Ambassador Ingress Controller

Last edited on 9 Jan 2024 • Generated on 10 Jan 2024

This page is automatically generated from the DigitalOcean Marketplace using content on the Ambassador Ingress Controller catalog page.

Description

Ambassador Edge Stack is an Ingress Controller and API Gateway built on Envoy Proxy. Envoy Proxy is designed for cloud-native applications. Ambassador exposes Envoy’s functionality as Custom Resource Definitions, with integrated rate limiting, authentication, load balancing, and observability.

Note:

Ambassador Edge Stack 2.X introduces some changes that aren’t backwards-compatible with 1.X. If you already have an existing installation that uses 1.X and you want to upgrade to version 2.X, please use the following guide for upgrade.

As of version 3.8.0 (Helm chart v8.8.0) Edge Stack requires an Ambassador Labs license key or Cloud Connect token to operate. A license key is entered using licenseKey.value, and a Cloud Connect token is entered using emissary-ingress.agent.cloudConnectToken. Please see instructions.** on how to obtain these if you do not have them.

The DigitalOcean 1-click application installs the Helm 3 version of Ambassador Edge Stack. This version includes the Authentication and Rate Limiting plugins, as well as the Dev Portal. It also includes the option of upgrading your installation to include Service Preview and MicroCD, two Edge Stack components that improve and streamline the developer self-service model. To explore the features of these components, see the following links.

Edge Stack Components:

  • Rate Limiting: Rate limit to ensure the reliability, security and scalability of your micro-services.
  • Authentication: Built-in OAuth2 and JWT authentication with the ability to drop in custom AuthService plugins.

Notes:

  • This stack requires a minimum configuration of 2 Nodes at the $10/month plan (2GB memory / 1 vCPU).
  • The Ambassador 1-Click app also includes a $12/month DigitalOcean Load Balancer to ensure that ingress traffic is distributed across all of the nodes in your DOKS cluster.

Software Included

Package Version License
Ambassador Edge Stack 2.2.2 Apache 2.0

Creating an App using the Control Panel

Click the Deploy to DigitalOcean button to install a Kubernetes 1-Click Application. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.

Deploy to DO

Creating an App using the API

In addition to creating Ambassador Ingress Controller using the control panel, you can also use the DigitalOcean API. As an example, to create a 3 node DigitalOcean Kubernetes cluster made up of Basic Droplets in the SFO2 region, you can use the following doctl command. You need to authenticate with doctl with your API access token) and replace the $CLUSTER_NAME variable with the chosen name for your cluster in the command below.

doctl kubernetes clusters create --size s-4vcpu-8gb $CLUSTER_NAME --1-clicks ambassador

Getting Started After Deploying Ambassador Ingress Controller

Connecting to Your Cluster

You can connect to your DigitalOcean Kubernetes cluster by following our how-to guide.

For additional instructions on configuring a DigitalOcean Kubernetes cluster, see the following guides:

Confirming that Ambassador Ingress Controller is Running

First, verify that the Helm installation was successful by running following command:

helm ls -n ambassador

If the installation was successful, the STATUS column value in the output reads deployed:

NAME       NAMESPACE  REVISION UPDATED                              STATUS   CHART            APP VERSION
edge-stack ambassador 1        2022-02-14 18:02:21.554041 +0200 EET deployed edge-stack-8.7.2 3.7.2

Next, verify that the Ambassador Ingress pods are up and running with the following command:

kubectl get pods --all-namespaces -l app.kubernetes.io/name=edge-stack

If they’re running, all pods listed in the output are in a READY state and the STATUS for each reads Running:

NAMESPACE    NAME                          READY   STATUS    RESTARTS   AGE
ambassador   edge-stack-688f84d947-dv244   1/1     Running   0          5m39s
ambassador   edge-stack-688f84d947-r4qcs   1/1     Running   0          5m39s
ambassador   edge-stack-688f84d947-snzmh   1/1     Running   0          5m39s

Then, inspect the external IP address of your Ambassador Ingress Controller Load Balancer by running following command:

kubectl get svc -n ambassador

If installed correctly, the output has the EXTERNAL-IP column, containing a valid IP address:

NAME               TYPE           CLUSTER-IP      EXTERNAL-IP      PORT(S)                      AGE
edge-stack         LoadBalancer   10.245.88.194   134.209.131.93   80:32617/TCP,443:31000/TCP   6m19s
edge-stack-admin   ClusterIP      10.245.66.159   <none>           8877/TCP,8005/TCP            6m19s
edge-stack-redis   ClusterIP      10.245.188.44   <none>           6379/TCP                     6m19s

Finally, Ambassador Edge Stack should now be successfully installed and running, but in order to get started deploying Services and test routing to them you need to configure a few more resources:

  • The Listener Resource is required to configure which ports the Ambassador Edge Stack pods listen on so that they can begin responding to requests.
  • The Mapping Resource is used to configure routing requests to services in your cluster.
  • The Host Resource configures TLS termination for enabling HTTPS communication.

For more details about checking Ingress Controller deployment status and functionality, lease refer to the Ambassador Ingress Controller tutorial.

Tweaking Helm Values

The Ambassador Ingress stack provides some custom values to start with. Please have a look at the values file from the main GitHub repository (explanations are provided inside, where necessary).

You can always inspect all the available options, as well as the default values for the Ambassador Ingress Helm chart by running below command:

helm show values datawire/edge-stack --version 8.7.2

After tweaking the Helm values file (values.yml) according to your needs, you can always apply the changes via helm upgrade command, as shown below:

helm upgrade edge-stack datawire/edge-stack --version 8.7.2 \
  --namespace ambassador \
  --values values.yml

Upgrading the Ambassador Ingress Chart

You can check what versions are available to upgrade by navigating to the emissary-ingress official releases page from GitHub. Alternatively, you can use ArtifactHUB.

To upgrade the stack to a newer version, run the following command, replacing the &amp;amp;lt; &amp;amp;gt; placeholders with their corresponding information:

helm upgrade edge-stack datawire/edge-stack \
  --version <INGRESS_AMBASSADOR_STACK_NEW_VERSION> \
  --namespace ambassador \
  --values <YOUR_HELM_VALUES_FILE>

See helm upgrade for command documentation.

Uninstalling

To uninstall Ambassador Ingress Controller, you need to have Helm 3 installed. Once installed, run the following uninstall command:

helm uninstall edge-stack -n ambassador

And then the following delete commands:

kubectl delete ns ambassador

kubectl delete -f https://app.getambassador.io/yaml/edge-stack/3.7.2/aes-crds.yaml
Control Panel Blog Pricing Careers Terms Privacy Status API Docs Tutorials Support