Ambassador Edge Stack quick start
1. Installation
We'll start by installing Ambassador Edge Stack into your cluster.
We recommend using Helm but there are other options below to choose from.
# Add the Repo:helm repo add datawire https://app.getambassador.iohelm repo update# Create Namespace and Install:kubectl create namespace ambassador && \kubectl apply -f https://app.getambassador.io/yaml/edge-stack/2.2.2/aes-crds.yamlkubectl wait --timeout=90s --for=condition=available deployment emissary-apiext -n emissary-systemhelm install edge-stack --namespace ambassador datawire/edge-stack && \kubectl -n ambassador wait --for condition=available --timeout=90s deploy -lproduct=aes
Connecting your installation to Ambassador Cloud
Now is a great time to enhance your Ambassador Edge Stack experience and take advantage of Ambassador Cloud's advanced capabilities.
Log in to Ambassador Cloud with GitHub, GitLab or Google and select your team account.
At the top, click Add Services then click Connection Instructions in the "Connect your installation" section.
Follow the prompts to name the cluster and click Generate a Cloud Token.
Follow the prompts to install the cloud token into your cluster.
When the token installation is completed, your services are listed in Ambassador Cloud.
2. Routing traffic from the edge
Ambassador Edge Stack uses Kubernetes Custom Resource Definitions (CRDs) to declaratively define its desired state. The workflow you are going to build uses a simple demo app, a Listener
CRD, and a Mapping
CRD. The Listener
CRD tells Ambassador Edge Stack what port to listen on, and the Mapping
CRD tells Ambassador Edge Stack how to route incoming requests by host and URL path from the edge of your cluster to Kubernetes services.
Start by creating a
Listener
resource for HTTP on port 8080:shellkubectl apply -f - <<EOF---apiVersion: getambassador.io/v3alpha1kind: Listenermetadata:name: edge-stack-listener-8080namespace: ambassadorspec:port: 8080protocol: HTTPsecurityModel: XFPhostBinding:namespace:from: ALL---apiVersion: getambassador.io/v3alpha1kind: Listenermetadata:name: edge-stack-listener-8443namespace: ambassadorspec:port: 8443protocol: HTTPSsecurityModel: XFPhostBinding:namespace:from: ALLEOFApply the YAML for the "Quote" service.
shellkubectl apply -f https://app.getambassador.io/yaml/v2-docs/2.2.2/quickstart/qotm.yamlGenerate the YAML for a
Mapping
to tell Ambassador Edge Stack to route all traffic inbound to the/backend/
path to thequote
Service.In this step, we'll be using the Mapping Editor, which you can find in the service details view of your Ambassador Cloud connected installation. Open your browser to https://app.getambassador.io/cloud/services/quote/details and click on New Mapping.
Default options are automatically populated. Enable and configure the following settings, then click Generate Mapping:
Whether you decide to automatically push the change to Git for this newly create Mapping resource or not, the resulting Mapping should be similar to the example below.
Apply this YAML to your target cluster now.
yamlkubectl apply -f - <<EOF---apiVersion: getambassador.io/v3alpha1kind: Mappingmetadata:name: quote-backendspec:hostname: "*"prefix: /backend/service: quotedocs:path: "/.ambassador-internal/openapi-docs"EOFStore the Ambassador Edge Stack load balancer IP address to a local environment variable. You will use this variable to test access to your service.
shellexport LB_ENDPOINT=$(kubectl -n ambassador get svc edge-stack \-o "go-template={{range .status.loadBalancer.ingress}}{{or .ip .hostname}}{{end}}")Test the configuration by accessing the service through the Ambassador Edge Stack load balancer:
Terminal$ curl -Lki https://$LB_ENDPOINT/backend/HTTP/1.1 200 OKcontent-type: application/jsondate: Wed, 23 Jun 2021 16:49:46 GMTcontent-length: 163x-envoy-upstream-service-time: 0server: envoy{"server": "serene-grapefruit-gjd4yodo","quote": "The last sentence you read is often sensible nonsense.","time": "2021-06-23T16:49:46.613322198Z"}
What's next?
Explore some of the popular tutorials on Ambassador Edge Stack:
- Intro to Mappings: declaratively routes traffic from the edge of your cluster to a Kubernetes service
- Host resource: configure a hostname and TLS options for your ingress.
- Rate Limiting: create policies to control sustained traffic loads
Ambassador Edge Stack has a comprehensive range of features to support the requirements of any edge microservice.
To learn more about how Ambassador Edge Stack works, read the Ambassador Edge Stack Story.