Virtualization Technology News and Information
Article
RSS
Tetrate Introduces 100% Upstream-Powered Tetrate Enterprise Envoy Gateway to Streamline Developer Experience for Gateway Use Cases

Tetrate introduced Tetrate Enterprise Envoy Gateway (TEG) for tech preview. TEG is Tetrate's enterprise-grade, fully supported offering of open source Envoy Gateway, a streamlined API tailored for gateway use cases. TEG is in technical preview. Interested design partners can learn more at: https://tetrate.io/tetrate-enterprise-envoy-gateway/.

TEG extends the features of Envoy Gateway, the cloud native service gateway, with an emphasis on ease-of-use, a quick path to getting started and easy operations once you're in production. These additional features include cross-cluster service discovery and load balancing, OpenID Connect (OIDC), OAuth2, Web Application Firewall (WAF) and rate limiting out of the box along with Federal Information Processing Standard (FIPS) 140-2 compliance, ingress-of-ingresses to enable safe application team self-serve and more.

*About Envoy Gateway, the core of TEG*
Envoy Gateway, the core of TEG, is an open source project under the umbrella of Envoy and the CNCF, created in May of 2022 to "bring Envoy to the masses." Envoy Gateway makes it simple to use Envoy Proxy as a service and API gateway by leveraging the new Kubernetes Gateway APIs and delivering a simplified deployment mode aimed at common cloud native use cases.

*Introducing TEG: a fully supported distribution of 100% upstream Envoy Gateway*
TEG, as a fully supported distribution of 100% upstream Envoy Gateway with additional tooling and support, including the following:

  • Cross-cluster service discovery and load balancing
  • OIDC, OAuth2, WAF and rate limiting out of the box
  • Support for Ingress-of-Ingresses deployments
  • "Per app team" deployments with Tier 1 and Tier 2 logic
  • Common Vulnerabilities and Exposures (CVE) alerting and upgrade management
  • Simplified lifecycle management
  • FIPS 140-2 compliant Envoy
  • Turn-key installation and upgrade
  • 24/7 support with service level agreements (SLAs)

"Several players in the ecosystem-including Tetrate, Ambassador Labs, VMware and others-have joined forces in the open source Envoy Gateway project to 'democratize ingress,' providing a highly performant solution based on the Kubernetes API," said Bas van Beek, founding engineer and general manager of TEG at Tetrate. "Envoy Gateway makes Envoy simple to use, serves as 'API Gateway Lite,' and essentially commoditizes the control plane so that the ecosystem can shift our efforts up the stack to provide more value for users.

"In addition to serving as a primary contributor to the Envoy Gateway project, Tetrate is offering TEG as a fully supported, 100% upstream distribution of Envoy Gateway with additional tooling and support for the enterprise. TEG is available today for a free technical preview. We encourage everyone to give it a try and give us your feedback."

*TEG Use Cases*
TEG is designed for app teams who want to replace or augment existing load balancers, are looking for an "API Gateway Lite" solution, or who need to take advantage of TEG's capabilities for Ingress-of-Ingresses or multi-cluster applications. Ideal use cases include:

  1. Modernize in place: To migrate from monoliths to microservices, pair TEG with your existing F5 deployment to provide per request control and policy, enabling self-serve app modernization at the app team's pace.
  2. Replace default ingress for per-request control and visibility: TEG is a drop-in replacement for OpenShift HAProxy ingress or simple NGINX to unlock control, visibility, authentication, and rate limiting. It can also be used as a more featureful replacement for stock cloud load balancers like ELBs for cloud-first deployments.
  3. Ingress-of-Ingresses to enable app team self-serve: TEG enables app teams to keep consistent external addresses and consolidate policies for North-South traffic while allowing app-team self service. TEG presents a consistent facade (address, DNS name, etc.) to users while auto-discovering clusters as they are provisioned and deprovisioned. TEG also supports heterogeneous applications in each cluster.
  4. API Gateway Lite: With TEG, rate limiting and OIDC/OAuth2 authentication are available out of the box. Enforce authentication for any app, provide SSO for applications without code change, and rate limit on IP5-tuple, HTTP headers and more. TEG integrates with API endpoint protection providers such as Cequence Security.
  5. Cross-cluster discovery and failover at ingress: TEG auto-discovers clusters and their available services based on configuration and rules and automatically fails over to remotes as local traffic fails, faster than a GLB can respond. With TEG, failures are identified quickly and outages are mitigated.

*Availability and Pricing*
A technical preview of TEG is currently available, sign up for a trial today. TEG will be generally available in Q1 for direct purchase from Tetrate and for self-service purchase in the AWS Marketplace. TEG software and supporting service is $5K per cluster per year, with unlimited gateways in each cluster.

Published Tuesday, November 07, 2023 2:28 PM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2023>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789