Envoy Gateway supports the new Gateway API, as a replacement for the older Kubernetes Ingress API. In this episode of TFiR: Let’s Talk recorded at KubeCon+CloudNativeCon Europe, Zack Butcher, Founding and Principal Engineer at Tetrate, discusses the company’s involvement in the project, the features and improvements in the Envoy Gateway 1.0 release, and their focus for the future. He says, “We wanted to make Envoy easier to use. We wanted to give a batteries-included implementation that you didn’t have to cobble together yourself.”

Envoy, a widely used open-source proxy for Kubernetes

• Open-source proxy, Envoy, has become widely used in the Kubernetes ecosystem due to its dynamic performance and ability to provide visibility. Contributors include Google, Tetrate, and Apple.
• The Kubernetes Ingress API has become old and the Kubernetes community has been working to revise it as Gateway API, which aims to address previous pain points.

Kubernetes Gateway API and Envoy Gateway implementation

• A group of companies kickstarted the Envoy Gateway project to provide a standardized and easier-to-use implementation of the Kubernetes Gateway API, leveraging Envoy as the data plane.

Envoy 1.0 release and future improvements

• Butcher discusses the latest release, Envoy Gateway 1.0, and its adoption around the world. He feels that the release signals to the community that the project is robust and ready for production use.
• Envoy Gateway’s control plane has been hardened with backward compatibility so users can utilize the new features without configuration disruptions.
• New features include incremental XDS, support for OAuth 2.0 and rate limiting, improved telemetry, and resiliency capabilities all accessible through the Kubernetes gateway API extension points.
• Butcher shares details of the project’s open roadmap saying they plan a three-month release cadence, with their immediate focus on better operational telemetry in the control plane itself.
• Future releases will focus on adding more functionality for different use cases, improving support for encryption, and performance optimizations.
• Butcher highlights the project’s success, which boasts over 90 contributors from diverse backgrounds and locations helping to get it to the 1.0 release.

Envoy Gateway and its use cases

• Butcher discusses the key use case of Envoy Gateway to migrate from low-value Ingress setups to the Gateway API. Butcher explains that the 80% use case for API Gateways involves authenticating users, rate limiting, and load balancing, with Envoy’s enhanced capabilities working to simplify these use cases.
• Envoy Gateway aims to make it easy for users to consume the project by providing detailed guides covering various use cases to help them with Canary deployments, TLS setup, and HTTP/2 routing.
• Envoy will have a product on top of the open-source project that provides support, providing the best usage patterns and guidelines. Butcher hints at upcoming features like API validation, which has been a long-requested feature.

Guest: Zack Butcher (LinkedIn)
Company: Tetrate (Twitter)
Show: Let’s Talk

This summary was written by Emily Nicholls.