- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Instance Management
- Service Management
- Creating API
- API Creation Overview
- Creating APIs Connecting to the Public URL/IP Backend
- Creating APIs Connecting to the VPC Resource Backend
- Creating APIs Connecting to the SCF Backend
- Creating API for Interconnecting Backend with COS
- Creating APIs Connecting to the Mock Backend
- Creating APIs Connecting to the TSF Backend
- Importing APIs
- API Management
- Calling API
- Release and Access
- Custom Domain Name and Certificate
- Usage Plan
- Backend Upstream
- Verification and Security
- Log Statistics
- Access Monitoring
- API Doc Generator
- Application Management
- Permission Management
- Precautions
- Private IP Ranges and Public VIPs of API Gateway Regions
- Plugin Usage
- Best Practices
- Making Serverless Service Available quickly through API Gateway
- Integrating WAF to API Gateway for Security Protection
- Accessing Resources in IDC via API Gateway Dedicated Instance
- Quick Access to TEM Application via API Gateway
- Integrating ECDN to API Gateway for Acceleration
- API Gateway Providing the Access Capability for TKE
- Migrating from Region A to Region B
- Development Guide
- API Documentation
- Legacy Features
- FAQs
- Service Level Agreement
- Contact Us
- Glossary
- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Instance Management
- Service Management
- Creating API
- API Creation Overview
- Creating APIs Connecting to the Public URL/IP Backend
- Creating APIs Connecting to the VPC Resource Backend
- Creating APIs Connecting to the SCF Backend
- Creating API for Interconnecting Backend with COS
- Creating APIs Connecting to the Mock Backend
- Creating APIs Connecting to the TSF Backend
- Importing APIs
- API Management
- Calling API
- Release and Access
- Custom Domain Name and Certificate
- Usage Plan
- Backend Upstream
- Verification and Security
- Log Statistics
- Access Monitoring
- API Doc Generator
- Application Management
- Permission Management
- Precautions
- Private IP Ranges and Public VIPs of API Gateway Regions
- Plugin Usage
- Best Practices
- Making Serverless Service Available quickly through API Gateway
- Integrating WAF to API Gateway for Security Protection
- Accessing Resources in IDC via API Gateway Dedicated Instance
- Quick Access to TEM Application via API Gateway
- Integrating ECDN to API Gateway for Acceleration
- API Gateway Providing the Access Capability for TKE
- Migrating from Region A to Region B
- Development Guide
- API Documentation
- Legacy Features
- FAQs
- Service Level Agreement
- Contact Us
- Glossary
TKE Upstream Configuration
Last updated: 2022-07-08 16:23:25
This document is currently invalid. Please refer to the documentation page of the product.
Overview
You can directly access Pods in a TKE cluster through API Gateway without passing through CLB. This document describes how to create a TKE upstream and configure it as the backend type of an API in the console, so that requests from API Gateway go directly to the corresponding Pod of the TKE upstream.
Strengths
- API Gateway is directly connected to the Pods of the TKE cluster, reducing intermediate nodes (such as CLB).
- A TKE upstream can connect multiple TKE clusters at the same time.
Note:TKE upstreams are currently only supported by dedicated API Gateway instances.
Prerequisites
- You have a dedicated instance.
- You have an TKE cluster and have obtained its admin role.
Directions
Step 1. Create a TKE upstream
- Log in to the API Gateway console.
- Select Backend Upstream on the left sidebar and click Create.
- On the Create Backend Upstream page, enter the following information:
- Backend Upstream Name: Enter a custom name.
- Upstream Type: Select TKE upstream.
- VPC: Select a VPC.
- Service List: Up to 20 services can be configured in the service list. The weighted round robin algorithm is used to distribute traffic among multiple Pods. The steps to configure a service are as follows:
- Enter the weight ratio of each Pod of the service.
- Select the cluster. If the cluster has not been authorized, API Gateway will request authorization.
- Select a namespace in the cluster.
- Select the service and its port.
- Advanced options: Select additional node labels.
- Backend Type: Select HTTP or HTTPS.
- Host Header: It is optional and is the value of host in the request header carried in the HTTP/HTTPS request when API Gateway accesses the backend service.
- Tags: They are optional and manage resources by category in different dimensions.
Step 2. Connect the API backend to the TKE upstream
- On the Service page in the API Gateway console, click the target service ID to enter the API management page.
- Click Create to create a general API.
- Enter the frontend configuration information and click Next.
- Select VPC resources as the backend type, select TKE upstream as the backend upstream type, and click Next.
- Set the response result and click Complete.
Network Architecture
After the TKE upstream is bound to the API, the architecture of the entire network is as follows:
API Gateway directly accesses the Pods in the TKE cluster without passing through CLB. The YAML configuration file of the cluster's httpbin service is as follows, where the selector indicates that the Pod with the tag key app and tag value httpbin is selected as the node of the TKE upstream. Therefore, Pods on versions 1/2/3 are also nodes of the TKE upstream.
apiVersion: v1
kind: Service
metadata:
name: httpbin
labels:
app: httpbin
service: httpbin
spec:
ports:
- name: http
port: 8000
targetPort: 80
selector:
app: httpbin
Notes
- A TKE upstream can connect up to 20 TKE services.
- You should have the admin role of the TKE cluster.
- The TKE upstream and the dedicated API Gateway instance must be in the same region. Currently, API Gateway doesn't support cross-VPC access.
Yes
No
Was this page helpful?