Built together. Built in the open.
Gateway is the result of the community coming together to make it easier than ever to leverage Envoy Proxy for your API Gateway needs.
Envoy Gateway
Manage your Application and API traffic with Envoy Gateway.
Aimed at making it easy to adopt, use, and manage Envoy Proxy. Deploy as a Standalone or Kubernetes-based API Gateway, implementing and extending the Kubernetes Gateway API.
Get involved in the community
Join our community on Slack, join the conversation on GitHub, and attend our community meetings. See links in footer for details and meeting notes.
Got feature ideas?
We're always looking for feedback on what features you'd like to see in Gateway. Don't hesitate to raise GitHub issues or join #gateway-dev and #gateway-users on Envoy's Slack.
Capabilities
Use Envoy Proxy as an API Gateway
Makes it easy to leverage Envoy Proxy as a Kubernetes Gateway. Envoy Gateway implements the Kubernetes Gateway API, and extends it to make it easy to leverage advanced Envoy features, without knowing details of Envoy proxy.
Security controls made easy
Leverage the Envoy Gateway Security Policy to enforce security controls including mTLS, JWT based access control, OIDC integration, API Key based authorization, and more.
Manage traffic
Envoy Gateway supports advanced traffic management and control features including rate limiting, retry policies, circuit breaking, timeouts, failover, and more
Observability
Envoy Gateway provides a rich set of observability features including metrics, access logging, distributed tracing, and more.
Our Adopters
Canva is using Envoy Gateway to route traffic for user uploads, using consistent hash load balancing, and as the gateway for internal systems.
Routing all customer traffic to our various backends. Every time a new customer signs up we dynamically add a route to a new hostname so Envoy Gateway is deeply integrated with our product.
Tetrate provides Enterprise Gateway (TEG) to end users, which includes a 100% upstream distribution of Envoy Gateway, and management to deliver applications securely, authenticate user traffic, protect services with rate limiting and WAF, and integrate with your observability stack to monitor and observe activity.
Airspace Link is using Envoy Gateway to route all public APIs to Kubernetes clusters, developers are manipulating routes descriptions using agnostic manifest files, which are then automatically provisioned using Envoy Gateway.
Teleport is using Envoy Gateway to manage dynamic routing for all traffic to the Teleport Cloud Platform.
Tencent Cloud is using Envoy Gateway as a Kubernetes Cluster Network Addon to manage dynamic routing in the Tencent Kubernetes Engine.
QuantCo is using Envoy Gateway to expose various services from our K8s clusters in a secure and flexible way, where developers can deploy and manage their apps and cluster administrators can enforce common security policies like OIDC authentication.
Titan uses Envoy Gateway to enhance observability and centralize security for its Kubernetes services, managing critical policies like rate limiting, IP blocking, and access controls—freeing developers from the burden of handling service security.
CoactiveAI is advancing multimodal content search and analytics at scale, and relies on envoy gateway to simplify self-service routing, consistent API authentication, request modification, safe rollouts with traffic splitting, and request mirroring for data consistency over split deployments.