The first edition was written on 2020-08-30.
Demo
This Github repo has demos for some important types of envoy proxies.
Some issues I had at the time of using Envoy:
About Source Code
The protobuf plays a central role on Envoy configuration and every component in Envoy is defined by protobuf. Here I will show some of them I explored.
For example, in external authz gRPC server demo code:
1 | import ( |
The Check
handler is specified in module
external_auth.pb.go#L704 and defined in proto file service
external_auth.proto#L33.
Testing Facilities
There are some CLI and online facilities can help proxy testings:
- HTTP client: curl
- HTTP(S) server: www.httpbin.org, www.example.org
- TCP client: nc, telnet
- TCP server: www.tcpbin.com, nc
For complex testing that multiple components are involved, utilizing docker compose to make them work together.
NOTE: nc and telnet can also work with HTTP server, but you need to input HTTP directives in connection, for example:
GET /<path> HTTP/1.1
Envoy Training
So far the best Envoy learning series. The key takeaways are summarized in subsequent sections.
Episode 1: Intro to Envoy
The codelab Github repo.
- Cloud Native L4/L7 proxy.
- Extenability.
- Control via API(usually gRPC): control plane/ data plane.
- Observability: traces and metrics.
Core concepts and data flow, the same order in Envoy config yaml file:
1 | Requests |
Episode 05: Envoy filters
Envoy HTTP Filters:
- Code that can interact with request/response.
- Async IO.
- Transparently work with HTTP 1.1 or 2/3.
- Chained together.
Episode 15: Envoy + External Services
The external authz gRPC server is referenced from this episode, super helpful, see codelab
Other Learning Resources
- Envoy proxy blogs
- Intro: Envoy - Matt Klein & Constance Caramanolis, Lyft (slides)
- Envoy Internals Deep Dive (slides)
- Ambassador Envoy blogs
- Some Envoy basics
Istio (as far as I understand it) is basically an Envoy discovery service that uses information from the Kubernetes API (eg the services in your cluster) to configure Envoy clusters/routes. It has its own configuration language.