Skip to content

Commit

Permalink
Update README, upgrade envoy to 1.15.3
Browse files Browse the repository at this point in the history
  • Loading branch information
@chintan8saaras
chintan8saaras committed Jan 6, 2021
1 parent 822ce08 commit 36eb7d4
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 299 deletions.
348 changes: 49 additions & 299 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,325 +1,75 @@
[![Build Status](https://dev.azure.com/saaras-io/Enroute/_apis/build/status/saarasio.enroute?branchName=master)](https://dev.azure.com/saaras-io/Enroute/_build/latest?definitionId=6&branchName=master)[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
[![Build Status](https://dev.azure.com/saaras-io/Enroute/_apis/build/status/saarasio.enroute?branchName=master)](https://dev.azure.com/saaras-io/Enroute/_build/latest?definitionId=6&branchName=master)
[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
![Twitter](https://img.shields.io/twitter/follow/SaarasInc?label=Follow%20EnRoute&style=social)

![](https://getenroute.io/images/enroute-logo.svg)

![](enroute.png)
Enroute makes it easy to run Envoy as an API Gateway. You can use it for microservices running inside Kubernetes or any service running standalone when there is no Kubernetes.

What makes it easy is simple REST APIs to configure the Standalone gateway or CRDs to configure the Kubernetes Ingress Gateway. Plugins provide the ability to add fine-grained route-level or global policies and traffic control.

# Universal Gateway with OpenAPI Spec and Advanced Rate-limiting built on Envoy Proxy
As Envoy is being widely accepted as a next-gen proxy, EnRoute is deployed in production use at companies. EnRoute is an actively maintained project and community edition supports Advanced Rate Limiting.

Run Any[**where**] - Any[**Platform | Cloud | Service**]
#### How is EnRoute different?

Universal Control Plane that drives Envoy (or a Fleet of Envoy's).
Runs as
[Kubernetes Ingress](https://getenroute.io/docs/getting-started-enroute-ingress-controller/) Gateway | [Standalone Gateway](https://getenroute.io/docs/getting-started-enroute-standalone-gateway/) | Stateless SideCar Gateways
Enroute is an API gateway with batteries included. EnRoute is oriented towards DevOps and integration with CI/CD pipelines. It is completely automatable and there is an API for everything.

<div class="row">
<div class="column"><img src="https://getenroute.io/img/topology-saaras-k8s-ingress.png" alt="Kubernetes Ingress" width="400"/></div>
<div class="column"><img src="https://getenroute.io/img/topology-saaras-standalone-gw.png" alt="Standalone" width="400"/></div>
</div>
EnRoute state management is flexible. For Kubernetes Ingress API Gateway, the state is completely managed inside Kubernetes. For Kubernetes, the state is stored in CRDs and state management is completely Kubernetes-native without any external databases. EnRoute supports GitOps even when running as a stateless docker container.

Enroute is the only gateway on Envoy proxy that works for both Kubernetes Ingress and Standalone use-cases. Typically solutions either target one or the other. A majority of users have a mix of workloads, and this capability comes in handy, especially with the same consistent policy model across all deployments. And running Envoy makes it a super performant solution.

### ```enroutectl```: Program OpenAPI Spec on Enroute Universal API Gateway in a minute
![](https://getenroute.io/img/APIGatewayStandaloneAndIngressWithFilters.jpeg)

```enroutectl openapi --openapi-spec petstore.json --to-standalone-url http://localhost:1323/```
## Features

### Extend using Global HTTP Filters and Route Filters

You can associate additional plugin/filter functionality at global level or route level.

Filters/Plugins are supported for both Kubernetes Ingress Gateway and Standalone Gateway.

<img src="https://getenroute.io/img/EnrouteConfigModel3.png" alt="Config Model" width="400"/>

### Drive Enroute using REST or GraphQL APIs, Kubernetes CRDs or ```enroutectl``` cli

Enroute provides several options to populate the xDS cache for the underlying Envoy.

##### It has simple REST APIs and a GraphQL interface.


```shell
curl -X POST "http://localhost:1323/service" \
-d 'Service_Name=openapi-enroute' \
-d 'Fqdn=saaras.io'

curl -X POST "http://localhost:1323/service/openapi-enroute/route" \
-d 'Route_Name=root-slash' \
-d 'Route_prefix=/'

curl -X POST "http://localhost:1323/upstream" \
-d 'Upstream_name=openapi-upstream' \
-d 'Upstream_ip=openapi.example.com' \
-d 'Upstream_port=9001' \
-d 'Upstream_hc_path=/' \
-d 'Upstream_weight=100'

```

Rate Limit ```Filter```

```shell
curl -s localhost:1323/filter/route_rl_1 | jq
{
"data": {
"saaras_db_filter": [
{
"filter_id": 139,
"filter_name": "route_rl_1",
"filter_type": "route_filter_ratelimit",
"filter_config": {
"descriptors": [
{
"generic_key": {
"descriptor_value": "default"
}
}
]
}
}
]
}
}
```

```GlobalConfig``` for Standalone Gateway

```shell
curl -s localhost:1323/globalconfig/t1 | jq
{
"data": {
"saaras_db_globalconfig": [
{
"globalconfig_id": 237,
"globalconfig_name": "gc1",
"globalconfig_type": "globalconfig_ratelimit",
"config_json": {
"domain": "enroute",
"descriptors": [
{
"key": "generic_key",
"value": "default",
"rate_limit": {
"unit": "second",
"requests_per_unit": 10
}
}
]
}
}
]
}
}
```

##### It can be programmed using the ```enroutectl``` CLI

Program an OpenAPI Spec on Enroute Standalone Gateway or Kubernetes Ingress Gateway

```shell
enroutectl openapi --openapi-spec petstore.json --to-standalone-url http://localhost:1323/
```

##### When running at Kubernetes Ingress, CRDs can be used to program it

Creating a ```GatewayHost``` that maps to a VirtualHost

```yaml
---
apiVersion: enroute.saaras.io/v1beta1

kind: GatewayHost
metadata:
labels:
app: httpbin
name: httpbin
namespace: enroute-gw-k8s
spec:
virtualhost:
fqdn: demo.saaras.io
filters:
- name: luatestfilter
type: http_filter_lua
routes:
- match: /
services:
- name: httpbin
port: 80
filters:
- name: rl2
type: route_filter_ratelimit
---
```

Creating a ```RouteFilter``` that attaches to a ```GatewayHost``` Route

```yaml
apiVersion: enroute.saaras.io/v1beta1
kind: RouteFilter
metadata:
labels:
app: httpbin
name: rl2
namespace: enroute-gw-k8s
spec:
name: rl2
type: route_filter_ratelimit
routeFilterConfig:
config: |
{
"descriptors": [
{
"request_headers": {
"header_name": "x-app-key",
"descriptor_key": "x-app-key"
}
},
{
"remote_address": "{}"
}
]
}
---
```

Creating a ```HttpFilter``` that can be attached to a ```GatewayHost```

```yaml
apiVersion: enroute.saaras.io/v1beta1
kind: HttpFilter
metadata:
labels:
app: httpbin
name: luatestfilter
namespace: enroute-gw-k8s
spec:
name: luatestfilter
type: http_filter_lua
httpFilterConfig:
config: |
function get_api_key(path, q_param_name)
-- path = "/?api-key=valid-key"
s, e = string.find(path, "?")
if s ~= nil then
for pre, q_params in string.gmatch(path, "(%S+)?(%S+)") do
-- print(pre, q_params, path, s, e)
for k, v in string.gmatch(q_params, "(%S+)=(%S+)") do
print(k, v)
if k == q_param_name then
return v
end
end
end
end
return nil
end
EnRoute is built on high performance feature rich Envoy and provides the following features.

function envoy_on_request(request_handle)
request_handle:logInfo("Begin: envoy_on_request()");
* **Run Anywhere** - Any Platform, Any Cloud - EnRoute can integrate with any cloud for any service or can protect services running inside Kubernetes
* **Native Kubernetes** - Use CRDs to configure EnRoute Ingress API Gateway without any external store.
* **Canary Release** - EnRoute OSS supports canary releases
* **Advanced Rate Limiting** - EnRoute community edition supports advanced per-user, different rate limits for authenticated/unauthenticated user, IP based rate-limiting and several advanced configurations.
* **Multiple Load Balancing Algorithms** - EnRoute can be effectively programmed to use different load balancing mechanisms like Round Robin, Least Request, Random, Ring Hash
* **Circuit Breakers** - EnRoute can program underlying Envoy circuit Breakers
* **Health Checks** - Health checking including custom health check for upstream services
* **Service Discovery** - Discover external services in cloud or service mesh like consul to populate Standalone or Kubernetes Ingress Gateway
* **Tracing** - Zipkin, Jaeger support
* **gRPC** - Native support for gRPC
* **Websockets** - Support for Websocket services
* **SSL** - Terminate SSL connections either at Kubernetes Ingress or using a Docker gateway
* **Cipher Selection** - Select ciphers used to terminate SSL connections
* **JWT Validation** - Validate incoming JWT tokens
* **OIDC** - Open ID Connect support

hdr_x_app_key = "x-app-key"
hdr_x_app_not_found = "x-app-notfound"
q_param_name = "api-key"
[Complete list of features](https://getenroute.io/features)

-- extract API key from header "x-app-key"
headers = request_handle:headers()
header_value = headers:get(hdr_x_app_key)

if header_value ~= nil then
request_handle:logInfo("envoy_on_request() API Key from header "..header_value);
else
request_handle:logInfo("envoy_on_request() API Key in header is nil");
end
## Getting Started

-- extract API key from query param "api-key"
path_in = headers:get(":path")
api_key = get_api_key(path_in, q_param_name)
* Use helm to get started with [Kubernetes Ingress API Gateway](https://getenroute.io/docs/getting-started-enroute-ingress-controller/)
* Use docker to get started with [Standalone Gateway](https://getenroute.io/docs/getting-started-enroute-standalone-gateway/)
* Use ```enroutectl``` to [program OpenAPI spec on gateway](https://getenroute.io/cookbook/openapi-swagger-spec-autoprogram-api-gateway-30-seconds-no-code/)

if api_key ~= nil then
request_handle:logInfo("envoy_on_request() API Key from query param "..api_key);
else
request_handle:logInfo("envoy_on_request() API Key from query param is nil");
end
-- If API key found, do nothing
-- else set header x-app-key:x-app-notfound
if header_value == nil then
if api_key == nil then
headers:add(hdr_x_app_key, hdr_x_app_not_found)
else
headers:add(hdr_x_app_key, api_key)
end
end
request_handle:logInfo("End: envoy_on_request()");
end
function envoy_on_response(response_handle)
response_handle:logInfo("Begin: envoy_on_response()");
response_handle:logInfo("End: envoy_on_response()");
end
---
```

Creating ```GlobalConfig``` to program advanced rate-limit engine config

```yaml

---
apiVersion: enroute.saaras.io/v1beta1

kind: GlobalConfig
metadata:
labels:
app: httpbin
name: rl-global-config
namespace: enroute-gw-k8s
spec:
name: rl-global-config
type: globalconfig_ratelimit
config: |
{
"domain": "enroute",
"descriptors" :
[
{
"key" : "generic_key",
"value" : "default",
"rate_limit" :
{
"unit" : "second",
"requests_per_unit" : 10
}
}
]
}
---
```

### Grafana Telemetry for Standalone Gateway

![Grafana Telemetry on Standalone Gateway](https://getenroute.io/img/grafana-swagger.png)
Blogs, Cookbooks, getting started, examples and additional documentation can be found at

### Why Enroute?
- [getenroute.io](https://getenroute.io)
- [FAQs](https://getenroute.io/faq/)
- [Introduction](https://getenroute.io/docs/enroute-universal-api-gateway/)
- [Cookbook](https://getenroute.io/cookbook/)
- [Blog](https://getenroute.io/blog/)

Digital transformation is a key initiative in organizations to [meet business requirements](https://getenroute.io/blog/devops-secops-k8s-cloud-adoption-micro-services/) . This need is driving cloud adoption with a more self-serve DevOps driven approach. Application and micro-services are run in Kubernetes and in public/private cloud with an automated continous delivery pipeline.
### Extend using Global HTTP Filters and Route Filters

As applications undergo this change, traditional API gateways are retrofitted to meet the changing requirements. This has resulted in [multiple API gateways and different solutions](https://getenroute.io/blog/gateway-mesh/) that work only in a subset of use-cases. An API gateway that works for traditional as well as new cloud-native use-cases is critical as an application undergoes this transition.
You can associate additional plugin/filter functionality at global level or route level.

Enroute is built from ground-up to support both traditional and cloud native use-cases. Enroute can be deployed in [multiple topolgies](https://getenroute.io/blog/enroute-topologies/) to meet the demands of todays application, regardless of where an application is in the cloud journey. The same gateway can be deployed outside kubernetes in [Standalone](https://getenroute.io/docs/getting-started-enroute-standalone-gateway/) mode for traditional use cases, a [kubernetes ingress controller](https://getenroute.io/docs/getting-started-enroute-ingress-controller/) and also inside kubernetes.
Filters/Plugins are supported for both Kubernetes Ingress Gateway and Standalone Gateway.

Enroute's powerful API brings automation and enables developer operations to treat infrastructure as code. Enroute natively supports [advanced rate-limiting and lua scripting](https://getenroute.io/cookbook/getting-started-advanced-rate-limiting/) as extensible filters or plugins that can be attached either for per-route traffic or all traffic. Enroute API Gateway control plane drives one or many data planes built using [Envoy Proxy](https://envoyproxy.io)
<img src="https://getenroute.io/img/EnrouteConfigModel3.png" alt="Config Model" width="400"/>

### Getting Started
### Community

Blogs, Cookbooks, getting started, examples and additional documentation can be found at
[Periodic Office Hours](https://www.meetup.com/enroute-universal-api-gateway-periodic-office-hours/events/rtqbdsycccbsb/)

- [getenroute.io](https://getenroute.io)
- [FAQs](https://getenroute.io/faq/)
- [Introduction](https://getenroute.io/docs/enroute-universal-api-gateway/)
- [Getting Started](https://getenroute.io/docs/)
- [Cookbook](https://getenroute.io/cookbook/)
- [Blog](https://getenroute.io/blog/)
[Community Discord](https://discord.gg/p9Nu9Uk)

### Enterprise Support and Demo
EnRoute has an [enterprise version](https://getenroute.io/features) that provides additional support and features
Binary file modified packaging/enroute-cp/envoy
View file
Binary file not shown.

0 comments on commit 36eb7d4

Please sign in to comment.