Showing results for tag Envoy

[Tutorial] Rewriting Express Routes with Gloo Edge

Rewriting Express Routes with Gloo Edge During this tutorial we are going to leverage Gloo Edge as an API Gateway and Kubernetes Ingress Controller to rewrite the routes of a simple Express app. You can clone the source code from here. The repository itself is packed with Scenarios that show off more features of Gloo […]

Christian Posta | December 30, 2020
Read More

Solo.io WebAssembly updates v0.0.30 – Rust and TinyGo support and more

At Solo.io, we’ve been working for the past year with WebAssembly (Wasm) and with how it can be used to customize the behavior of Envoy proxy and Envoy based solutions. Wasm is an exciting new technology born from the need to support compatibility for client side application deployments and has tremendous potential for the server […]

Solo.io Engineering | November 3, 2020
Read More

Decentralized, self-service Envoy edge gateway with Gloo

As organizations move to a microservices architecture, they find they need to adopt decentralized, self-service infrastructure to really get the gains promised by this approach. This includes building self-service platforms around Kubernetes, Prometheus, Zipkin, etc. and more recently Envoy Proxy. Envoy Proxy has become a foundational piece of a cloud-native infrastructure and can play multiple roles: edge gateway, internal gateway, service mesh service […]

Christian Posta | January 16, 2020
Read More

Autopilot: an operator framework for building workflows on top of service mesh

Autopilot is a recently announced and open-sourced project from Solo.io that gives you a framework for building opinionated operators for automated workflows on top of a service mesh. These types of workflows typically take signals or telemetry from the environment to decide what action to take next. Just like a “pilot” observes their surrounding and […]

Christian Posta | November 18, 2019
Read More

Running Envoy API Gateways on Kubernetes or Consul or both

The cloud-native community has converged on Envoy Proxy as a de-facto data plane proxy for application (L7) networking. You will find Envoy running as the data plane for many different service-mesh implementations as well as ingress and decentralized API Gateway solutions. One of the biggest reasons why Envoy is so well adopted these days is […]

Christian Posta | August 16, 2019
Read More

What’s New in Gloo Gateway Enterprise

Gloo Gateway is the next generation API gateway to easily connect legacy monoliths, microservices and serverless functions for hybrid application architecture. Gloo Gateway gives you the flexibility to modernize applications at your pace and extend investments you’ve already made in existing applications. Since launching Gloo Gateway Enterprise in December 2018, we have fixed issues and […]

Solo.io Engineering | June 11, 2019
Read More

Envoy Proxy — high severity vulnerabilities that can lead to exposure of unauthorized services.

Overview Two vulnerabilities have been discovered in the Envoy proxy that can potentially allow unauthorized access to backend resources. They are classified as of high severity according to the CVSS methodology and immediate action is needed. CVE-2019–9900 (CVSS score 8.3) When parsing HTTP/1.x header values, Envoy 1.9 and before does not reject embedded zero characters (NUL, ASCII […]

Solo.io Engineering | April 5, 2019
Read More

Guidance for Building a Control Plane for Envoy Part 3: Domain Specific Configuration

This is part 3 of a series that explores building a control plane for Envoy Proxy. In this blog series, we’ll take a look at the following areas: Adopting a mechanism to dynamically update Envoy’s routing, service discovery, and other configuration Identifying what components make up your control plane, including backing stores, service discovery APIs, […]

Christian Posta | March 26, 2019
Read More

Using Gloo as an ingress gateway with Istio and mTLS (updated for Istio 1.1!)

Istio is a popular open-source service mesh with powerful service-to-service capabilities such as request-routing control, metric collection, distributed tracing, security, et. al. Istio also ships with an ingress-gateway component that makes it easy to get traffic into your service mesh. The Istio ingress gateway allows you to control what protocols, security requirements, and ports get […]

Christian Posta | March 19, 2019
Read More

Guidance for Building a Control Plane for Envoy Proxy, Part 2: Identify Components

This is part 2 of a series that explores building a control plane for Envoy Proxy. In this blog series, we’ll take a look at the following areas: Adopting a mechanism to dynamically update Envoy’s routing, service discovery, and other configuration Identifying what components make up your control plane, including backing stores, service discovery APIs, […]

Christian Posta | March 7, 2019
Read More

Running Gloo as a Kubernetes Ingress for bare-metal clusters with MetalLB

When you deploy workloads into Kubernetes, you probably know you cannot just directly communicate with those workloads. Kubernetes assigns IP addresses to Pods running within the cluster, but those IP addresses are routable only within the cluster unless you’ve explicitly set up your networking to allow for these to be routable. You have a few […]

Christian Posta | February 22, 2019
Read More

Introducing the Envoy Operator for Kubernetes

Today, Solo.io is pleased to announce a new open source project, the Envoy Operator. The Envoy Operator is a tool designed to simplify deploying, scaling, and managing Envoy instances inside of Kubernetes. This operator was made possible thanks to the folks at CoreOS who just open-sourced the incredibly useful Operator SDK, which we used to […]

Idit Levine | May 10, 2018
Read More