Envoy Concepts

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

External

Internal

Overview

Envoy is a high performance C++ distributed proxy designed for single services and applications, as well as a communication bus and “universal data plane” designed for large microservice “service mesh” architectures. Built on the learnings of solutions such as NGINX, HAProxy, hardware load balancers, and cloud load balancers, Envoy runs alongside every application and abstracts the network by providing common features in a platform-agnostic manner. When all service traffic in an infrastructure flows via an Envoy mesh, it becomes easy to visualize problem areas via consistent observability, tune overall performance, and add substrate features in a single place.

A Cloud Native Computing Foundation project.

External Authorization

https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/ext_authz_filter#arch-overview-ext-authz
https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/ext_authz_filter

The Envoy External Authorization filter calls an authorization service to check if the incoming request is authorized or not.

Retrieved from "https://kb.novaordis.com/index.php?title=Envoy_Concepts&oldid=108838"