Built together. Built in the open.
Gateway is the result of the community coming together to make it easier than ever to leverage Envoy Proxy for your API Gateway needs.
Envoy Gateway
Manage your Application and API traffic with Envoy Gateway.
Aimed at making it easy to adopt, use, and manage Envoy Proxy. Deploy as a Standalone or Kubernetes-based API Gateway, implementing and extending the Kubernetes Gateway API.
Get involved in the community
Join our community on Slack, join the conversation on GitHub, and attend our community meetings. See links in footer for details and meeting notes.
Got feature ideas?
We're always looking for feedback on what features you'd like to see in Gateway. Don't hesitate to raise GitHub issues or join #gateway-dev and #gateway-users on Envoy's Slack.
Capabilities
Use Envoy Proxy as an API Gateway
Makes it easy to leverage Envoy Proxy as a Kubernetes Gateway. Envoy Gateway implements the Kubernetes Gateway API, and extends it to make it easy to leverage advanced Envoy features, without knowing details of Envoy proxy.
Security controls made easy
Leverage the Envoy Gateway Security Policy to enforce security controls including mTLS, JWT based access control, OIDC integration, API Key based authorization, and more.
Manage traffic
Envoy Gateway supports advanced traffic management and control features including rate limiting, retry policies, circuit breaking, timeouts, failover, and more
Observability
Envoy Gateway provides a rich set of observability features including metrics, access logging, distributed tracing, and more.
Our Adopters
Canva is using Envoy Gateway to route traffic for user uploads, using consistent hash load balancing, and as the gateway for internal systems.
Routing all customer traffic to our various backends. Every time a new customer signs up we dynamically add a route to a new hostname so Envoy Gateway is deeply integrated with our product.
Tetrate provides Enterprise Gateway (TEG) to end users, which includes a 100% upstream distribution of Envoy Gateway, and management to deliver applications securely, authenticate user traffic, protect services with rate limiting and WAF, and integrate with your observability stack to monitor and observe activity.
Airspace Link is using Envoy Gateway to route all public APIs to Kubernetes clusters, developers are manipulating routes descriptions using agnostic manifest files, which are then automatically provisioned using Envoy Gateway.
Teleport is using Envoy Gateway to manage dynamic routing for all traffic to the Teleport Cloud Platform.
Tencent Cloud is using Envoy Gateway as a Kubernetes Cluster Network Addon to manage dynamic routing in the Tencent Kubernetes Engine.
QuantCo is using Envoy Gateway to expose various services from our K8s clusters in a secure and flexible way, where developers can deploy and manage their apps and cluster administrators can enforce common security policies like OIDC authentication.
Titan uses Envoy Gateway to enhance observability and centralize security for its Kubernetes services, managing critical policies like rate limiting, IP blocking, and access controls—freeing developers from the burden of handling service security.
CoactiveAI is advancing multimodal content search and analytics at scale, and relies on envoy gateway to simplify self-service routing, consistent API authentication, request modification, safe rollouts with traffic splitting, and request mirroring for data consistency over split deployments.
Kubermatic is using Envoy Gateway in KubeLB to provide L7 Load Balancing for multiple Kubernetes clusters using GatewayAPI.
Rackspace OpenStack leverages Envoy Gateway within it's openCenter platform to handle dynamic routing across containerized services and virtualized workloads, enhancing traffic management and observability while also consolidating important security policies such as rate limiting, IP blocking, and access control.
Docker is using Envoy Gateway to route all internal traffic for Docker Hub.
SenseTime is using Envoy Gateway to route most traffic for SenseCore.
nemlig.com is using Envoy Gateway to route traffic for internal and externally exposed services, including many of our customer facing APIs. We use Envoy Gateway to enforce security policies, such as JWT authentication as a service on our self-built kubernetes platform.
Cortex is using Envoy Gateway to manage all API traffic as a modern Kubernetes ingress replacement.
Open Source Ecosystem
Envoy AI Gateway is built on top of Envoy Gateway to handle request traffic from application services to Gen AI services.
Kuadrant extends gateways and routes managed by Envoy Gateway with additional policy capabilities to enhance application connectivity and security.
AIBrix provides building blocks for scalable GenAI inference infrastructure and leverages Envoy Gateway to deploy advanced routing strategies for LLM requests sent to Inference engines
Knative's net-gateway-api integrates with Envoy Gateway by implementing the Kubernetes Gateway API, enabling Knative services to utilize Envoy Gateway for ingress traffic management.
KServe leverages Kubernetes Gateway API and Envoy Gateway to simplify routing, traffic management, and secure access to machine learning inference services in Kubernetes environments.
k0rdent integrates with Envoy Gateway to offer advanced, high-performance traffic management within Kubernetes. k0rdent simplifies Envoy configuration, enabling users to easily define routing, security, and observability policies. This integration provides a robust, scalable, and secure ingress solution for applications deployed within the k0rdent-managed cluster.