Ambassador Edge Stack 4.0: API Gateway Evolution and Modern Features
K8s Guru
3 min read
Table of Contents
Introduction
Ambassador Edge Stack 4.0, released on May 22, 2023, is most relevant if you expose services on Kubernetes and need stable, debuggable traffic paths. The practical wins usually show up at the edge: clearer traffic behavior, fewer surprises during failover, and easier debugging when routes go weird.
API Gateway Improvements
- Routing enhancements provide more sophisticated traffic routing and load balancing capabilities.
- Rate limiting improvements enable better traffic management and throttling strategies.
- Circuit breaking enhancements provide better resilience during service failures.
- Retry policies enable automatic request retries with configurable backoff strategies.
Gateway API Support
- Gateway API implementation provides native support for the Kubernetes Gateway API standard.
- HTTPRoute support enables sophisticated routing rules and traffic management.
- TLSRoute capabilities enable secure routing with automatic certificate management.
- BackendRef improvements provide better service and endpoint selection.
Security Enhancements
- TLS termination improvements provide better certificate management and automatic rotation.
- mTLS support enables mutual TLS for service-to-service communication.
- Authentication enhancements expand OAuth2, JWT, and API key support.
- Authorization improvements provide fine-grained access control policies.
- WAF integration provides web application firewall capabilities.
Observability & Monitoring
- Metrics expansion exposes detailed gateway metrics for Prometheus integration.
- Distributed tracing support enables correlation of requests across services.
- Access logs improvements provide more detailed request/response information.
- Dashboard integration provides visualization of gateway traffic and health.
- Grafana integration enables comprehensive monitoring dashboards.
Developer Experience
- Configuration improvements simplify gateway configuration and management.
- CRD enhancements provide better Kubernetes-native resource definitions.
- Documentation improvements provide better guides and examples.
- Helm chart enhancements simplify deployment and configuration.
Getting Started
kubectl apply -f https://app.getambassador.io/yaml/edge-stack/4.0/aes-crds.yaml
kubectl wait --for condition=established --timeout=90s crd -lproduct=aes
kubectl apply -f https://app.getambassador.io/yaml/edge-stack/4.0/aes.yaml
Create a Mapping (Ambassador’s routing resource):
apiVersion: getambassador.io/v3alpha1
kind: Mapping
metadata:
name: backend-mapping
namespace: default
spec:
prefix: /backend/
service: backend-service:8080
timeout_ms: 3000
cors:
origins: "*"
methods:
- GET
- POST
rate_limits:
- name: basic
limits:
- pattern: "*"
rate: 100
unit: second
Create a Gateway (using Gateway API):
apiVersion: gateway.networking.k8s.io/v1beta1
kind: Gateway
metadata:
name: ambassador-gateway
spec:
gatewayClassName: ambassador
listeners:
- name: http
protocol: HTTP
port: 80
- name: https
protocol: HTTPS
port: 443
tls:
mode: Terminate
certificateRefs:
- name: ambassador-tls
Summary
| Aspect | Details |
|---|---|
| Release Date | May 22, 2023 |
| Headline Features | API gateway improvements, Gateway API support, enhanced security, comprehensive observability |
| Why it Matters | Delivers comprehensive API gateway with Gateway API support and enhanced security features |
Ambassador Edge Stack 4.0 provides teams with powerful API gateway capabilities for managing APIs and ingress traffic with modern Gateway API support and comprehensive security features.