Cloud-native high-performance edge/middle/service proxy

Envoy is hosted by the Cloud Native Computing Foundation (CNCF). If you are a
company that wants to help shape the evolution of technologies that are container-packaged,
dynamically-scheduled and microservices-oriented, consider joining the CNCF. For details about who’s
involved and how Envoy plays a role, read the CNCF
announcement.

Documentation

• Official documentation
• FAQ
• Example documentation
• @mattklein123/envoy-threading-model-a8d44b922310">Blog about the threading model
• @mattklein123/envoy-hot-restart-1d16b14555b5">Blog about hot restart
• @mattklein123/envoy-stats-b65c7f363342">Blog about stats architecture
• @mattklein123/the-universal-data-plane-api-d15cec7a">Blog about universal data plane API
• @mattklein123/lyfts-envoy-dashboards-5c91738816b1">Blog on Lyft’s Envoy dashboards

Related

• data-plane-api: v2 API definitions as a standalone
  repository. This is a read-only mirror of api.
• envoy-perf: Performance testing framework.
• envoy-filter-example: Example of how to add new filters
  and link to the main repository.

Contact

• envoy-announce: Low frequency mailing
  list where we will email announcements only.
• envoy-security-announce: Low frequency mailing
  list where we will email security related announcements only.
• envoy-users: General user discussion.
• envoy-dev: Envoy developer discussion (APIs,
  feature design, etc.).
• envoy-maintainers: Use this list
  to reach all core Envoy maintainers.
• Twitter: Follow along on Twitter!
• Slack: Slack, to get invited go here.
  • NOTE: Response to user questions is best effort on Slack. For a “guaranteed” response please email
    envoy-users@ per the guidance in the following linked thread.

Please see this email thread
for information on email list usage.

Contributing

Contributing to Envoy is fun and modern C++ is a lot less scary than you might think if you don’t
have prior experience. To get started:

• Contributing guide
• Beginner issues
• Build/test quick start using docker
• Developer guide
• Consider installing the Envoy development support toolchain, which helps automate parts of the development process, particularly those involving code review.
• Please make sure that you let us know if you are working on an issue so we don’t duplicate work!

Community Meeting

The Envoy team has a scheduled meeting time twice per month on Tuesday at 9am PT. The public
Google calendar is here. The meeting will only be held
if there are agenda items listed in the meeting
minutes. Any member of the community should be able to
propose agenda items by adding to the minutes. The maintainers will either confirm
the additions to the agenda, or will cancel the meeting within 24 hours of the scheduled
date if there is no confirmed agenda.

Security

Security Audit

There has been several third party engagements focused on Envoy security:

• In 2018 Cure53 performed a security audit, full report.
• In 2021 Ada Logics performed an audit on our fuzzing infrastructure with recommendations for improvements, full report.

Reporting security vulnerabilities

If you’ve found a vulnerability or a potential vulnerability in Envoy please let us know at
security@googlegroups.com">envoy-security. We’ll send a confirmation
email to acknowledge your report, and we’ll send an additional email when we’ve identified the issue
positively or negatively.

For further details please see our complete security release process.

ppc64le builds

Builds for the ppc64le architecture or using aws-lc are not covered by the envoy security policy. The ppc64le architecture is currently best-effort and not maintained by the Envoy maintainers.

Releases

For further details please see our release process.