Showing results for tag Envoy

Decentralized, self-service Envoy edge gateway with Gloo

As organizations move to a microservices architecture, they find they need to adopt decentralized, self-service infrastructure to really get the gains promised by this approach. This includes building self-service platforms around Kubernetes, Prometheus, Zipkin, etc. and more recently Envoy Proxy. Envoy Proxy has become a foundational piece of a cloud-native infrastructure and can play multiple roles: edge gateway, internal gateway, service mesh service […]

Christian Posta | January 16, 2020
Read More

Autopilot: an operator framework for building workflows on top of service mesh

Autopilot is a recently announced and open-sourced project from Solo.io that gives you a framework for building opinionated operators for automated workflows on top of a service mesh. These types of workflows typically take signals or telemetry from the environment to decide what action to take next. Just like a “pilot” observes their surrounding and […]

Christian Posta | November 18, 2019
Read More

Running Envoy API Gateways on Kubernetes or Consul or both

The cloud-native community has converged on Envoy Proxy as a de-facto data plane proxy for application (L7) networking. You will find Envoy running as the data plane for many different service-mesh implementations as well as ingress and decentralized API Gateway solutions. One of the biggest reasons why Envoy is so well adopted these days is […]

Christian Posta | August 16, 2019
Read More

What’s New in Gloo Gateway Enterprise

Gloo Gateway is the next generation API gateway to easily connect legacy monoliths, microservices and serverless functions for hybrid application architecture. Gloo Gateway gives you the flexibility to modernize applications at your pace and extend investments you’ve already made in existing applications. Since launching Gloo Gateway Enterprise in December 2018, we have fixed issues and […]

Solo.io Engineering | June 11, 2019
Read More

Envoy Proxy — high severity vulnerabilities that can lead to exposure of unauthorized services.

Overview Two vulnerabilities have been discovered in the Envoy proxy that can potentially allow unauthorized access to backend resources. They are classified as of high severity according to the CVSS methodology and immediate action is needed. CVE-2019–9900 (CVSS score 8.3) When parsing HTTP/1.x header values, Envoy 1.9 and before does not reject embedded zero characters (NUL, ASCII […]

Solo.io Engineering | April 5, 2019
Read More

Guidance for Building a Control Plane for Envoy Part 3: Domain Specific Configuration

This is part 3 of a series that explores building a control plane for Envoy Proxy. In this blog series, we’ll take a look at the following areas: Adopting a mechanism to dynamically update Envoy’s routing, service discovery, and other configuration Identifying what components make up your control plane, including backing stores, service discovery APIs, […]

Christian Posta | March 26, 2019
Read More

Using Gloo as an ingress gateway with Istio and mTLS (updated for Istio 1.1!)

Istio is a popular open-source service mesh with powerful service-to-service capabilities such as request-routing control, metric collection, distributed tracing, security, et. al. Istio also ships with an ingress-gateway component that makes it easy to get traffic into your service mesh. The Istio ingress gateway allows you to control what protocols, security requirements, and ports get […]

Christian Posta | March 19, 2019
Read More

Guidance for Building a Control Plane for Envoy Proxy, Part 2: Identify Components

This is part 2 of a series that explores building a control plane for Envoy Proxy. In this blog series, we’ll take a look at the following areas: Adopting a mechanism to dynamically update Envoy’s routing, service discovery, and other configuration Identifying what components make up your control plane, including backing stores, service discovery APIs, […]

Christian Posta | March 7, 2019
Read More

Running Gloo as a Kubernetes Ingress for bare-metal clusters with MetalLB

When you deploy workloads into Kubernetes, you probably know you cannot just directly communicate with those workloads. Kubernetes assigns IP addresses to Pods running within the cluster, but those IP addresses are routable only within the cluster unless you’ve explicitly set up your networking to allow for these to be routable. You have a few […]

Christian Posta | February 22, 2019
Read More

Introducing the Envoy Operator for Kubernetes

Today, Solo.io is pleased to announce a new open source project, the Envoy Operator. The Envoy Operator is a tool designed to simplify deploying, scaling, and managing Envoy instances inside of Kubernetes. This operator was made possible thanks to the folks at CoreOS who just open-sourced the incredibly useful Operator SDK, which we used to […]

Idit Levine | May 10, 2018
Read More

CloudEvents, Multi-Cloud, and the Gloo Between Them

We at Solo believe the future of serverless platforms will be to enable building serverless applications across cloud vendors. As highlighted in Kelsey Hightower’s keynote speech at this year’s KubeCon Europe, the cloud community is interested in leveraging the power of multiple vendors when building serverless applications. This was precisely our vision when building Gloo, […]

Idit Levine | May 9, 2018
Read More

Introducing Gloo-NATS: Bring events to your API

To be resilient, scalable, and efficient, an API Gateway should guarantee that requests are not dropped, are delivered with high performance, and can be fanned out easily to multiple subscribers. This is only possible by integrating a messaging system into the core of the gateway itself. Until today, there were no existing gateways that leveraged […]

Idit Levine | April 4, 2018
Read More