The following is the initContainers section:

initContainers:

• name: init-nginx

image: busybox:1.28

command: [‘sh’, ‘-c’, ‘cp -L /config/nginx.conf /etc/nginx/nginx.conf && sed -i “s/

REDIS_HOST/${REDIS_HOST}/g” /etc/nginx/nginx.conf’]

env:

• name: REDIS_HOST valueFrom:

configMapKeyRef: name: redis-config key: host

• name: REDIS_PORT valueFrom:

configMapKeyRef: name: redis-config

key: port

volumeMounts:

• mountPath: /etc/nginx

name: nginx-volume

• mountPath: /config

name: config

This sectiondefines a busybox container – init-nginx. The container needs to generate the nginx-ambassador proxy configuration to communicate with Redis; therefore, two environment variables are present. Both environment variables are sourced from the redis-config config map. Apart from that, we have also mounted the nginx.conf file from the nginx-config config map. The command section within the init container uses the environment variables to replace placeholders within the nginx.conf file, after which we get a TCP proxy to the Redis backend.

The volumes section defines nginx-volume as an emptyDir volume, and the config volume is mounted from the nginx.conf file present in the nginx-config config map:

volumes:

• name: nginx-volume

emptyDir: {}

• name: config configMap:

name: nginx-config items:

• key: “nginx.conf”

path: “nginx.conf”

Now, let’s start applying the YAML files in steps.

Apply both of the config         maps using the following commands:

$ kubectl apply -f redis-config-map.yaml

$ kubectl apply -f nginx-config-map.yaml

Let’s apply the pod configuration using the following command:

$ kubectl apply -f flask-ambassador.yaml

Get the pod to see whether the configuration is correct by using the following command:

$ kubectl get pod/flask-ambassador

NAME

READY   STATUS

RESTARTS     AGE

flask-ambassador     2/2

Running   0

10s

As the pod is running successfully now, let’s port-forward 5000 to the localhost for some tests by using the following command:

$ kubectl port-forward flask-ambassador 5000:5000

Now, open a duplicate Terminal and try to curl on localhost:5000 using the following command:

$ curl localhost:5000

Hi there! This page was last visited on 2023-06-18, 16:52:28.

$ curl localhost:5000

Hi there! This page was last visited on 2023-06-18, 16:52:28.

$ curl localhost:5000

Hi there! This page was last visited on 2023-16-28, 16:52:32.

As we can see, every time we curl the application, we get the last visited time on our screen. The ambassador pattern is working.

This was a simple example of the ambassador pattern. There are advanced configurations you can do to add fine-grained control on how your application should interact with the outside world. You can use the ambassador pattern to secure traffic that moves from your containers. It also simplifies application development for your development team as they need not worry about these nuances. In contrast, the operations team can use these containers to manage your environment in a better way without stepping on each other’s toes.

Tip

As the ambassador pattern adds some overhead as you tunnel connections via a proxy, you should only use it if the management benefits outweigh the extra cost you incur because of the ambassador container.

Now, let’s look at another multi-container pod pattern – sidecars.