Envoy is hosted by the Cloud Native Computing Foundation (CNCF). If you are a company that wants to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented, consider joining the CNCF. For details about who's involved and how Envoy plays a role, read the CNCF announcement.
(transcript) to find out more about the origin story and design philosophy of Envoy
- Blog about the threading model
- Blog about hot restart
- Blog about stats architecture
- Blog about universal data plane API
- Blog on Lyft's Envoy dashboards
- data-plane-api: v2 API definitions as a standalone repository. This is a read-only mirror of api.
- envoy-perf: Performance testing framework.
- envoy-filter-example: Example of how to add new filters and link to the main repository.
- envoy-announce: Low frequency mailing list where we will email announcements only.
- envoy-security-announce: Low frequency mailing list where we will email security related announcements only.
- envoy-users: General user discussion.
- envoy-dev: Envoy developer discussion (APIs, feature design, etc.).
- envoy-maintainers: Use this list to reach all core Envoy maintainers.
- Twitter: Follow along on Twitter!
- Slack: Slack, to get invited go here.
We have the IRC/XMPP gateways enabled if you prefer either of those. Once an account is created,
connection instructions for IRC/XMPP can be found here.
- NOTE: Response to user questions is best effort on Slack. For a "guaranteed" response please email [email protected] per the guidance in the following linked thread.
Please see this email thread for information on email list usage.
Contributing to Envoy is fun and modern C++ is a lot less scary than you might think if you don't have prior experience. To get started:
- Contributing guide
- Beginner issues
- Build/test quick start using docker
- Developer guide
- Consider installing the Envoy development support toolchain, which helps automate parts of the development process, particularly those involving code review.
- Please make sure that you let us know if you are working on an issue so we don't duplicate work!
The Envoy team meets twice per month on Tuesday at 9am PT. The public Google calendar is here: https://goo.gl/PkDijT
There has been several third party engagements focused on Envoy security:
- In 2018 Cure53 performed a security audit, full report.
- In 2021 Ada Logics performed an audit on our fuzzing infrastructure with recommendations for improvements, full report.
Reporting security vulnerabilities
If you've found a vulnerability or a potential vulnerability in Envoy please let us know at envoy-security. We'll send a confirmation email to acknowledge your report, and we'll send an additional email when we've identified the issue positively or negatively.
For further details please see our complete security release process.