Envoy is a high-performance, cloud-native service proxy designed for service-to-service communication in distributed architectures. It functions as a service mesh data plane, providing a centralized mechanism for managing, securing, and observing network traffic between microservices.
The project is distinguished by its ability to perform dynamic traffic management and configuration updates in real-time without requiring service restarts or downtime. It utilizes a non-blocking, event-driven architecture to handle high-concurrency connections and supports hot-restart process management, which maintains continuous service availability by transferring active connection sockets during binary or configuration updates.
The proxy offers a comprehensive suite of operational capabilities, including advanced traffic routing, load balancing, and upstream health checking to ensure reliable distribution of requests. It also features a pluggable filter chain and extensibility modules that allow for custom request processing logic, alongside integrated tools for traffic tapping, mirroring, and the enforcement of transport layer security.
Extensive observability is built into the core, enabling the collection and export of granular metrics, logs, and distributed traces to monitor system health and performance. Administrative utilities are provided to manage proxy lifecycles, monitor operational status, and perform configuration changes through a centralized control plane.
