envoy

Initialize a configuration file

$ envoy init [host_name]

$ envoy run [task_name]

$ envoy run --path [path/to/directory] [task_name]

$ envoy run --continue [task_name]

$ envoy run --pretend [task_name]

$ envoy ssh [server_name]

envoy [OPTIONS...]
envoy --config-path <path> [OPTIONS...]

--config-path <path>
    Specifies the path to the main configuration file, typically a YAML file, from which Envoy loads its listeners, clusters, and routes.

--config-yaml <yaml>
    Provides the configuration directly as a YAML string, allowing for inline configuration without a separate file.

--concurrency <num>
    Sets the number of worker threads that Envoy will use for processing requests. Defaults to the number of hardware cores available.

--admin-address-path <path>
    Specifies a file where the address (e.g., IP:port) of the administrative interface will be written upon Envoy startup.

--log-level <level>
    Sets the logging verbosity for Envoy. Common levels include trace, debug, info, warn, error, critical. Defaults to info.

--drain-time-s <seconds>
    Defines the time in seconds that Envoy will wait for connections to drain during hot restart or graceful shutdown, allowing ongoing requests to complete.

--parent-shutdown-time-s <seconds>
    Sets the time in seconds that Envoy will wait for the parent process to gracefully shut down during a hot restart cycle.

--disable-hot-restart
    Disables the hot restart functionality. This is generally not recommended for production environments where high availability is crucial.

--service-cluster <name>
    Specifies the name of the service cluster that this particular Envoy instance belongs to, useful for metrics and tracing.

--service-node <name>
    Defines the name of the service node that this Envoy instance represents within its service cluster, often unique per instance.

--help
    Displays a comprehensive help message detailing all available command-line options and exits.

--version
    Outputs the current version of the Envoy Proxy and exits.

Envoy Proxy is an open-source, high-performance edge/middle/service proxy designed for cloud-native applications.
It acts as a universal data plane for microservices and distributed systems. Built by Lyft, it's a key component of the service mesh architecture, providing features like load balancing, circuit breaking, health checks, traffic splitting, and advanced routing.
Envoy excels in observability, offering extensive metrics, distributed tracing, and detailed access logging. It supports various protocols (HTTP/1.1, HTTP/2, gRPC, TCP, and more) and can be deployed as a sidecar, frontend proxy, or gateway.
Its dynamic configuration capabilities allow for live updates without restarts, making it an essential tool for modern distributed systems.

Complex Configuration: Envoy's powerful features come with a sophisticated configuration, typically managed via YAML files, which can have a steep learning curve and require deep architectural understanding.
Control Plane Dependency: For dynamic and large-scale deployments, Envoy is usually integrated with a 'control plane' (e.g., Istio, App Mesh, or custom solutions) that pushes configurations to instances, rather than relying solely on static files.
Resource Usage: While highly performant, Envoy can consume significant CPU and memory resources, especially with a large number of listeners, routes, or connections.

Envoy supports hot restart, a critical feature enabling configuration updates and binary upgrades to be applied without dropping existing connections. This ensures high availability and minimal disruption during maintenance windows.

Envoy is a de-facto standard for the data plane in service mesh architectures. It sits alongside each service instance (often as a sidecar), handling all inbound and outbound network traffic, providing transparent network-level features like load balancing, circuit breaking, and traffic management.

One of Envoy's strongest features is its built-in observability. It provides detailed statistics, supports distributed tracing (e.g., Zipkin, Jaeger), and offers comprehensive access logging, making it invaluable for monitoring and debugging complex microservices.

Developed by Lyft in 2016 to address networking challenges in their rapidly growing microservices architecture, Envoy Proxy was open-sourced in September 2016. Its robust features and extensibility quickly gained traction within the cloud-native community. In 2018, it became the first project to graduate from the Cloud Native Computing Foundation (CNCF), solidifying its role as a foundational component in modern distributed systems and service mesh implementations.

nginx(8), haproxy(8), iptables(8)