import Alert from ‘@material-ui/lab/Alert’;
Install manually
To migrate from $productName$ 1.X to $productName$ 2.X, see the $productName$ migration matrix. This guide will not work for that, due to changes to the configuration resources used for $productName$ 2.X.
In this guide, we’ll walk you through installing $productName$ in your Kubernetes cluster.
The manual install process does not allow for as much control over configuration as the Helm install method, so if you need more control over your $productName$ installation, it is recommended that you use helm.
Before you begin
$productName$ is designed to run in Kubernetes for production. The most essential requirements are:
- Kubernetes 1.11 or later
- The
kubectlcommand-line tool
Install with YAML
$productName$ is typically deployed to Kubernetes from the command line. If you don’t have Kubernetes, you should use our Docker image to deploy $productName$ locally.
-
In your terminal, run the following command:
kubectl create namespace $productNamespace$ || true kubectl apply -f https://app.getambassador.io/yaml/emissary/$version$/emissary-crds.yaml && \ kubectl apply -f https://app.getambassador.io/yaml/emissary/$version$/emissary-emissaryns.yaml && \ kubectl -n $productNamespace$ wait --for condition=available --timeout=90s deploy $productDeploymentName$$productName$ $version$ includes a Deployment in the $productNamespace$ namespace called emissary-apiext. This is the APIserver extension that supports converting $productName$ CRDs betweengetambassador.io/v2andgetambassador.io/v3alpha1. This Deployment needs to be running at all times.If the emissary-apiextDeployment's Pods all stop running, you will not be able to usegetambassador.io/v3alpha1CRDs until restarting theemissary-apiextDeployment.There is a known issue with the emissary-apiextservice that impacts all $productName$ 2.x and 3.x users. Specifically, the TLS certificate used by apiext expires one year after creation and does not auto-renew. All users who are running $productName$/$AESproductName$ 2.x or 3.x with the apiext service should proactively renew their certificate as soon as practical by runningkubectl delete --all secrets --namespace=emissary-systemto delete the existing certificate, and then restart theemissary-apiextdeployment withkubectl rollout restart deploy/emissary-apiext -n emissary-system. This will create a new certificate with a one year expiration. We will issue a software patch to address this issue well before the one year expiration. Note that certificate renewal will not cause any downtime. -
Determine the IP address or hostname of your cluster by running the following command:
kubectl get -n $productNamespace$ service $productDeploymentName$ -o "go-template={{range .status.loadBalancer.ingress}}{{or .ip .hostname}}{{end}}"Your load balancer may take several minutes to provision your IP address. Repeat the provided command until you get an IP address.
-
Next Steps
$productName$ shold now be successfully installed and running, but in order to get started deploying Services and test routing to them you need to configure a few more resources.
- The
ListenerResource is required to configure which ports the $productName$ pods listen on so that they can begin responding to requests. - The
MappingResouce is used to configure routing requests to services in your cluster. - The
HostResource configures TLS termination for enablin HTTPS communication. - Explore how $productName$ configures communication with clients
- The
Listener, deploying a simple service to test with, and setting up a Mapping to route requests from $productName$ to the demo service.
Upgrading an existing installation
See the migration matrix for instructions about upgrading $productName$.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.