Edge Stack and Emissary-ingress are managed declaratively. This approach lends itself well to a GitOps workflow. Traditionally, adopting a GitOps workflow requires an extensive amount of engineering. With Ambassador Cloud, you can quickly and easily adopt a GitOps workflow without any custom engineering.
This quick start walks you through how to configure Edge Stack or Emissary-ingress with automated configuration analysis, integrating checks into your GitOps pull request workflow. The automated configuration analysis will detect and resolve configuration issues before your changes go live.
Log in to Ambassador Cloud with your preferred identity provider.
Click Add Services at the top, then click Connection Instructions in the
Connect your installationsection.
Follow the prompts to name the cluster and click Generate a Cloud Token.
Follow the prompts to install or configure either Edge Stack or Emissary-ingress 2.2 or later with a cloud token into your Kubernetes cluster.
If you do not have the latest version installed, you can:
When the installation completes, services, environments and clusters are visible in Ambassador Cloud.
Fork the demo repository, then clone your fork into your local workstation. This repository contains a Kubernetes service that you will add to the Service Catalog.
From the root of your local
a8r-gitops-example demo repository clone, apply the Kubernetes manifests to your cluster.
kubectl create namespace gitops-demo && \kubectl apply -n gitops-demo -f ./manifests
This will create a
Mapping in the
gitops-demo namespace in your cluster. All resources applied in this guide can be removed by running
kubectl delete namespace gitops-demo when you're done with the quickstart.
Navigate to the Teams Settings page in Ambassador Cloud.
Click the INTEGRATIONS button to navigate to the Integration settings, then click the CONFIGURE GitHub settings button.
Click MANAGE PERMISSIONS button. You will be taken to github.com and asked to choose which account you want to install Ambassador Cloud.
Select the account which contains the forked
Configure the installation for the demo repository:
After clicking Install, you will be directed back to Ambassador Cloud.
Once back in Ambassador Cloud, click the CONFIGURE GitHub settings button once more and find the
a8r-gitops-exampledemo repository in the list of repositories. Click ENABLE INTEGRATIONS.
Configure Ambassador Cloud to access your cluster information and Kubernetes manifests from Git.
manifesttext box, enter the relative path to your Kubernetes manifest files in your repository. For the demo repository, the manifests live in the
Select the cluster you initialized in step 1 from the
Click on the UPDATE REPOSITORY SETTINGS button. This will trigger Ambassador Cloud to create a pull request with the information you just entered into your forked demo
a8r-gitops-examplerepository. The pull request will add a file named
.a8r.yamlto the root of your repository, and the contents will look something like this:shellk8s_config:- manifest_path: /manifests/cluster_info:cluster_id: 01234567-89ab-cdef-0123-456789abcdefcluster_name: My Awesome Cluster
Merge the pull request to the main branch of the
Now that your repository is configured to receive feedback from the Ambassador Cloud, let's create a pull request that modifies the Kubernetes resources in the
a8r-gitops-example demo repository.
First, navigate to the root of your local
a8r-gitops-example demo repository and run
git pull to fetch the newly merged
.a8r.yaml from your global
a8r-gitops-example demo repository.
Then, create a new YAML file named
echo-service.yaml in the
manifests directory and paste the YAML below:
apiVersion: apps/v1kind: Deploymentmetadata:name: echo-servernamespace: gitops-demospec:replicas: 1selector:matchLabels:app: echo-servertemplate:metadata:labels:app: echo-serverspec:containers:- name: echo-serverimage: jmalloc/echo-serverports:- name: http-portcontainerPort: 8080---apiVersion: v1kind: Servicemetadata:name: echo-servernamespace: gitops-demospec:ports:- name: http-portport: 80targetPort: http-portprotocol: TCPselector:app: echo-server---apiVersion: getambassador.io/v3alpha1kind: Mappingmetadata:name: echo-servernamespace: gitops-demospec:hostname: '*'prefix: /backend/service: echo-server
Commit and push changes to Git:
git checkout -b new-echo-servicegit add manifests/echo-service.yamlgit commit -am 'Add new echo service' && git push -u origin new-echo-service
Navigate to GitHub to create a pull request for your change. Make sure the target repository is in your git fork, not
When you create a new pull request that changes your configuration, Ambassador Cloud will be automatically notified. The configuration change that you make is compared to your existing (runtime) configuration change, and the implications of this change are analyzed. Ambassador Cloud will post a comment, analyzing the consequences of merging the pull request into your main branch.
In this example, the automated configuration analysis detects a conflict on the
/backend route, as multiple
Mappings point to the same route.
In this case, we didn't intend to create a route conflict, so we'll make a change to fix this particular problem.
manifests/echo-service.yaml, edit the prefix for the
Mapping, so that it doesn't conflict with the
metadata:name: echo-servernamespace: gitops-demospec:hostname: '*'- prefix: /backend/+ prefix: /echo-backend/service: echo-server
Commit and push changes:
git add manifests/echo-service.yamlgit commit -am 'Update echo service to avoid route conflicts' && git push -u origin HEAD
See the reference for more information on automated configuration analysis with Ambassador Cloud.