ambassador | The Blog Pros

Routing in a Multi-Platform Data Center: From VMs to Kubernetes, via Ambassador

At Datawire, we are seeing more organizations migrating to their “next-generation” cloud-native platform built around Docker and Kubernetes. However, this migration doesn’t happen overnight. Instead, we see the proliferation of multi-platform data centers and cloud environments where applications span both VMs and containers. In these data centers, the Ambassador API gateway is being used as a central point of ingress, consolidating authentication, rate limiting, and other cross-cutting operational concerns.

This article is the first in a series on how to use Ambassador as a multi-platform ingress solution when incrementally migrating applications to Kubernetes. We’ve added sample Terraform code to the Ambassador Pro Reference Architecture GitHub repo which enables the creation of a multi-platform “sandbox” infrastructure on Google Cloud Platform. This will allow you to spin up a Kubernetes cluster and several VMs, and practice routing traffic from Ambassador to the existing applications.

January 30, 2019

Server Name Indication (SNI) and Ingress TLS in Kubernetes with Ambassador

The open-source Ambassador 0.50 API gateway adds support for Server Name Indication (SNI), a much-requested feature from the community that allows the configuration of multiple TLS certificates to be served from a single ingress IP address. In this tutorial, we explore how multiple secure domains (e.g., https://www.datawire.io and https://www.getambassador.io.) can be provided by a single or load balanced Ambassador running within a Kubernetes cluster.

SNI Use Cases

In a nutshell (and with thanks to Wikipedia), SNI is an extension to the TLS protocol, which allows a client to indicate which hostname it is attempting to connect to at the start of the TCP handshaking process. This allows the server to present multiple certificates on the same IP address and TCP port number, which in turn enables the serving of multiple secure websites or API services without requiring all those sites to use the same certificate.

What is Hyvä Themes for Magento and Why Was It Created?
In Themes
Choosing the right ecommerce platform is important not only for online retailers. It’s important for businesses whose products are directly related to such platforms and must work with them shoulder-to-shoulder. Magento clearly stands out in... T... […]
WPBeginner Turns 15 Years Old – Reflections, Updates, and a Giveaway ($50,000 in Prizes)
In birthday giveaway, giveaway, wpbeginner birthday
It’s quite surreal to type that WPBeginner turns 15 years old today! Time flies when you’re having fun especially with such an amazing community of website owners, small businesses, and web professionals. YOU ARE the best part of WPBeginner! Like every year, I will take… Read More »

The post WPBeginner Turns 15 Years Old – Reflections, Updates, and a Giveaway ($50,000 in Prizes) first appeared on WPBeginner.
[…]
The Art of Manual Regression Testing
No categories
The tech world of software development is characterized by fast-paced and constant evolution. Code keeps changing, new features are introduced, and bugs are fixed frequently. These changes are crucial for improving the overall development structure. Ho... […]
Understanding Properties of Zero Trust Networks
No categories
Zero Trust is a well-known but 'hard-to-implement' paradigm in computer network security. As the name suggests, Zero Trust is a set of core system design principles and concepts that seek to eliminate the practice of implicit trust-based security. The ... […]
Mastering Distributed Caching on AWS: Strategies, Services, and Best Practices
No categories
Distributed caching is a method for storing and managing data across multiple servers, ensuring high availability, fault tolerance, and improved read/write performance. In cloud environments like AWS (Amazon Web Services), distributed caching is pivota... […]

Proudly powered by WordPress