Introduction to the Envoy proxy. see the video.

What is Envoy?

Envoy proxy is a cloud native L4/L7 proxy. It has some nice features making it usable in distributed cloud native environments:

• Extendability - is important so that each company can adapter envoy to its use case.
• Controlled via eventually consistent API (control plane / data plane) - This enables deployment at scale.
• Observability - Allows you to understand the state of your system, and see if there are any problems.

Core concepts

Listener

instructs envoy to listen on a port, accept incoming connections and send them through the listener filter chain. The filter chain in the listener is responsible to send the data/requests to the upstream cluster

Cluster

That is the destination of traffic (usually coming from the listener). A cluster is composed of several endpoints (it’s members). There are different cluster types. Each cluster type has a different way of discovering endpoints. strict_dns, logical_dns, static, eds.

Route

Routes for the L7 HCM filter specify how to send requests to the upstream cluster.

Filters

Pieces of code that the data is passed through to. They are arranged in a chain, where one filter is called after the other.

Flow of data

Routing decision

The HTTP Connection Manager is a TCP filter that ‘converts’ envoy to an L7 proxy. This filter has it’s own chain of HTTP filters.

The HCM selects a route based on the List of Routes and sends the request down the filter chain.

The router filter (which should be the last filter in the chain) ends the chain and sends the request to the upstream cluster.

Demo

See the video for a demo!