Explicit Steering
Introduction​
The Explicit Steering feature enables you to route and direct specific traffic in a Kubernetes deployment to the Agent Proxy.
By default, in Kubernetes deployment, all traffic in a given pod is sent to the Agent Proxy.
Configure Explicit Steering​
To configure explicit steering in your Kubernetes cluster, simply follow the steps described on the Kubernetes Deployment page in the Aembit Technical Documentation and set the aembit.io/steering-mode annotation to explicit. This sets the steering mode to explicit.
Once you have set the steering mode to explicit, each Client Workload that wants to use Aembit will need to be configured to use Agent Proxy as its HTTP proxy.
The default port used for explicit steering is 8000. In the case, it conflicts with a port that the Client Workload uses. The explicit port number may be overridden via the AEMBIT_HTTP_SERVER_PORT environment variable.
The following section provides several examples of how Agent Proxy is used as an HTTP proxy.
Examples​
The section below shows several different Client Workload examples using different applications with Agent Proxy as an HTTP proxy.
Example Client Workload using curl with -x to specify an HTTP proxy​
curl -x localhost:8000 myserverworkload
Example Client Workload using HashiCorp Vault CLI (Vault CLI implicitly uses VAULT_HTTP_PROXY)​
export VAULT_HTTP_PROXY="http://localhost:8000"
vault token lookup
Example Client Workload written in Go (Go's HTTP client implicitly uses HTTPS_PROXY)​
export HTTPS_PROXY=localhost:8000
./run_go_app [...]