Issues for this repository are tracked in Red Hat Jira. Please head to https://issues.redhat.com/browse/OSSM in order to browse or open an issue.
Cloud-native high-performance edge/middle/service proxy
Envoy is hosted by the Cloud Native Computing Foundation (CNCF). If you are a company that wants to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented, consider joining the CNCF. For details about who's involved and how Envoy plays a role, read the CNCF announcement.
- Official documentation
- FAQ
- Unofficial Chinese documentation
- Watch a video overview of Envoy (transcript) to find out more about the origin story and design philosophy of Envoy
- Blog about the threading model
- Blog about hot restart
- Blog about stats architecture
- Blog about universal data plane API
- Blog on Lyft's Envoy dashboards
- data-plane-api: v2 API definitions as a standalone repository. This is a read-only mirror of api.
- envoy-perf: Performance testing framework.
- envoy-filter-example: Example of how to add new filters and link to the main repository.
- envoy-announce: Low frequency mailing list where we will email announcements only.
- envoy-security-announce: Low frequency mailing list where we will email security related announcements only.
- envoy-users: General user discussion.
- envoy-dev: Envoy developer discussion (APIs, feature design, etc.).
- envoy-maintainers: Use this list to reach all core Envoy maintainers.
- Twitter: Follow along on Twitter!
- Slack: Slack, to get invited go here.
- NOTE: Response to user questions is best effort on Slack. For a "guaranteed" response please email envoy-users@ per the guidance in the following linked thread.
Please see this email thread for information on email list usage.
Contributing to Envoy is fun and modern C++ is a lot less scary than you might think if you don't have prior experience. To get started:
- Contributing guide
- Beginner issues
- Build/test quick start using docker
- Developer guide
- Consider installing the Envoy development support toolchain, which helps automate parts of the development process, particularly those involving code review.
- Please make sure that you let us know if you are working on an issue so we don't duplicate work!
The Envoy team meets twice per month on Tuesday at 9am PT. The public Google calendar is here: https://goo.gl/PkDijT
There has been several third party engagements focused on Envoy security:
- In 2018 Cure53 performed a security audit, full report.
- In 2021 Ada Logics performed an audit on our fuzzing infrastructure with recommendations for improvements, full report.
If you've found a vulnerability or a potential vulnerability in Envoy please let us know at envoy-security. We'll send a confirmation email to acknowledge your report, and we'll send an additional email when we've identified the issue positively or negatively.
For further details please see our complete security release process.