PRODUCT RELEASE
Ambassador API Gateway and Ambassador Edge Stack 1.2 Available
Faster Installation with automatic HTTPS Domain using Let’s Encrypt and Automatic Upgrades with Ambassador Operator
We’re releasing Ambassador Edge Stack 1.2 and Ambassador API Gateway 1.2 today. In this release, we focused on making Ambassador Edge Stack easier to install, adopt, and maintain.
Ambassador Operator for Automatic Upgrades
(Available for Ambassador Edge Stack 1.2)
The concept of an operator pattern is to replicate the aims of a human operator who is managing services. Management includes deployments, upgrades and knowing how to react if the services misbehaves.
Without an operator, on-premise software upgrades are often manual, roll up to the latest version, and are difficult to schedule outside of working hours. This can be particularly annoying when your favorite software is updated frequently with great, new, exciting features that you want to use right away. :)
The new Ambassador Operator automates many steps in the upgrade process that were once manual. If desired, you can create a policy for upgrading by specifying “Upgrade only for patches” or “Always upgrade” and then specifying time slots or update window and which versions to upgrade to.
Faster Installation and New, Free Domain with HTTPS
(Available for Ambassador Edge Stack 1.2)
TLS encryption is one of the basic requirements of having a secure system. Ambassador Edge Stack automatically enables TLS termination/HTTPs, making TLS encryption easy and centralizing TLS termination for all of your services in Kubernetes automatically during configuration.
Prior to 1.2, the process of configuring TLS Termination and HTTPS was not so simple. Since TLS termination usually requires a fully-qualified domain name (FQDN) that can be seen from any client, setting everything up if you didn’t have control over the DNS typically involved a lot of friction.
We wanted to make the process of setting up Ambassador Edge Stack secure with HTTPS as frictionless as possible for new and existing users. The new installation process (using edgectl install) involves fewer steps and uses Let’s Encrypt to to set up HTTPS for a new, unique FQDN that is provided for each install. The new process involves detecting your cluster IP address, getting a certificate and installing it automatically.
Learn more in our upcoming session Weekly Office Hours: What’s New in 1.2 and Open Questions
Additional Bug Fixes and Enhancements
The following additional fixes and enhancements apply to both the Ambassador API Gateway and the Ambassador Edge Stack 1.2:
- Feature : Add add
idle_timeout_mssupport for common HTTP listener (thanks, Jordan Neufeld!) - Feature: allow override of bind addresses, including for IPv6! (thanks to Josue Diaz!)
- Bug Fix: Support Istio mTLS secrets natively (thanks, Phil Peble!)
- Bug Fix: TLS custom secret with period in name doesn’t work (thanks, Phil Peble!)
- Bug Fix: Honor
ingress.classwhen running with Knative - Internal: Fix CRD-versioning issue in CI tests (thanks, Ricky Taylor!)
- Bug Fix: Stop using deprecated Envoy configuration elements
The following additional fixes and enhancements apply to just the Ambassador Edge Stack 1.2:
- Feature:
ifRequestHeadercan now havevalueRegexinstead ofvalue - Feature: The
OAuth2Filter now hasuseSessionCookiesoption to have cookies expire when the browser closes, rather than at a fixed duration - Feature:
ifRequestHeadernow hasnegate: boolto invert the match - Bug Fix: The RBAC for
Ingressnow supports thenetworking.k8s.io apiGroup - Bug Fix: Quiet Dev Portal debug logs
- Change: The intercept agent is now incorporated into the
aesimage - Change: The
OAuth2Filter no longer sets cookies wheninsteadOfRedirecttriggers - Change: The
OAuth2Filter more frequently adjusts the cookies
In an effort to rapidly provide value to users, we’ve adopted a new development approach in 2020 that connects our developers closer to business objectives and user issues. These enhancements are of course in addition to feature requests. We are already thrilled with the results. We hope you enjoy it!
Installing 1.2
To install the Ambassador Edge Stack, follow the quick start.
The core Ambassador API Gateway image is also available with the Docker tag quay.io/datawire/ambassador:1.2.0.
You can also install with Helm:
# Add repository and create namespace
helm repo add datawire https://www.getambassador.io
kubectl create namespace ambassador# Using Helm 3
helm install ambassador --namespace ambassador datawire/ambassador# Using Helm 2
helm install --name ambassador --namespace ambassador datawire/ambassador
Upgrading to 1.2
To upgrade from you current version of the Ambassador Edge Stack to 1.2, please follow the instructions here.
Get Started Today
The Ambassador Edge Stack is a complete superset of the Ambassador API Gateway (open-source), with integrated support for rate limiting, authentication, filter management, Swagger, and more. The Edge Stack installs in minutes in any Kubernetes cluster. To get started, visit https://www.getambassador.io/user-guide/getting-started/
And, if Ambassador is working well for you, we’d love to hear about it. Drop us a line in the comments below, or @ambassadorlabs on Twitter.
