Ambassador Edge Stack
Ambassador Edge Stack
by Ambassador Labs

Version 1.6

KUBERNETESNETWORK TOOLS

Description

Ambassador Edge Stack is a Kubernetes-native API Gateway built on Envoy Proxy. Managed entirely via Kubernetes Custom Resource Definitions, Ambassador provides powerful capabilities for traffic management, authentication, and observability. Ambassador has native integrations for popular service meshes, including Consul, Istio, and Linkerd.

Getting started after deploying Ambassador Edge Stack

Quick Start

If you just want to give this app a quick spin without doctl give the following a try.

Setup:

  1. Create a cluster in the DigitalOcean control panel (https://cloud.digitalocean.com/kubernetes/clusters/).
  2. Download the Kubernetes config file to the ~/Downloads directory on your local machine. The config file will have a name like monitoring-k8s-1-15-3-do-1-sfo-kubeconfig.yaml.
  3. Install the Kubernetes command line tool, kubectl, (https://kubernetes.io/docs/tasks/tools/install-kubectl/) on your local machine.

Copy the Kubernetes config file to the default directory kubectl configuration directory:

cp ~/.kube/config  ~/.kube/config.bkup
cp  ~/Downloads/monitoring-k8s-1-15-3-do-1-sfo-kubeconfig.yaml  ~/.kube/config

You should now be able to connect to your DigitalOcean Kubernetes Cluster and successfully run commands like:

kubectl get pods -A

Confirm Ambassador is running:

After you are able to successfully connect to your DigitalOcean Kubernetes cluster you’ll be able to see Ambassador Operator running in the ambassador namespace by issuing:

 kubectl get pods -n ambassador


Confirm all ambassador pods are in a “Running” state under the “STATUS” column:

NAME                                READY   STATUS    RESTARTS   AGE
ambassador-79c76bb8-64x96           1/1     Running   0          11m
ambassador-79c76bb8-bzlqn           1/1     Running   0          11m
ambassador-79c76bb8-c2b6x           1/1     Running   0          11m
ambassador-redis-6594476754-hgqbb   1/1     Running   0          11m

Exposing a Service with Ambassador

To test our deployment, we are going to deploy a sample application to deliver random quotes to users. The manifest below describes a Quote deployment exposed via a Quote service.

---
apiVersion: v1
kind: Service
metadata:
  name: quote
spec:
  ports:
  - name: http
    port: 80
    targetPort: 8080
  selector:
    app: quote
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: quote
spec:
  replicas: 1
  selector:
    matchLabels:
      app: quote
  strategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: quote
    spec:
      containers:
      - name: backend
        image: quay.io/datawire/quote:0.3.0
        ports:
        - name: http
          containerPort: 8080
  1. Apply with kubectl apply -f quote.yaml.

  2. We have our deployment and it's exposed with a service, but we still cannot connect to it without telling Ambassador where it is. This is where the Mapping comes into play. With a mapping, we can use kube-dns to let Ambassador know exactly where to look for the Quote service when the right request comes in.

    ---
    apiVersion: getambassador.io/v2
    kind: Mapping
    metadata:
      name: backend
    spec:
      prefix: /backend/
      service: quote
  3. Apply the mapping with kubectl apply -f quote-backend.yaml.

  4. Test that it works by using curl -k https://{{AMBASSADOR_IP}}/backend/ in your terminal. You should see something similar to the following:

    {
        "server": "bleak-kumquat-n9qg6ra1",
        "quote": "Non-locality is the driver of truth. By summoning, we vibrate.",
        "time": "2020-05-08T18:33:54.578661743Z"
    }% 
    • The IP address can be obtained by running:
      kubectl get svc -n ambassador -o 'go-template={{range .status.loadBalancer.ingress}}{{print .ip "\n"}}{{end}}'

Upgrading

To upgrade Ambassador Edge Stack, use the following:

kubectl apply -f https://www.getambassador.io/yaml/aes-crds.yaml
helm repo update && helm upgrade -n ambassador ambassador datawire/ambassador

Additional Resources

API Creation

In addition to creating Ambassador Edge Stack via the control panel, you can also use the DigitalOcean API.

As an example, to create a 3 node DigitalOcean Kubernetes cluster made up of Basic Droplets in the SFO2 region, you can use the following curl command. You’ll need to either save your API access token to an environment variable or substitute it into the command below.


  curl -X POST -H "Content-Type: application/json" \
      -H "Authorization: Bearer '$TOKEN'" -d \
      '{"name": "choose-a-name","region": "sfo2","version": "1.17.5-do.0","node_pools": [{"size": "s-1vcpu-2gb","count": 3,"name": "choose-a-name"}]}' \
      "https://api.digitalocean.com/v2/kubernetes/clusters"
      

Support Details

Supported By:Ambassador Labs
Support URL:https://www.getambassador.io

Additional Links

Kubernetes Ingress 101

Kubernetes Ingress 101: NodePort, Load Balancers, and Ingress Controllers

Ambassador Documentation

Ambassador Documentation

Envoy Proxy 101

Envoy Proxy 101