Introduction
2 minute read
Overview
Envoy Gateway is a Kubernetes-native API Gateway and reverse proxy control plane. It simplifies deploying and operating Envoy Proxy as a data plane by using the standard Gateway API and its own extensible APIs.
By combining Envoy’s performance and flexibility with Kubernetes-native configuration, Envoy Gateway helps platform teams expose and manage secure, observable, and scalable APIs with minimal operational overhead.
Why Use Envoy Gateway?
Traditionally, configuring Envoy Proxy required deep networking expertise and writing complex configuration files. Envoy Gateway removes that barrier by:
- Integrating tightly with Kubernetes through the Gateway API
- Providing custom CRDs for advanced traffic policies
- Automatically translating Kubernetes resources into Envoy config
- Managing the lifecycle of Envoy Proxy instances
Envoy Gateway is designed to be simple for app developers, powerful for platform engineers, and production-ready for large-scale deployments.
Structure
The different layers of Envoy Gateway are the following:
| Layer | Description |
|---|---|
| User Configuration | Users define routing, security, and traffic policies using standard Kubernetes Gateway API resources, optionally extended with Envoy Gateway CRDs. |
| Envoy Gateway Controller | A control plane component that watches Gateway API and Envoy Gateway-specific resources, translates them, and produces configuration for Envoy Proxy. |
| Envoy Proxy(Data Plane) | A high-performance proxy that receives and handles live traffic according to the configuration generated by Envoy Gateway. |
Together, these layers create a system that’s:
- Easy to configure
- Powerful enough for complex needs
- Standardized and familiar
- Ready for the future
Next Steps
For a deeper understanding of Envoy Gateway’s building blocks, you may also wish to explore these conceptual guides:
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.