Envoy Gateway will reduce existing, redundant efforts around Envoy and make it much easier for application developers to use Envoy as a basic API gateway “out of the box” and as a Kubernetes Ingress controller. Exposing a simplified set of APIs, and implementing the Kubernetes Gateway API, EG makes it easier to extend Envoy. Developers will now have a cost-free, unfettered way to provide external access to their work in progress. At the same time, Envoy Gateway will not replace API management features currently found in commercial products.
“Envoy has achieved a great deal of success since we first released it in 2016,” said Matt Klein, founder of the Envoy proxy project. “And community has been at the heart of Envoy from the beginning. With the community-driven Envoy Gateway project, we see the opportunity to make Envoy accessible to many more users through the addition of simplified APIs and new capabilities explicitly targeted at north-south / edge proxy use cases.”
Envoy is already widely used for traffic between separate services in a microservices application—that is, east-west traffic. With Envoy Gateway, Envoy will also be easy to use for north-south traffic—traffic between an application and the outside world, as with consumers of an application’s APIs.
Envoy Gateway—Extensible Open Source Infrastructure for the Cloud-Native Future
IT organizations worldwide want to establish and use a rich, robust, modern stack of open source software for cloud-native application development and delivery, under the management of organizations such as the Linux Foundation and CNCF. Commercial offerings and projects within each IT team can then add value on top of this core infrastructure.
Envoy is fast becoming the go-to networking substrate within this modern, cloud-native stack. However, the need for API access, traffic routing, and other ingress capabilities has recently led to fragmentation in the Envoy ecosystem. Envoy Gateway will bring this needed functionality back into the main Envoy project and make it less confusing and time-consuming for developers to access Envoy.
Implementation Via Kubernetes Gateway API
Envoy Gateway will expose a version of the Kubernetes-native Gateway API, with Envoy-specific extensions. This is an expressive, extensible, role-oriented API well-suited to use by developers. Gateway API is either implemented, or in progress, for Istio, the Contour project (which originated at VMware), Emissary-ingress (which originated at Ambassador Labs), and others.
When users create Gateway API resources, they will be translated into native Envoy API calls, so Envoy and xDS, its native API, will not need to be changed to add this new support.
Advantages for Developers, Infrastructure Administrators and Business Decision-Makers
Application developers will experience the most positive impact from Envoy Gateway. They will be able to run Envoy Gateway and begin routing traffic to their applications. They will no longer need to build their own control plane, or extend an existing control plane such as a Go or Java control plane, or bring in a vendor solution at the early stages of their projects. They can just configure routes for the application and share them.
Infrastructure administrators will be able to easily offer an Envoy-native experience to application teams, without needing to adopt a vendor solution just to get basic gateway functionality. They will be able to manage instances of Envoy Gateway without interfering with developer access to them. Envoy Gateway will allow them to deliver consistent application networking capabilities across heterogeneous environments.
Executives and decision-makers will have Envoy as a standard and, we expect, widely-used solution for API access and Kubernetes ingress. They will also benefit from faster and easier development and delivery of more secure and robust software and services.
Additional Resources
- Explore CNCF announcements.
- Review the official blog of the Envoy project.
- Learn more about Envoy Gateway goals.
About Envoy
Originally created by Matt Klein and built at Lyft, Envoy is a high performance C++ distributed proxy designed for single services and applications, as well as a communication bus and “universal data plane” designed for large microservice “service mesh” architectures. Built on the learnings of solutions such as NGINX, HAProxy, hardware load balancers, and cloud load balancers, Envoy runs alongside every application and abstracts the network by providing common features in a platform-agnostic manner. When all service traffic in an infrastructure flows via an Envoy mesh, it becomes easy to visualize problem areas via consistent observability, tune overall performance, and add substrate features in a single place.
Contact Matt Klein at mattklein123@gmail.com.
About Ambassador Labs
Ambassador Labs, the cloud native developer experience leader, enables developers to code, test, ship, and run applications faster and easier than ever. Maker of top Cloud Native Computing Foundation (CNCF) open source projects, including Emissary-ingress and Telepresence, Ambassador Labs delivers a developer control plane for Kubernetes that integrates the development, deployment, and production infrastructure for developers and organizations worldwide including Microsoft, PTC, NVidia, and Ticketmaster. Ambassador Labs is backed by top investors including Insight Partners and Matrix Partners. Learn more and get started for free at www.getambassador.io.
Contact Lisa Williams of Ambassador Labs at lisawilliams@datawire.io.
About Fidelity Investments
Fidelity’s mission is to inspire better futures and deliver better outcomes for the customers and businesses we serve. With assets under administration of $11.3 trillion, including discretionary assets of $4.2 trillion as of March 31, 2022, we focus on meeting the unique needs of a diverse set of customers. Privately held for over 75 years, Fidelity employs more than 57,000 associates who are focused on the long-term success of our customers. For more information about Fidelity Investments, visit www.fidelity.com/about-fidelity/our-company.
Contact Kathleen Bentley of Fidelity Investments at kathleen.bentley@fmr.com.
About Tetrate
Started by Istio founders to reimagine application networking, Tetrate is an enterprise service mesh company managing the complexity of modern, hybrid cloud application infrastructure. Its flagship product, Tetrate Service Bridge, provides an edge-to-workload application connectivity platform to deliver business continuity, agility, and security for enterprises on the journey from traditional monoliths to the cloud. Customers get consistent, baked-in observability, runtime security and traffic management in any environment. Tetrate continues to serve as a top contributor to the open-source projects Istio and Envoy Proxy. Find out more at www.tetrate.io.
Contact Annie Fink of Bospar at annie@bospar.com.
About VMware
VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. For more information, please visit www.vmware.com/company.
Contact Eloy Ontiveros of VMware Global Communications at eontiveros@vmware.com.