2 min • read

Server Name Indication (SNI)

Ambassador Edge Stack supports serving multiple Hosts behind a single IP address, each with their own certificate.

This is as easy to do as creating a Host for each domain or subdomain you want Ambassador Edge Stack to serve, getting a certificate for each, and telling Ambassador Edge Stack which Host the route should be created for.

The example below configures two Hosts and assigns routes to them.

Configuring a Host

The Host resources lets you separate configuration for each distinct domain and subdomain you plan on serving behind Ambassador Edge Stack.

Let's start by creating a simple Host and providing our own certificate in the host-cert secret.

yaml
---
apiVersion: getambassador.io/v2
kind: Host
metadata:
name: example-host
spec:
hostname: host.example.com
acmeProvider:
authority: none
tlsSecret:
name: host-cert

Now lets, create a second Host for a different domain we want to serve behind Ambassador Edge Stack. This second Host we can use Ambassador Edge Stack's automatic TLS to get a certificate from Let's Encrypt.

yaml
---
apiVersion: getambassador.io/v2
kind: Host
metadata:
name: foo-host
spec:
hostname: host.foo.com
acmeProvider:
email: julian@example.com

We now have two Hosts with two different certificates.

Configuring routes

Now that we have two domains behind Ambassador Edge Stack, we can create routes for either or both of them.

We do this by setting the host attribute of a Mapping to the domain the Mapping should be created for.

yaml
---
apiVersion: getambassador.io/v2
kind: Mapping
metadata:
name: httpbin
spec:
prefix: /httpbin/
service: httpbin.org:80
host_rewrite: httpbin.org
host: host.example.com

Will create a /httpbin/ endpoint for host.example.com

yaml
---
apiVersion: getambassador.io/v2
kind: Mapping
metadata:
name: mockbin
spec:
prefix: /foo/
service: foo-service
host: host.foo.com

Will create a /foo/ endpoint for host.foo.com

yaml
---
apiVersion: getambassador.io/v2
kind: Mapping
metadata:
name: frontend
spec:
prefix: /bar/
service: bar-endpoint

Will create a /bar/ endpoint for all Hosts.