Distributed Systems - Proxy
HAProxy, NGINX, Envoy are all L4/L7 proxies. This article describes Why Ambassador chose Envoy. TL;DR: HAProxy was born in 2006 when the Internet operated very differently than today; NGINX may have some issues or limitations in open source projects; Envoy was born in 2016 and designed from the ground up for microservices.
- Envoy is a self contained process (running as a sidecar). Benefits: (1) works with any language (Envoy itself is implemented in C++11) (2) can be deployed and upgraded independently and transparently.
- dynamic configuration via gRPC/protobuf APIs, which simplifies management at scale
- pluggable filter architecture
- support gRPC, HTTP/2 and HTTP 1.1
- L7 routing and load balancing
- for both service to service communication and at the edge
Google's ESPv2 is based on Envoy, first version of ESP was based on NGINX.
Use of proxy:
- API Gateways(edge proxy): Ambassador is one of the API Gateways, it uses Envoy as proxy.
- Service Mesh(service-to-service proxy): Istio is also based on Envoy.
Hitless reload: The new process reads the sockets from the old process via the socket, so that there are no refused connections.
A reverse proxy is transparent to the client (which has the perception of talking directly to the server)