Installing APISIX

APISIX (Minimal Installation Guide) (Non-Production Ready)

This guide helps you deploy a minimal installation of Apache APISIX using the Bitnami Helm chart. This setup is ideal for development or testing environments and is not production-ready.

Note: If you followed the steps in the Installation and Configuration section, no changes are needed in the values.yaml file, these components are already configured correctly.

Step 1: Generate API Keys

You will need two secure, base64-encoded tokens: one for administrator access and one for viewer access.

Run this command twice in your terminal to generate two separate 32-character alphanumeric, base64-encoded tokens:
head /dev/urandom | tr -dc A-Za-z0-9 | head -c32 | base64

Step 2: Create the API Keys Secret

Create a file named token.yaml with the following content. Replace <first-generated-password> and <second-generated-password> with the unique tokens you generated in Step 1.
apiVersion: v1
kind: Secret
metadata:
  name: apisix-api-keys
type: Opaque
data:
  admin-key: <first-generated-password>
  viewer-key: <second-generated-password>
Apply this secret to your Kubernetes namespace:
kubectl --namespace $NAMESPACE apply -f token.yaml

Replace $NAMESPACE with your target Kubernetes namespace.

Step 3: Create values.yaml for Helm

Create a file named values.yaml with the following configuration.

If you plan to expose APISIX via an ingress, ensure you update the fallback_sni value to match your TLS hostname. This value must also be included in uno.agenticAIBuilder.common.apisix.extraTLSHosts in your overall application configuration.

controlPlane:
  existingSecret: "apisix-api-keys"
  existingSecretAdminTokenKey: "admin-key"
  existingSecretViewerTokenKey: "viewer-key"
  extraConfig:
    apisix:
      ssl:
        fallback_sni: "apisix.control.plane" # Update this if using ingress
    deployment:
      role: traditional
      role_traditional:
        config_provider: etcd
  service:
    extraPorts:
      - name: http
        port: 80
        targetPort: 9080
      - name: https
        port: 443
        targetPort: 9443

  # Workaround for 'worker_events.sock' bind error (see Troubleshooting below)
  command: ["/bin/sh", "-c"]
  args:
    - |
      if [ -e /usr/local/apisix/logs/worker_events.sock ]; then
        echo "Socket file exists. Removing socket file."
        rm -f /usr/local/apisix/logs/worker_events.sock
      fi
      exec openresty -p /usr/local/apisix -g "daemon off;"

ingressController:
  enabled: true
  ingressClass:
    name: "apisix"
    create: true
  extraConfig:
    log_level: "info"
    kubernetes:
      namespace_selector:
        - "apisix.watched.namespace=true"

dataPlane:
  enabled: false

etcd:
  replicaCount: 2

Step 4: Label the Namespace

Label the Kubernetes namespace where APISIX or AgenticBuilder is installed. This informs the ingress controller which namespaces it should monitor.

kubectl label namespace $NAMESPACE apisix.watched.namespace=true

Replace $NAMESPACE with your target Kubernetes namespace.

Step 5: Install APISIX with Helm

Run the following command to install APISIX using the values.yaml file you created:
helm --namespace $NAMESPACE install apisix \
  oci://registry-1.docker.io/bitnamicharts/apisix \
  -f values.yaml

Replace $NAMESPACE with your target Kubernetes namespace.

Result: You now have a minimal APISIX installation configured with basic authentication, an etcd backend, and ingress enabled.

Remember: This is a minimal, non-production setup. For production environments, ensure proper TLS configuration, persistence for data, robust scaling, and comprehensive monitoring are enabled.