Challenges of running Istio distroless images

At, we work with customers running Istio at massive scale, in secure environments, and in highly-regulated environments (FIPS/FedRAMP, PCI, etc). Our Gloo Mesh builds of Istio are based on the upstream builds with LTS (N-3) and enterprise Severity-1 response times (ie, security patching, production break/fix, feature backporting,  etc). Unlike other Istio distributions, we do […]

Christian Posta | April 28, 2021
Read More

Dynamic routing with Gloo Edge

Photo by Jin xc on Unsplash In the race for APIs, it’s best to think carefully about your API management solution. With Kubernetes gaining popularity, whether on-premises or on public clouds, we strongly suggest you adopt a Kubernetes-native solution like Gloo Edge. An emerging need of our customers, especially those who operate multi-tenant platforms, is […]

Baptiste Collard | April 28, 2021
Read More

Live Hoot Episode Recap – Envoy + External Services

During the April 20th Live Hoot Episode, Yuval Kohavi dived into how to extend envoy functionality using external services to enable authorization, rate-limiting and observability. If you missed the episode, you can watch a recording here:     On our next live episode on May 4th, Scott Weiss will dive more into Building Multi-Cluster Operators […] Engineering | April 26, 2021
Read More

Self-Service User Registration with Gloo Portal and Okta

Gloo Portal allows users to catalog, manage and securely publish running APIs to onboard developers both inside and outside your organization.  With the recent 0.7.0 release, it adds gRPC support to its existing OpenAPI / REST facilities to become the first enterprise-class gRPC portal.  And of course, all of this is delivered with a cloud-native […]

Jim Barton | April 23, 2021
Read More

Web Assembly at Scale with Gloo Edge

WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications. At, we are very excited about Web Assembly as a way to extend our Envoy Proxy-based API Gateway (Gloo Edge) and the […]

Denis Jannot | April 21, 2021
Read More

Security at Scale with Gloo Edge

Gloo Edge is our Kubernetes native API gateway based on Envoy. It provides authentication (with OAuth, JWT, API keys, and JWT), authorization (with OPA or custom approaches), a Web Application Firewall (based on ModSecurity), function discovery (with OpenAPI and AWS Lambda), advanced transformations, and much more. In my previous blog post, Envoy at Scale with […]

Denis Jannot | April 14, 2021
Read More to Present 8 Sessions at ServiceMeshCon and Wasm Day during KubeCon – Starting on May 4th

Join the solo team at ServiceMeshCon Europe 2021! This event will be held virtually on Tuesday, May 4, 2021, during KubeCon + CloudNativeCon Europe 2021 – Virtual and will feature speakers from a variety of organizations focused on service mesh technologies. Topics will include getting started with and adopting a mesh, lessons learned from production […]

Erik Frieberg | April 10, 2021
Read More

Solving a Real-World Information Leakage Problem with WebAssembly and Gloo Edge

Multiple Gloo Edge customers have approached us recently with questions like, “Our product security team wants our applications to remove any response headers from our services that indicate to a potential attacker that we’re using Envoy as the foundation of our API Gateway.  In particular, we’d like to remove the server header and any header […]

Jim Barton | April 9, 2021
Read More

GA Releases of Gloo Edge 1.7 and Gloo Portal 0.7

The First Enterprise gRPC Portal, Full Federation Capabilities, and more  Today, I am happy to announce the release of Gloo Edge v1.7 and Gloo Portal v0.7 with an array of unique features and enhancements requested by you, the community and customers. First, one of the most exciting, unique features in the market is the […]

Chris Gaun | April 9, 2021
Read More

[Tutorial] Secure the Edge with Gloo and get your A+ grade!

With the rise of “HTTPS first”, companies had to make the move to automated pipelines for certificate management. One of the most popular Certificate Authorities is Let’s Encrypt, certainly because of its free & self-service infrastructure for signing certificate requests. In this blog post, we will explore Gloo Edge options around TLS. In order to […]

Baptiste Collard | April 6, 2021
Read More

Envoy at Scale with Gloo Edge

Gloo Edge is our Kubernetes native API gateway based on Envoy. It provides Authentication (OAuth, JWT, API keys, JWT, …), Authorization (OPA, custom, …), Web Application Firewall (based on ModSecurity), function discovery (OpenAPI based, Lambda, …), advanced transformations and much more. One of the first question our customers are generally asking us is how many […]

Denis Jannot | April 2, 2021
Read More

Gloo Cloud – Fully Managed Istio Service Mesh

In recent years, Istio has emerged as the dominant service mesh solution due to its powerful features, maturity, and vibrant community. However, installing, upgrading, and operating Istio can be error-prone, time-consuming and burdensome. Two years ago, Solo announced Gloo Mesh, a service mesh management plane. Our vision was to build a suit of tools that […]

Idit Levine | March 24, 2021
Read More