Deploy Ambassador Edge Stack on Kubernetes with Platform9

Ambassador Edge Stack is an open-source tool designed to function as a Swiss army knife of sorts for traffic between your Kubernetes clusters and the rest of the world. Ambassador offers Envoy-based ingress control, an API gateway, load balancing and more through a single tool, allowing teams to reduce the number of individual components they need to install and support, in order to manage application traffic.

Ambassador also offers the advantage of being truly Kubernetes-native: It is configured using Kubernetes annotations and declarative configurations. It supports advanced API-management features like rate-limiting and circuit-breaking, as well.

In addition, as this tutorial shows, Ambassador is quite simple to deploy. Below, we’ll walk through the steps to get Ambassador up and running on a Kubernetes cluster running on the Free Tier of Platform9 Managed Kubernetes (PMK).

Set Up the PMK Free Tier Cluster

First, we need to set up a cluster in Platform9 that we’ll use to deploy Ambassador.

Follow these steps:

  1. Sign up for the Free Tier of PMK here and log in through your Web browser.
  2. Click the Create Cluster button and choose where you want to set up your cluster. For this tutorial, we’ll use a Bare-OS installation, with nodes running on Ubuntu 16.04 virtual machines. (For details on how to set this up, see this tutorial for Windows or this one for macOS). You can also set up a cluster via another method for creating local clusters (such as Minikube) or using AWS.
  3. Log into the virtual machines that you want to use as nodes, and run these commands:
  4. $ bash <(curl -sL
    $ pf9ctl cluster prep-node
  5. Go back to the Platform9 interface in your Web browser. You should now see a list of nodes that you can select to add to your cluster, as below:
  6. See a list of nodes that you can select to add to your cluster

  7. After you’ve selected your nodes, complete the steps on the screen to finish creating the cluster.
  8. Select a node to serve as your master, then repeat the process to select worker nodes.
  9. Click the API Access tab (on the left of the Platform9 interface), select the option to generate a Kubeconfig file and download the resulting file.
  10. Apply the Kubeconfig:
  11. export KUBECONFIG=/tmp/sample-kubeconfig.yaml
  12. Verify that the Kubeconfig was set up successfully:
  13. kubectl cluster-info

    You should see a message like this:

    Kubernetes master is running at
    CoreDNS is running at
    Metrics-server is running at

Deploy Ambassador

Now, you’re ready to deploy Ambassador to your Platform9 Kubernetes cluster. There are two methods for doing this:

  1. Using the edgectl CLI tool, which automates most of the process.
  2. Manually downloading and applying the relevant YAML files.
  3. Whichever method you choose, remember that you’ll need to work within the same terminal where you ran the export Kubeconfig … command from the previous section (or, you can run the export command again if you open a new terminal). Also remember that the Kubeconfig credentials you downloaded from the Platform9 Web console expire after twenty-four hours, so you’ll need to download a new Kubeconfig and export it to your environment if you exceed that window.

    Install Ambassador with edgectl

    Edgectl is a CLI tool that you can download from the website of Datawire, the main developer of Ambassador.

    On Linux and macOS, you can download and run the installer with a curl command:

    sudo curl -fL -o /usr/local/bin/edgectl && sudo chmod a+x /usr/local/bin/edgectl

    If you’re on Windows, download the installer from here.

    Once edgectl is downloaded, run the installer with this command:

    edgectl install

    After installation completes, you can verify that the Ambassador pods are running under the Pods, Deployments, Services tab in Platform 9:

    As we can see, Ambassador has been deployed successfully on our Platform9 cluster.

    Install Ambassador Manually

    Deploying Ambassador manually is only slightly more complicated than using the Edgectl method described above.

    In the terminal where the Kubeconfig environment for your Platform9 cluster is active, run this command:

    kubectl apply -f && \
    kubectl wait --for condition=established --timeout=90s crd -lproduct=aes && \
    kubectl apply -f && \
    kubectl -n ambassador wait --for condition=available --timeout=90s deploy -lproduct=aes

    This will download and apply the YAML files to set up the Ambassador service.

    You can then access the Ambassador Web console at your cluster’s IP address. If you don’t know that address, find it with the following command:

    kubectl get -n ambassador service ambassador -o "go-template={{range .status.loadBalancer.ingress}}{{or .ip .hostname}}{{end}}"

    Now, there is one more step to perform: In order to actually log into the Ambassador Web console, you’ll first need to download and configure edgectl for your Ambassador instance. The Web console will display specific instructions to follow for this purpose. Complete those as directed, and you’ll be up and running.

    Create an Ambassador Service

    Ambassador uses Kubernetes Custom Resource Definitions to define how requests are mapped to services. The Resource Definitions are YAML files that are applied with kubectl.

    Here’s a basic definition for a service that tells Ambassador to map requests for /httpbin/ to the service

    kind:  Mapping
      name:  httpbin-mapping
      prefix: /httpbin/

    To deploy this service, save the definition in a YAML file (we’ll use httpdbin.yaml for this example), then apply it with kubectl:

    kubectl apply -f httpdbin.yaml

    Additional Resources

    For further guidance on how to configure Ambassador Edge Stack, examples of more complex service deployments and tips on best practices to follow, check out the official documentation. Ambassador also has an active Slack channel where you can get support.

You may also enjoy

How Content Delivery Networks (CDNs) Can Use Kubernetes at the edge for Less Latency and Better Livestream

By Platform9

Scaling clouds reliably requires experience and expertise

By Ron Haberman

The browser you are using is outdated. For the best experience please download or update your browser to one of the following:

GigaOM’s Radar report for Managed KubernetesRead Now