What’s New in Envoy Gateway 1.1
Want to chat with Erica about the new features in EG 1.1? Join our live webinar or watch on demand ›
What has really changed from Envoy Gateway 1.0 to Envoy Gateway 1.1? First and foremost Envoy Gateway now implements version 1.1 of the Kubernetes Gateway API. Secondly, it brings you even more of the power of Envoy Proxy, easily configurable through the Envoy Gateway custom resources in Kubernetes.
The new feature list is long, so to save you time reading and understanding the impact of all the new features we have created a summary of five areas which we believe will further enable you to handle Kubernetes’ ingress traffic effectively.
At Tetrate, we are impressed with the community’s ability to rally around common needs and continue to evolve the solution, unlocking even more of the power of Envoy Proxy. Additionally we are especially proud of the leadership and contributions of our Tetrands Arko, Huabing, Zirain and Shawn.
Tetrate offers an enterprise-ready, 100% upstream distribution of Envoy Gateway, Tetrate Enterprise Gateway for Envoy (TEG). TEG is the easiest way to get started with Envoy for production use cases. Get access now ›
Get More Control over Traffic Handling with New Configuration Flexibility
Decisions are often highly contextual, and sometimes, the order in which we make those decisions matters. Do you authorize or rate-limit the request first? If you authorize first, does knowing the authorization context affect the rate-limiting decisions you are making?
With Envoy Gateway 1.1, you gain a significant level of flexibility in defining and ordering filters, more features for backend and client traffic handling policies, and the ability to reuse backend traffic handling policies across gateway routes. This flexibility empowers you to tailor your traffic handling to your specific needs.
Enhance Security with Gradual mTLS Rollout
Want to move to mTLS for all client traffic coming in, but you have many clients and can’t turn it on for all of them in one go? With Envoy Gateway 1.1, you can now do a gradual rollout of mTLS allowing your clients to adopt it in their own time. This can be especially helpful when migrating off of Basic Authentication.
Envoy Gateway 1.1 introduces an incremental rollout of mTLS, allowing to gradually rollout mTLS for client-to-gateway TLS, ensuring a smooth transition, without outages, to a more secure environment.
Reduce Time to Resolution with Improved Observability
Observability is only as good as the data you collect, and you want to collect what matters, not just anything, and unnecessarily increase your log storage bill. You want to be able to answer questions about which team owns that really slow route and trace it through the system to find out where it is going.
With Grafana dashboard integration, Zipkin Support, and Route Metadata for traffic reports, you get enhanced observability, enabling better monitoring and quicker issue resolution.
Customize Traffic Handling with Your Own Code
Sometimes, you need to know more than the request attributes to make a routing decision. For example when you need to look up an end user’s geographic residence to route traffic to the correct region for handling (like the EU). To achieve this you might need to create a custom external process that integrates with your system to get that information and decorate the request to proceed with routing.
The EnvoyExtensionPolicy and ExtProc support allows you to extend Envoy programmability with external processes, enabling custom traffic handling and integration with unique business logic.
Integrate with Your Service Mesh More Easily
Previously, integrating Envoy Gateway with service meshes had limitations, particularly in routing to Service Cluster IP targets, which restricted flexibility and efficiency in service mesh environments.
Envoy Gateway 1.1 introduces enhanced service mesh integration by enabling routing to Service Cluster IP targets. This improvement allows seamless and efficient traffic routing within service meshes, leveraging the powerful features of Envoy Gateway to optimize performance and maintain robust communication between services.
Summary
Whether you are optimizing performance, enhancing security, gaining deeper insights, or pushing the boundaries of programmability, Envoy Gateway 1.1 provides the tools and features you need. Adopt or upgrade to Envoy Gateway 1.1 today and experience the future of Kubernetes ingress management.
###
If you’re new to service mesh, Tetrate has a bunch of free online courses available at Tetrate Academy that will quickly get you up to speed with Istio and Envoy.
Are you using Kubernetes? Tetrate Enterprise Gateway for Envoy (TEG) is the easiest way to get started with Envoy Gateway for production use cases. Get the power of Envoy Proxy in an easy-to-consume package managed by the Kubernetes Gateway API. Learn more ›
Getting started with Istio? If you’re looking for the surest way to get to production with Istio, check out Tetrate Istio Subscription. Tetrate Istio Subscription has everything you need to run Istio and Envoy in highly regulated and mission-critical production environments. It includes Tetrate Istio Distro, a 100% upstream distribution of Istio and Envoy that is FIPS-verified and FedRAMP ready. For teams requiring open source Istio and Envoy without proprietary vendor dependencies, Tetrate offers the ONLY 100% upstream Istio enterprise support offering.
Need global visibility for Istio? TIS+ is a hosted Day 2 operations solution for Istio designed to simplify and enhance the workflows of platform and support teams. Key features include: a global service dashboard, multi-cluster visibility, service topology visualization, and workspace-based access control.
Get a Demo