Kubernetes Gateway API 高级流量路由实战

3 镜像准备

3.1 拉取镜像

docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/openjdk:8-jdk
docker tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/openjdk:8-jdk openjdk:8-jdk
docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/library/nginx:1.25
docker tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/library/nginx:1.25 nginx:1.25
docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/library/redis:6.2.17
docker tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/library/redis:6.2.17 redis:6.2.17
docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/envoyproxy/gateway:v1.0.0
docker tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/envoyproxy/gateway:v1.0.0 envoyproxy/gateway:v1.0.0
docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/envoyproxy/envoy:distroless-v1.29.2
docker tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/envoyproxy/envoy:distroless-v1.29.2 envoyproxy/envoy:distroless-v1.29.2
docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/envoyproxy/gateway-dev:72c0cc7
docker tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/envoyproxy/gateway-dev:72c0cc7 envoyproxy/gateway-dev:72c0cc7

3.2 后端镜像

# 安装工具
yum install -y maven npm
# 下载若依
git clone https://gitee.com/y_project/RuoYi-Vue.git
# 修改配置
vim RuoYi-Vue/ruoyi-admin/src/main/resources/application-druid.yml
-----------------------------------------------------------------------------------------
spring:
  datasource:
    type: com.alibaba.druid.pool.DruidDataSource
    driverClassName: com.mysql.cj.jdbc.Driver
    druid:
      master:
        url: ${SPRING_DATASOURCE_URL}
        username: ${SPRING_DATASOURCE_USERNAME}
        password: ${SPRING_DATASOURCE_PASSWORD}
#----------------------------------------------------------------------------------------
vim RuoYi-Vue/ruoyi-admin/src/main/resources/application.yml
-----------------------------------------------------------------------------------------
spring:
  redis:
    host: ${SPRING_REDIS_HOST}
    port: ${SPRING_REDIS_PORT}
    database: 0
    password:
    timeout: 10s
#----------------------------------------------------------------------------------------
# 本地打包
cd /opt/ry/RuoYi-Vue
mvn clean package
# 构建推送
cd /opt/ry/RuoYi-Vue/ruoyi-admin/target
vim Dockerfile
-----------------------------------------------------------------------------------------
FROM openjdk:8-jdk
WORKDIR /app
COPY ruoyi-admin.jar app.jar
EXPOSE 8080
ENTRYPOINT ["java","-Djava.awt.headless=true","-jar","app.jar"]
#----------------------------------------------------------------------------------------
docker build -t ruoyi-admin:v1.0 .
docker push ruoyi-admin:v1.0
# 将镜像传给 node 节点
docker save -o ruoyi-admin-v1.0.tar ruoyi-admin:v1.0
scp ruoyi-admin-v1.0.tar root@node01:/opt
scp ruoyi-admin-v1.0.tar root@node02:/opt
docker load -i ruoyi-admin-v1.0.tar

3.3 前端镜像

# 构建镜像
cd ruoyi-ui
npm install
npm run build:prod
# 编写配置文件
vim nginx.conf
-----------------------------------------------------------------------------------------
server {
    listen 80;
    location / {
        root /usr/share/nginx/html;
        index index.html;
        try_files $uri$uri/ /index.html;
    }
    location /prod-api/ {
        proxy_pass http://ruoyi-admin:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
#----------------------------------------------------------------------------------------
vim Dockerfile
-----------------------------------------------------------------------------------------
FROM nginx:1.25
COPY dist/ /usr/share/nginx/html/
COPY nginx.conf /etc/nginx/conf.d/default.conf
#----------------------------------------------------------------------------------------
# 构建推送
docker build -t ruoyi-ui:v1.0 .
docker push ruoyi-ui:v1.0
# 将镜像传给 node 节点
docker save -o ruoyi-ui-v1.0.tar ruoyi-ui:v1.0
scp ruoyi-ui-v1.0.tar root@node01:/opt
scp ruoyi-ui-v1.0.tar root@node02:/opt
docker load -i ruoyi-ui-v1.0.tar

4 部署前后端数据库

4.1 部署 MySQL 数据

# 登入数据库
mysql -uroot -p123456
# 创建一个 ry 的数据库
CREATE DATABASE ry DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
# 查看库
SHOW DATABASES;
# 退出库
CTRL+D
# 下载若依数据库脚本
git clone https://gitee.com/y_project/RuoYi-Vue.git
cd RuoYi-Vue/sql
# 导入数据
mysql -uroot -p ry < ry_*.sql
mysql -uroot -p ry < quartz.sql
# 验证
USE ry;
SHOW TABLES;
# 开启远程访问 (修改后重启 systemctl restart mysqld)
vim /etc/my.cnf
-----------------------------------------------------------------------------------------
bind-address =0.0.0.0
# 授权远程访问
CREATE USER'ruoyi'@'%' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON ry.* TO 'ruoyi'@'%';
FLUSH PRIVILEGES;
# 验证远程连接
mysql -h 192.168.10.83 -u ruoyi -p

4.2 完整 K8s YAML

vim ruoyi-full.yaml
-----------------------------------------------------------------------------------------
apiVersion: v1
kind: Namespace
metadata:
  name: ruoyi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: redis
  namespace: ruoyi
spec:
  replicas: 1
  selector:
    matchLabels:
      app: redis
  template:
    metadata:
      labels:
        app: redis
    spec:
      containers:
      - name: redis
        image: redis:6.2.17
        ports:
        - containerPort: 6379
---
apiVersion: v1
kind: Service
metadata:
  name: redis
  namespace: ruoyi
spec:
  selector:
    app: redis
  ports:
  - port: 6379
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: ruoyi-config
  namespace: ruoyi
data:
  "SPRING_DATASOURCE_URL": jdbc:mysql://192.168.10.83:3306/ry?useUnicode=true&characterEncoding=utf8&serverTimezone=Asia/Shanghai
  SPRING_DATASOURCE_USERNAME: "ruoyi"
  SPRING_DATASOURCE_PASSWORD: "123456"
  SPRING_REDIS_HOST: "redis"
  SPRING_REDIS_PORT: "6379"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ruoyi-admin
  namespace: ruoyi
spec:
  replicas: 2
  selector:
    matchLabels:
      app: ruoyi-admin
  template:
    metadata:
      labels:
        app: ruoyi-admin
    spec:
      containers:
      - name: ruoyi-admin
        image: ruoyi-admin:v1.0
        imagePullPolicy: Always
        ports:
        - containerPort: 8080
        envFrom:
        - configMapRef:
            name: ruoyi-config
---
apiVersion: v1
kind: Service
metadata:
  name: ruoyi-admin
  namespace: ruoyi
spec:
  selector:
    app: ruoyi-admin
  ports:
  - port: 8080
    targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ruoyi-ui
  namespace: ruoyi
spec:
  replicas: 2
  selector:
    matchLabels:
      app: ruoyi-ui
  template:
    metadata:
      labels:
        app: ruoyi-ui
    spec:
      containers:
      - name: ruoyi-ui
        image: ruoyi-ui:v1.0
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: ruoyi-ui
  namespace: ruoyi
spec:
  selector:
    app: ruoyi-ui
  ports:
  - port: 80
    targetPort: 80

5 部署 Gateway

5.1 安装 Gateway API (CRD 资源)

wget https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml
kubectl apply -f standard-install.yaml

5.2 安装 Envoy Gateway

wget https://github.com/envoyproxy/gateway/releases/download/v1.0.0/install.yaml
# 修改镜像拉取策略为 IfNotPresent
sed -i 's/imagePullPolicy:[[:space:]]*Always/imagePullPolicy: IfNotPresent/g' install.yaml
kubectl apply -f install.yaml

5.3 安装 Gateway

5.3.1 部署 gateway 资源

---
apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
  name: eg
spec:
  controllerName: gateway.envoyproxy.io/gatewayclass-controller
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: ruoyi-gateway
  namespace: ruoyi
spec:
  gatewayClassName: eg
  listeners:
  - name: http
    port: 80
    protocol: HTTP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: ruoyi-route
  namespace: ruoyi
spec:
  parentRefs:
  - name: ruoyi-gateway
  rules:
  - matches:
    - path:
        type: PathPrefix
        value: /
    backendRefs:
    - name: ruoyi-ui
      port: 80

5.3.2 修改配置

# 把 LoadBalancer 改为 NodePort
kubectl get svc -n envoy-gateway-system
kubectl patch service envoy-ruoyi-ruoyi-gateway-1ef7723c -n envoy-gateway-system -p '{"spec":{"type":"NodePort"}}'
# 增加 pod 数量
kubectl get deployment -n envoy-gateway-system
kubectl scale deployment envoy-ruoyi-ruoyi-gateway-1ef7723c -n envoy-gateway-system --replicas=2

6 访问测试

curl http://192.168.10.81:30269
# 浏览器访问 192.168.10.81:30269

7 总结

本章围绕 Gateway API 展开，从理论到实践全面介绍了其在 Kubernetes 环境中的应用。通过部署若依项目并结合 Envoy Gateway，我们实现了以下目标：

• 理解 Gateway API 的核心资源模型：包括 GatewayClass、Gateway、HTTPRoute 等，明确了它们的分工与协作关系。
• 掌握 Gateway API 与传统 Ingress 的区别：从协议支持、扩展性、多租户支持等多个维度进行对比，突出 Gateway API 的优势。
• 完成完整的应用部署与流量接入：从前端到后端，再到数据库，完整构建了一套微服务应用，并通过 Gateway API 实现统一流量入口。
• 体验 Envoy Gateway 的实际部署与配置：包括 CRD 安装、Gateway 资源配置、服务类型调整等操作，为后续生产环境的使用打下基础。

Gateway API 作为 Kubernetes 流量管理的下一代标准，正在被越来越多的网关控制器（如 Envoy、Istio、Nginx）所支持。掌握它，不仅有助于提升集群流量治理能力，也为未来多云、多集群场景下的统一路由管理奠定基础。