traceable-agentfor Ambassador. The traceable-agent is a bundle of collector and Open Policy Agent (OPA) rules. The agent also hosts the
ext_authzservice. Ambassador API gateway communicates with the traceable-agent that captures the request and response data. The captured data is sent to the Traceable platform for further processing. The traceable-agent also blocks the requests based on OPA rules.
<TOKEN>, login to Traceable and click on Onboarding.
traceableai-inject-tme=enabledlabel to the namespace in which Ambassador is running. For example,
kubectl label ns ambassador traceableai-inject-tme=enabled
tme.traceable.ai/inject: trueannotation to the pod in which Ambassador is running.
max_byte- This is a mandatory parameter. It controls the maximum number of bytes that are sent to the authentication service.
allow_partial- This is a mandatory parameter. It controls what happens when the request body is of a size larger than
max_bytes. The possible values are
false. When set to
true, Ambassador sends the first
max_bytesof body to the authentication service.
failure_mode_allowis optional. When you set it to
true, the request is sent to the backend service if the authentication service is not available for some reason.
kubectl apply -f traceableai.yaml
traceable-agentis installed in
traceableainamespace. If you are installing the agent in a different namespace, change the service name accordingly.