C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
c12s-kubespray/docs/ingress_controller/ambassador.md
Cristian Calin 6a2ea94b39
Docs improvements (#7660) 
* Docs: update sidebar

* Docs: move registry documentation into docs/

* Docs: move rbd_provisioner documentation into docs/

* Docs: move cephfs_provisioner into docs/

* Docs: move local_volume_provisioner documentation into docs/

* Docs: move ambassador.md to docs/ingress_controller/

* Docs: move metallb.md to docs/ingress_controller/

* Docs: move ingress_nginx documentation into docs/

* Docs: move alb_ingress_controller documentation into docs/

* Docs: merge ambassador documentation into docs/ingress_controller/

* Docs: move cert_manager documentation into docs/

* Docs: move bootstrap-os documentation into docs/

* Docs: update file locations in sidebar
2021-06-01 07:30:27 -07:00

3.2 KiB
Raw Blame History

Ambassador

The Ambassador API Gateway provides all the functionality of a traditional ingress controller (e.g., path-based routing) while exposing many additional capabilities such as authentication, URL rewriting, CORS, rate limiting, and automatic metrics collection.

Installation

Configuration

  • ingress_ambassador_namespace (default ambassador): namespace for installing Ambassador.
  • ingress_ambassador_update_window (default 0 0 * * SUN): crontab-like expression for specifying when the Operator should try to update the Ambassador API Gateway.
  • ingress_ambassador_version (default: *): SemVer rule for versions allowed for installation/updates.
  • ingress_ambassador_secure_port (default: 443): HTTPS port to listen at.
  • ingress_ambassador_insecure_port (default: 80): HTTP port to listen at.
  • ingress_ambassador_multi_namespaces (default false): By default, Ambassador will only watch the ingress_ambassador_namespace namespace for AmbassadorInstallation CRD resources. When set to true, this value will tell the Ambassador Operator to watch all namespaces for CRDs. If you want to run multiple Ambassador ingress instances, set this to true.

Ingress annotations

The Ambassador API Gateway will automatically load balance Ingress resources that include the annotation kubernetes.io/ingress.class=ambassador. All the other resources will be just ignored.

Ambassador Operator

This Ambassador addon deploys the Ambassador Operator, which in turn will install the Ambassador API Gateway in a Kubernetes cluster.

The Ambassador Operator is a Kubernetes Operator that controls Ambassador's complete lifecycle in your cluster, automating many of the repeatable tasks you would otherwise have to perform yourself. Once installed, the Operator will complete installations and seamlessly upgrade to new versions of Ambassador as they become available.

Usage

The following example creates simple http-echo services and an Ingress object to route to these services.

Note well that the Ambassador API Gateway will automatically load balance Ingress resources that include the annotation kubernetes.io/ingress.class=ambassador. All the other resources will be just ignored.

kind: Pod
apiVersion: v1
metadata:
  name: foo-app
  labels:
    app: foo
spec:
  containers:
  - name: foo-app
    image: hashicorp/http-echo
    args:
    - "-text=foo"
---
kind: Service
apiVersion: v1
metadata:
  name: foo-service
spec:
  selector:
    app: foo
  ports:
  # Default port used by the image
  - port: 5678
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: example-ingress
  annotations:
    kubernetes.io/ingress.class: ambassador
spec:
  rules:
  - http:
      paths:
      - path: /foo
        backend:
          serviceName: foo-service
          servicePort: 5678

Now you can test that the ingress is working with curl:

$ export AMB_IP=$(kubectl get service ambassador -n ambassador -o 'go-template={{range .status.loadBalancer.ingress}}{{print .ip "\n"}}{{end}}')
$ curl $AMB_IP/foo
foo