Running
This section of the documentation provides instructions on running Emissary in a production environment
Running Emissary in production
This section of the documentation is designed for operators and site reliability engineers who are managing the deployment of Emissary. Learn more below:
- Global Configuration: The Ambassador module is used to set system-wide configuration.
- Exposing Emissary to the Internet: The
ListenerCRD defines which ports are exposed, including their protocols and security models. TheHostCRD defines how Emissary manages TLS, domains, and such. - Load Balancing: Emissary supports a number of different load balancing strategies as well as different ways to configure service discovery
- Gzip Compression
- Deploying Emissary: On Amazon Web Services | Google Cloud | general security and operational notes, including running multiple $productNamePlural$ on a cluster
- TLS/SSL: Simultaneously Routing HTTP and HTTPS | HTTP -> HTTPS Redirection | Mutual TLS | TLS origination
- Statistics and Monitoring: Integrating with Prometheus, DataDog, and other monitoring systems
- Extending Emissary Emissary can be extended with custom plug-ins that connect via HTTP/gRPC interfaces. Custom Authentication | The External Auth protocol | Custom Logging | Rate Limiting | Distributed Tracing
- Troubleshooting: Diagnostics | Debugging
- Scaling Emissary: Scaling Emissary
- Ingress: Emissary can function as an Ingress Controller
- Error Response Overrides: Emissary can override 4xx and 5xx responses with custom response bodies
HTTP/3 configuration
Configure HTTP/3 support with Emissary. Create services to handle UDP and TCP traffic and setup HTTP/3 with your cloud service provider.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.