When your microservices need to talk to each other, you need a proxy that handles routing, load balancing, observability, and security — without slowing things down. Envoy does exactly this, and it powers Istio, Consul Connect, and most service meshes in production.
What Is Envoy?
Envoy is a high-performance L4/L7 proxy designed for modern cloud-native applications. Originally built at Lyft, it handles service-to-service communication with automatic retries, circuit breaking, rate limiting, and rich observability — all configured via API, not config files.
The Free API
Envoy is completely free and open source:
- xDS API: Dynamic configuration without restarts
- Admin API: Runtime stats, config dumps, health checks
- gRPC + REST: First-class support for both protocols
- WASM filters: Extend Envoy with custom logic in any language
- Zero-downtime config: Hot-reload routing rules via API
Quick Start
Run Envoy with Docker:
docker run -d --name envoy \
-p 10000:10000 -p 9901:9901 \
-v $(pwd)/envoy.yaml:/etc/envoy/envoy.yaml \
envoyproxy/envoy:v1.30-latest
Basic configuration:
static_resources:
listeners:
- name: main_listener
address:
socket_address:
address: 0.0.0.0
port_value: 10000
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
- name: backend
domains: ["*"]
routes:
- match: { prefix: "/api" }
route:
cluster: api_service
retry_policy:
retry_on: "5xx"
num_retries: 3
http_filters:
- name: envoy.filters.http.router
clusters:
- name: api_service
connect_timeout: 5s
type: STRICT_DNS
load_assignment:
cluster_name: api_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: api-server
port_value: 8080
Query the admin API:
# Get cluster stats
curl http://localhost:9901/stats?filter=cluster.api_service
# Check active connections
curl http://localhost:9901/clusters
# Hot restart with new config
curl -X POST http://localhost:9901/config_dump
Why Teams Choose Envoy
A fintech company ran 200+ microservices with nginx as their proxy. When a downstream service failed, cascading failures took down their entire platform. After switching to Envoy with circuit breaking and automatic retries, their uptime went from 99.5% to 99.99%. The observability alone — seeing exactly which service calls were slow — saved their on-call team hours per week.
Who Is This For?
- Platform engineers building service mesh infrastructure
- DevOps teams needing advanced traffic management
- Backend developers with complex microservice routing
- Companies migrating from nginx/HAProxy to dynamic configuration
Start Using Envoy
Envoy gives you production-grade traffic management that updates without restarts. Whether you use it standalone or as part of a service mesh, it handles the hard networking problems so your services can focus on business logic.
Need help with microservices architecture or service mesh setup? I build custom infrastructure solutions — reach out to discuss your project.
Found this useful? I publish daily deep-dives into developer tools and APIs. Follow for more.
Top comments (0)