Introducing Tetrate Enterprise Gateway for Envoy (TEG) v1.0
Tetrate Enterprise Gateway for Envoy (TEG) brings all the amazing features of Envoy to power ingress and traditional reverse load balancer use cases through the open source project Envoy Gateway.
TEG has a ton of advanced capabilities that make it easy to install and get started, to empower application developers in your organization with Envoy's per-request traffic management, to integrate with your existing non-cloud native environments and applications, and to perform common API Gateway functions like authentication and rate limiting. See a full overview of Tetrate Enterprise Gateway for Envoy (TEG)'s capabilities here.
TEG is built on top of Envoy Gateway, and uses Envoy as the data plane to serve your applications. TEG extends the typical Envoy Gateway installation with global rate limiting, as well as a filter component for mod_security-compatible WAF functionality. Global rate limiting needs a Redis instance, which TEG manages for you, but it's only deployed if you opt in at install time — see how to install it in our installation guide. For a full overview of TEG, the components that make it up, how data flows, and what network connectivity and ports are required for it to work, check out the architecture section.
Finally, rather than forcing new APIs on developers, TEG leverages the existing, modern open source APIs for exposing applications: the Kubernetes Gateway APIs. These APIs combine experience learned from many ingress implementations, including Istio, Contour, Emissary, NGINX, and others. They divide the role of provisioning Gateways
from the role of Routing
traffic, so that the first can be managed by platform owners while the second can be delegated to application teams. Read more about the Gateway API and how to use it in the Gateway API section.
What's New in Tetrate Enterprise Gateway for Envoy (TEG) v1.0?
-
Install is as easy as:
helm install tetate-envoy-gateway oci://docker.io/tetrate/teg-envoy-gateway-helm \
-n envoy-gateway-system --create-namespace --version v1.0.1See the quick start for more details on how to get started.
-
Support for rate limiting traffic based on IP 5-tuple, request headers, and more. See it in action with the how to.
-
Support for OIDC/OAuth2 authentication at the gateway which applications can configure per Route. See it in action with the how to.