envoy
traefik
Our great sponsors
envoy | traefik | |
---|---|---|
66 | 182 | |
23,743 | 47,310 | |
1.4% | 1.9% | |
10.0 | 9.2 | |
4 days ago | 7 days ago | |
C++ | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
envoy
- Google Chrome's new "IP Protection" will hide users' IP addresses
-
Show HN: WebAssembly dev environment for Envoy Proxy
Hi HN!
For the past few weeks we've been working on Proximal - a workflow engine that lets you quickly iterate on WebAssembly extensions for Envoy Proxy[0] (or other proxies) right on your local machine: https://github.com/apoxy-dev/proximal
This work is based on Proxy-WASM[1] extension ABI for Envoy (and other proxies like APISIX and Mosn[2]) which allows you to execute WebAssembly code on every API request a la Cloudflare Workers. As part of our wider effort at https://apoxy.dev to improve API glue code we built an experimentation / development platform and hope you will find it useful!
On the technical side this project packs Envoy itself, Envoy controller, REST API (for controlling the controller =)), React SPA, and Temporal server/worker (for orchestration) - all baked into a single Go binary. You can find more on architecture and limitations in the repository README[4].
This project is pretty early stage and we would appreciate community feedback!
Previous HN discussions on this topic:
* https://news.ycombinator.com/item?id=36113542
* https://news.ycombinator.com/item?id=22582276
---
[0] https://www.envoyproxy.io/
[1] https://github.com/proxy-wasm/spec/blob/master/docs/WebAssem...
[2] https://apisix.apache.org/ https://mosn.io/
[3] https://github.com/apoxy-dev/proximal/blob/main/README.md#ar...
-
Show HN: Envoy Playground in the Browser
Hey HN,
We made an Envoy Proxy[0] playground so we could test out our Envoy configs directly in the browser. This is based on Julia's work with Nginx Playround[1] (we forked[2] that repo and added more Envoy to it). Check it out!
[0] - Envoy is a popular programmable proxy similar to Nginx or HAProxy that is popular with cloud-native setups: https://www.envoyproxy.io
-
Istio moved to CNCF Graduation stage
Envoy is the proxy that does the heavy lifting. Istio is just a glorified configuration system. Even if you choose to use Istio you're still using Envoy.
You're spot-on about using iptables rules. There is an example here with a yaml configuration and some iptables commands: https://github.com/envoyproxy/envoy/blob/main/configs/origin...
You might be able to re-use some of that. It should be pretty easy to get metrics for outbound/inbound http requests, but I don't remember the exact yaml incantation.
-
Need advice on K3s cluster setup
I'm using the default RaspiOS Lite 64bits and as highlighted in this issue, the RaspiOS kernel does not support CONFIG_ARM64_VA_BITS_48, which makes cilium-envoy to fail building. As solution, I was told to use either Ubuntu as base OS or Traefik Ingress Controller, which is not configured in K3s.
-
I'm looking for an SSO server/reverse proxy with features I'm not sure exist
I know envoy (https://www.envoyproxy.io/, https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/jwt_authn_filter) can do this natively, I'm sure you could probably build something with nginx and its Lua scripting, not sure about traefik and caddy but I dont think they support that.
-
Envoy External Authorization with Golang GRPC service
Envoy is a cloud native opensource proxy server. The Envoy proxy offers a variety of http filters to handle incoming requests.
-
A Comprehensive Guide to API Gateways, Kubernetes Gateways, and Service Meshes
Istio: By far the most popular service mesh. It is built on top of Envoy proxy, which many service meshes use.
- Scaling Rust Builds with Bazel
-
Oxy is Cloudflare's Rust-based next generation proxy framework
Check out Envoy - An open source proxy
traefik
-
Deploying Web Apps with Caddy: A Beginner's Guide Caddy
Caddy is more capable and extensible than all those servers, even out of the box. Example: https://github.com/traefik/traefik/issues/5472#issuecomment-...
> welcome to 2024. it is shame that traefik cannot handle functionality which can be handled by caddy2.
(posted this morning)
Anyway, we already do walk up to quite a few complex requirements in large enterprise deployments. Happy to hear about your use case that isn't possible!
Not as good though. Case in point: https://github.com/traefik/traefik/issues/5472#issuecomment-... (that's just from this morning)
I'm speak objectively here. Of course, any built-in auto HTTPS that works (more or less) is better than none. Traefik uses an ACME library that was originally written for Caddy. After the original author left that project, Traefik team started maintaining it. Caddy's users' requirements exceeded what the library was capable of, but unfortunately there was friction in getting it to achieve our requirements. So I ended up writing a new ACME client library in Go and, together with upgrades in CertMagic (Caddy's auto-TLS lib), Caddy has the more flexible, robust, and capable auto-HTTPS functionality.
That is to say, not all auto-HTTPS functionalities are the same.
- The Tailscale Universal Docker Mod
- Istio moved to CNCF Graduation stage
-
Docker Services question
Traefik is another widely used system that has automatic configuration and offers support for more things like swarm/kubernetes/etc.
-
nginx alternatives
I have a webapp which I currently have deployed by running nginx in a container. Works as it should, however I am intersted in adding more observability to the webapp and found this reverse-proxy https://github.com/traefik/traefik which seems to expose some nice metrics which can be useful for observability.
-
Simplifying preview environments for everyone
For frontend applications - it can be quite simple to implement preview environments with a simple static storage and a reverse proxy tool like Nginx or Traefik.
-
when should I stop adding docker containers to my Unraid?
there's no magical number: a container can be as simple as a single binary or complicated multi-process solution that rivals a full blown operating system running in a VM. it really depends on what you're running...
-
Apollo Backend just made public, "The goal of making the code for this repo available is to show that despite statements otherwise by Reddit...
Kubernetes alone is enough of an example. So are various cloud utilities used all around the world, such as ingress-nginx, cert-manager, traefik, Docker and countless others. Go is what smart modern web developers actually want to use to create great products. Everything else is what industry dinosaurs force them to use to make a living at big companies peddling trash.
-
How can I access my local Docker apps by Fully Qualified Domain Name from my MacOS host?
I ended up using the NGINX Proxy Manager [the projects home site] and added certificates but I'm seeing a fair number of installs going with https://traefik.io on YouTube.
What are some alternatives?
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
YARP - A toolkit for developing high-performance HTTP reverse proxy applications.
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
Squid - Squid Web Proxy Cache
ingress-nginx - Ingress-NGINX Controller for Kubernetes
socks5-proxy-server - SOCKS5 proxy server
tailscale - The easiest, most secure way to use WireGuard and 2FA.
SFTPGo - Fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob
Varnish - The project homepage
Nginx - An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html