Ambassador: Building a Control Plane for an Envoy-Powered API Gateway on Kubernetes

Ambassador: Building a Control Plane for an Envoy-Powered API Gateway on Kubernetes

  • February 8, 2019
Table of Contents

Ambassador: Building a Control Plane for an Envoy-Powered API Gateway on Kubernetes

This article provides an insight into the creation of the Ambassador open source API gateway for Kubernetes, and discusses the technical challenges and lessons learned from building a developer-focused control plane for managing ingress or ‘edge’ traffic within microservice-based applications. Key Takeaways Developed by Datawire, Ambassador is an open source API gateway designed specifically for use with the Kubernetes container orchestration framework. At its core, Ambassador is a control plane tailored for edge/API configuration for managing the Envoy Proxy “data plane”.

Envoy itself is a cloud native Layer 7 proxy and communication bus used for handling “edge” ingress and service-to-service networking communication. This article provides an insight into the creation of Ambassador, and discusses the technical challenges and lessons learned from building a developer-focused control plane for managing ingress traffic within microservice-based applications that are deployed into a Kubernetes cluster. Migrating Ambassador to the Envoy v2 configuration and Aggregated Discovery Service (ADS) APIs was a long and difficult journey that required lots of architecture and design discussions, and plenty of coding, but early feedback from the community has been positive.

Source: infoq.com

Tags :
Share :
comments powered by Disqus

Related Posts

Poseidon-Firmament Scheduler – Flow Network Graph Based Scheduler

Poseidon-Firmament Scheduler – Flow Network Graph Based Scheduler

In this blog post, we briefly describe the novel Firmament flow network graph based scheduling approach (OSDI paper) in Kubernetes. We specifically describe the Firmament Scheduler and how it integrates with the Kubernetes cluster manager using Poseidon as the integration glue. We have seen extremely impressive scheduling throughput performance benchmarking numbers with this novel scheduling approach.

Read More
Server Name Indication (SNI) Support Now in Ambassador

Server Name Indication (SNI) Support Now in Ambassador

We’ve discussed many interesting use cases for SNI support within the edge proxy/gateway with both open source and commercially supported users of Ambassador. In a nutshell (and with thanks to Wikipedia), SNI is an extension to the TLS protocol which allows a client to indicate which hostname it is attempting to connect to at the start of the TCP handshaking process. This allows the server to present multiple certificates on the same IP address and TCP port number, which in turn enables the serving of multiple secure websites or API services without requiring all those sites to use the same certificate.

Read More
Reaching for the Stars with Ansible Operator

Reaching for the Stars with Ansible Operator

In this post I will show you how to use Roles published to Ansible Galaxy as an Operator to manage an application in Kubernetes. Reusing a Role in this way provides an example of how to create an Operator that simply installs an application with the flexibility to expand and customize the behavior organically as requirements dictate. I will leverage both the Ansible Operator and the k8s module to demonstrate how you can use Ansible to create Kubernetes native applications.

Read More