Envoy Proxy & GetEnvoy, Open Source

Gateway to the Future: the New Kubernetes Gateway API and Envoy Gateway 0.2

With the release of Envoy Gateway 0.2, you may be wondering what’s happening in this part of the ecosystem, where things are headed, or maybe just wondering what Envoy Gateway (EG) even is. In this post, Tetrate’s Matt Turner explores all this and more.

How do network requests get into your Kubernetes cluster from the outside? Chances are you’re using an ingress controller: a set of HTTP reverse proxies that transit traffic into the cluster, and an operator that controls them. You might be using something like Ambassador or Contour, Traefik or HAproxy. You might be using your cloud provider’s solution, or just the “default” Nginx Ingress. Or you might be using a more full-featured “API Gateway” (of which more later) like Tyk or Kong, or have a separate gateway in another layer in front of your Kubernetes ingress, like AWS’s API Gateway, or an on-prem F5. Suffice to say, there are many options to choose from.

Read More
eBPF and Sidecars
Service Mesh, Tetrate

eBPF and Sidecars – Getting the Most Performance and Resiliency out of the Service Mesh

If you’ve been watching the service mesh space recently, you’ll have noticed a lot of talk about eBPF and “sidecar-less” meshes. In fact, there’s been so much talk about these things that I’m hoping for a lot of readers for this blog post, just because I’ve got all of it in the title!

But what actually are “sidecar-less” service meshes? How do they work? And do they solve the problems we’ve been told they do, namely improving performance and reducing resource usage? In this post I’ll explain what these two technologies are, what they can and can’t do for the mesh, and how they do — and do not — work together.

Read More