A Kubernetes API Gateway for AWS App Mesh powered by Envoy
Flagger Gateway for AWS App Mesh is an edge L7 load balancer that exposes applications outside the mesh.
Note this project has been deprecated in favour of the official AWS AppMesh Gateway.
Features:
The gateway is composed of:
An application running on App Mesh can be exposed outside the mesh by annotating its virtual service with:
apiVersion: appmesh.k8s.aws/v1beta1
kind: VirtualService
metadata:
name: frontend.test
annotations:
gateway.appmesh.k8s.aws/expose: "true"
gateway.appmesh.k8s.aws/retries: "5"
gateway.appmesh.k8s.aws/timeout: "25s"
gateway.appmesh.k8s.aws/domain: "example.com,www.example.com"
If you want to expose the service inside the Kubernetes cluster you can omit the domain annotation. By default the gateway exposes a virtual service by its name, a service can be accessed by setting the host HTTP header e.g.:
curl -H 'Host: frontend.test' http://<gateway-host>/
The gateway registers/de-registers virtual services automatically as they come and go in the cluster.
Requirements:
appmesh
Install the API Gateway as NLB in appmesh-gateway
namespace:
kubectl apply -k github.com/stefanprodan/flagger-appmesh-gateway//kustomize/nlb
To run the gateway behind an ALB you can install the NodePort version:
kubectl apply -k github.com/stefanprodan/flagger-appmesh-gateway//kustomize/nodeport
Wait for the deployment rollout to finish:
kubectl -n appmesh-gateway rollout status deploy/flagger-appmesh-gateway
When the gateway starts it will create a virtual node. You can verify the install with:
watch kubectl -n appmesh-gateway describe virtualnode flagger-appmesh-gateway
Status:
Conditions:
Status: True
Type: VirtualNodeActive
Deploy podinfo in the test
namespace:
kubectl -n test apply -k github.com/stefanprodan/flagger-appmesh-gateway//kustomize/test
Port forward to the gateway:
kubectl -n appmesh-gateway port-forward svc/flagger-appmesh-gateway 8080:80
Access the podinfo API by setting the host header to podinfo.test
:
curl -vH 'Host: podinfo.test' localhost:8080
Access podinfo on its custom domain:
curl -vH 'Host: podinfo.internal' localhost:8080
Access podinfo using the gateway NLB address:
URL="http://$(kubectl -n appmesh-gateway get svc/flagger-appmesh-gateway -ojson | \
jq -r ".status.loadBalancer.ingress[].hostname")"
curl -vH 'Host: podinfo.internal' $URL
App Mesh Gateway is Apache 2.0 licensed and accepts contributions via GitHub pull requests.