emissary-ingress with hostNetwork: true

another envoy based ingress controller.

install:

# Go to https://www.getambassador.io/docs/emissary/latest/tutorials/getting-started
# and select Kubernetes YAML
# copy and paste below text to install 

kubectl create namespace emissary && \
kubectl apply -f https://app.getambassador.io/yaml/emissary/3.6.0/emissary-crds.yaml && \
kubectl wait --timeout=90s --for=condition=available deployment emissary-apiext -n emissary-system
kubectl apply -f https://app.getambassador.io/yaml/emissary/3.6.0/emissary-emissaryns.yaml && \
kubectl -n emissary wait --for condition=available --timeout=90s deploy -lproduct=aes

edit deployment:

$ kubectl edit deployments.apps -n emissary emissary-ingress

- reduce rep=1
- enable hostNetwork = true and dns = ClusterFirstWithHostNet

      dnsPolicy: ClusterFirstWithHostNet
      hostNetwork: true

- update containerPort 8080->80, 8443->443

        - containerPort: 80
          hostPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          hostPort: 443
          
- securityContext.runAsUser 8888->0

Apply HTTP, HTTPS listener and HOST

--
apiVersion: getambassador.io/v3alpha1
kind: Listener
metadata:
  name: http-listener
spec:
  port: 80
  protocol: HTTP
  securityModel: XFP
  hostBinding:
    namespace:
      from: SELF
---
apiVersion: getambassador.io/v3alpha1
kind: Listener
metadata:
  name: https-listener
spec:
  port: 443
  protocol: HTTPS
  securityModel: XFP
  hostBinding:
    namespace:
      from: SELF
---
apiVersion: getambassador.io/v3alpha1
kind: Host
metadata:
  name: minimal-host
spec:
  hostname: '*'
requestPolicy:
  insecure:
    action: Redirect

Enable GZip module

apiVersion: getambassador.io/v3alpha1
kind:  Module
metadata:
  name:  ambassador
spec:
  config:
    gzip:
      memory_level: 2
      min_content_length: 1024
      compression_level: BEST
      compression_strategy: RLE
      content_type:
      - application/javascript
      - application/json
      - text/plain
      - text/css
      - application/x-javascript
      - text/xml
      - application/xml
      - application/xml+rss
      - text/javascript

Apply mapping to demo (echo) service

apiVersion: getambassador.io/v3alpha1
kind: Mapping
metadata:
  name: echo
  namespace: default
spec:
  connect_timeout_ms: 3000
  idle_timeout_ms: 60000
  # end-to-end timeout for an entire transaction = 30 min
  # enter 0 to disabled 
  # refer: https://www.getambassador.io/docs/emissary/latest/topics/using/timeouts
  timeout_ms: 1800000
  host: '*'
  prefix: /
  service: echo

Emissary default timeout is too low, have to override it.

host = ‘*’ just for my laziness don’t use it on production.

That’s all