- Features and Benefits
- Using Ambassador Edge Stack in Your Organization
- Ambassador Edge Stack vs. Other Software
- Certified Builds
- Ambassador Edge Stack Architecture
- Ambassador Edge Stack Deployment Architecture
- Continuous Delivery, Declarative Config, and GitOps
- Microservices API Gateways
- Rate Limiting Concepts
- Self-Service Routing and Deployment Control
- Safely Testing in Production
- OAuth & OIDC Overview
- Why Ambassador Edge Stack Uses Envoy Proxy (External Link)
- Configuring Ambassador Edge Stack
- Mapping Services
- Canary Releases
- Circuit Breakers
- Cross Origin Resource Sharing
- Header-based routing
- Host Header
- Host CRD
- Prefix Regex
- Rate Limits
- Remove Request Headers
- Remove Response Headers
- Add Request Headers
- Add Response Headers
- Automatic Retries
- Routing TCP Connections
- Traffic Shadowing
- Developer Portal
- Filter Reference
- Statistics and Monitoring
Imagine you have an application consisting of a hundred microservices and you want to test microservice changes in CI before release. One approach to running such a test would be to spin up a new cluster, install and launch your application in that cluster, replace the one microservice that you wish to test, and run your tests against that cluster. This would work, but it's complicated, expensive, and slow.
If you could use one persistent cluster and application for every test, you would avoid the costs of spinning up a new cluster and installing your application every time. The Telepresence swap deployment workflow lets you do this. Each test run can swap the existing microservice with the modified version running in CI, run tests against the cluster, and then terminate the swap to restore things for the next test. The downside of swap deployment is that the entire cluster is affected, which means that a robust testing strategy must run tests sequentially without overlap. If changes come in fast and test runs are slow, your CI system will fall behind and become the bottleneck.
To avoid this bottleneck, your CI system must be able to test different changesets concurrently without tests interfering with one another. The outbound and intercept features of Edge Control make this possible. The key requirements are
- the microservice being tested must be an HTTP service, and
- it must be possible to set a test-run-specific HTTP header for requests to the microservice being tested. Ideally, that header would pass through from where requests enter the system all the way to the microservice being tested.
The CI job that performs system tests of MyService would look roughly like this
- Install the required software (
- Perform the usual CI steps (build the microservice and perform unit/local tests).
- Set up access to the shared cluster, so that e.g.,
kubectl get podstalks to the right place.
- Launch the Edge Control Daemon and connect to the clustersudo edgectl daemonedgectl connect
- Add an intercept specific to this test session, e.g., using commit information to construct a unique nameCI_TAG="MyService-$(git describe --always --tags)"edgectl intercept add MyService -n "$CI_TAG" -m "x-ci-tag=$CI_TAG" -t localhost:9000
- Run system tests by sending requests to the application with the appropriate header setThese requests will go to your shared cluster just as any request would, but calls to MyService from within the application will be routed back to the modified version running in CI because the intercepted header is set appropriately. All other calls to MyService will function as usual, going to the version of MyService running in the cluster.curl -L -H "x-ci-tag:$CI_TAG" "$API_GATEWAY"# (or)env "TEST_HEADER_VALUE=$CI_TAG" pytest ...# (etc)
- Delete the intercept when the job is done. This is not strictly necessary, as the Traffic Manager will clean up automatically after a while, but doing so here keeps diagnostic output (
edgectl intercept list, etc.) clean.edgectl intercept remove "$CI_TAG"