.io/instance=my-api7ee,app.kubernetes.io/component=api
```
### Check HPA status:
```bash
kubectl get hpa -l app.kubernetes.io/instance=my-api7ee
```
## Security Considerations
- Pod Security Context is configured to run as non-root user (UID 1000)
- Security Context drops all capabilities and prevents privilege escalation
- Read-only root filesystem is enabled
- Network policies can be enabled to restrict traffic
## Support
For issues and questions, please contact support@commandware.com or visit https://git.commandware.com/demos/api7-demo
Reference in New Issue View Git Blame Copy Permalink