Why Envoy
Envoy is the proxy behind Istio, AWS App Mesh, and most service meshes. It handles L3/L4/L7 traffic with advanced load balancing, circuit breaking, rate limiting, and observability.
Install
brew install envoy
# or
docker run -d -p 10000:10000 envoyproxy/envoy:v1.30-latest
Basic Configuration
static_resources:
listeners:
- name: listener_0
address:
socket_address:
address: 0.0.0.0
port_value: 10000
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
- name: backend
domains: ["*"]
routes:
- match:
prefix: "/api"
route:
cluster: api_service
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: api_service
connect_timeout: 5s
type: STRICT_DNS
load_assignment:
cluster_name: api_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: api
port_value: 8080
Circuit Breaking
clusters:
- name: api_service
circuit_breakers:
thresholds:
- max_connections: 1000
max_pending_requests: 500
max_requests: 1000
max_retries: 3
Key Features
- L3/L4/L7 proxy — TCP, HTTP/1.1, HTTP/2, gRPC
- Load balancing — round robin, least request, ring hash
- Circuit breaking — prevent cascade failures
- Rate limiting — global and local
- Observability — Prometheus metrics, distributed tracing
- Hot restart — zero-downtime config reload
- CNCF Graduated — production standard
Resources
Need to extract proxy configs, traffic data, or service mesh metrics? Check out my Apify tools or email spinov001@gmail.com for custom solutions.
Top comments (0)