The latest posts and insights about Ambassador Labs - our products, our ecosystem, as well as voices from across our community.
API DEVELOPMENT
October 7, 2024
Kubernetes
externalTrafficPolicy=local is an annotation on the Kubernetes service resource that can be set to preserve the client source IP. When this value is set, the actual IP address of a client (e.g., a browser or mobile application) is propagated to the Kubernetes service instead of the IP address of the node. So how exactly does this work, and why do we need it? Pods and Nodes: Recap
Kubernetes
3 steps to containerize and deploy Node.JS apps to Kubernetes JavaScript has become a robust language powering complex web applications composed of microservices. Kubernetes is the leading orchestration platform for containerized applications, including JavaScript applications. Containerizing provides a way to package your application in a portable environment with all the necessary dependencies. This allows developers to easily manage their environments, scaling, and deployment strategies without having to change configurations for different infrastructure and platforms. In this tutorial, we will walk through the steps to create a simple containerized JavaScript application and deploy it in a Kubernetes cluster.
Kubernetes
One of the core promises of microservices is development team autonomy, which should, in theory, translate into faster and better decision making. But sometimes, this theory doesn’t translate into reality. Why is this the case? There are a multitude of reasons for microservices not working well. Microservices, cloud-native, and Kubernetes are a new approach and culture shift, and there’s a lot of good ways and bad ways to approach the challenge.
Authentication
All development and operations teams regularly face building vs buy decisions when it comes to deploying infrastructure. With the prevalence of open source Kubernetes Gateways like Emissary-Ingress, or the prevalence of open source proxies like Envoy, it is natural that organizations will ask the question - should I build on top of these open source projects or buy functionality from third-party vendors. In the case of authentication (Oauth) for API Gateways, it is almost always better to purchase from a vendor, unless there is a business justification to scale up and maintain a long term authentication project. To assess the right choice, here are some criteria you can use to evaluate whether you want to build your own OAuth service or purchase a subscription to a pre-built application such as Edge Stack API Gateway. Authentication Implementation: Build Scenarios
Kubernetes
Description Come learn how the Knative building blocks work together with zero baked in knowledge of one another. We will cover a new model for loose coupling in Kubernetes, and show how it is used throughout Knative. We will demonstrate how this model can be used to read and manipulate whole classes of Kubernetes resources. We will also demonstrate how this model can be used with Knative, e.g. to create a new abstractions to receive Events.
Kubernetes
Set up automatic HTTPS with the Edge Stack API Gateway Supporting HTTPS on your website and public APIs is an essential requirement for cloud native applications. Search engines rank HTTPS-enabled sites higher than insecure sites, and enabling Transport Level Security TLS for consumer-facing APIs dramatically reduces the ability for bad actors to sniff traffic and perform man-in-the-middle attacks. However, configuring HTTPS and managing ingress TLS certificates when deploying applications into Kubernetes is not easy. Setting Up Kubernetes TLS with Cert-Manager or Lets Encrypt
