Install Ambassador API Gateway in OpenShift 4.7
I decided to write this article as i saw that there were none for OpenShift specifically with Ambassador API Gateway. This process is very simple and straight forth as OpenShift is basically Kubernetes with some twists.
- Make sure that you contain access to your K8s cluster via kubectl as i will demoing using it. You can however using the OpenShift CLI if you want to as well. They are pretty much the same when running these commands.
- Make sure that you are using an OpenShift cluster. In this example i will be utilize a 4.7 cluster but should be the same for must.
Great now that we have that out of the way lets get started.
Step 1. Create the Ambassador namespace:
kubectl create namespace ambassador
Step 2. Run the Custom Resource Definitions for Ambassador
kubectl apply -f https://www.getambassador.io/yaml/aes-crds.yaml
Step 4. Download down the Ambassador Edge Stack deployment file and change the Security Context Run As:
Pull down the file: https://www.getambassador.io/yaml/aes.yaml
Change the following from:
This is needed as you will get the following error if not:
Error creating: pods "ambassador-956598cd7-" is forbidden: unable to validate against any security context constraint: [spec.containers.securityContext.runAsUser: Invalid value: 8888: must be in the ranges: [1000630000, 1000639999]]
OpenShift only allows security context to be between 1000630000 — 1000639999 in 4.7
Step 3. Apply the Ambassador Edge Stack Deployment
kubectl apply -f https://www.getambassador.io/yaml/aes.yaml
Step 4. Pull the Service and Verification Installation
kubectl get svc -n ambassador
This will create a load balance if you are in AWS where you can add it to the browser and test. This will take a few mins as the pods must be started before you can see the page.