- Features and Benefits
- Using Ambassador Edge Stack in Your Organization
- Ambassador Edge Stack vs. Other Software
- Certified Builds
- Ambassador Edge Stack Architecture
- Ambassador Edge Stack Deployment Architecture
- Continuous Delivery, Declarative Config, and GitOps
- Microservices API Gateways
- Rate Limiting Concepts
- Self-Service Routing and Deployment Control
- Safely Testing in Production
- OAuth & OIDC Overview
- Why Ambassador Edge Stack Uses Envoy Proxy (External Link)
- Configuring Ambassador Edge Stack
- Mapping Services
- Canary Releases
- Circuit Breakers
- Cross Origin Resource Sharing
- Header-based routing
- Host Header
- Host CRD
- Prefix Regex
- Rate Limits
- Remove Request Headers
- Remove Response Headers
- Add Request Headers
- Add Response Headers
- Automatic Retries
- Routing TCP Connections
- Traffic Shadowing
- Developer Portal
- Filter Reference
- Statistics and Monitoring
The Ambassador Edge Stack gives platform engineers a comprehensive, self-service edge stack for managing the boundary between end-users and Kubernetes. Built on the Envoy Proxy and fully Kubernetes-native, the Ambassador Edge Stack is made to support multiple, independent teams that need to rapidly publish, monitor, and update services for end-users. A true edge stack, Ambassador can also be used to handle the functions of an API Gateway, a Kubernetes ingress controller and a layer 7 load balancer (for more, see this blog post).
The Ambassador Edge Stack is an open-source, Kubernetes-native microservices API gateway built on the Envoy Proxy. The Ambassador Edge Stack is built from the ground up to support multiple, independent teams that need to rapidly publish, monitor, and update services for end-users. Ambassador can also be used to handle the functions of a Kubernetes ingress controller and load balancer (for more, see this blog post).
Or, read the documentation on using the Ambassador Edge Stack as an Ingress Controller.
Traditional cloud applications were built using a monolithic approach. These applications were designed, coded, and deployed as a single unit. Today's cloud-native applications, by contrast, consist of many individual (micro)services. This results in an architecture that is:
- Heterogeneous: Services are implemented using multiple (polyglot) languages, they are designed using multiple architecture styles, and they communicate with each other over multiple protocols.
- Dynamic: Services are frequently updated and released (often without coordination), which results in a constantly-changing application.
- Decentralized: Services are managed by independent product-focused teams, with different development workflows and release cadences.
The Ambassador Edge Stack is commonly used to route traffic to a wide variety of services. It supports:
- configuration on a per-service basis, enabling fine-grained control of timeouts, rate limiting, authentication policies, and more.
- a wide range of L7 protocols natively, including HTTP, HTTP/2, gRPC, gRPC-Web, and WebSockets.
- Can route raw TCP for services that use protocols not directly supported by The Ambassador Edge Stack.
Service updates result in a constantly changing application. The dynamic nature of cloud-native applications introduces new challenges around configuration updates, release, and testing. Ambassador Edge Stack:
- Enables testing in production, with support for canary routing and traffic shadowing.
- Exposes high-resolution observability metrics, providing insight into service behavior.
- Uses a zero downtime configuration architecture, so configuration changes have no end-user impact.
Independent teams can create their own workflows for developing and releasing functionality that are optimized for their specific service(s). With Ambassador Edge Stack, teams can:
- Leverage a declarative configuration model, making it easy to understand the canonical configuration and implement GitOps-style best practices.
- Independently configure different aspects of Ambassador Edge Stack, eliminating the need to request configuration changes through a centralized operations team.
Ambassador Edge Stack takes full advantage of Kubernetes and Envoy Proxy.
- All of the state required for Ambassador Edge Stack is stored directly in Kubernetes, eliminating the need for an additional database.
- The Ambassador Edge Stack team has added extensive engineering efforts and integration testing to ensure optimal performance and scale of Envoy and Kubernetes.
Interested in learning more?