System Design Space
Knowledge graphSettings

Updated: February 21, 2026 at 11:59 PM

Inside Envoy: The Proxy for the Future

hard

The history of the creation of Envoy Proxy in Lyft: sidecar pattern, xDS API and the path to the CNCF graduated project.

Inside Envoy: The Proxy for the Future — YouTube cover
Watch on YouTube

Inside Envoy: The Proxy for the Future

A documentary about the creation of Envoy - an L7 proxy, which became the basis for the service mesh and modern microservice infrastructure.

Year:2024
Production:not specified

Source

Telegram: book_cube

Original recommendation for the Envoy Proxy documentary.

Open post

What is the film about?

The documentary tells the story of creation Envoy Proxy - a high-performance L4/L7 proxy developed by Lyft to solve the problems of microservice architecture. The film shows the path from an internal tool to a CNCF graduate project, which became the basis for Istio, Ambassador and other service mesh solutions.

Practice

API Gateway - case

Designing an API Gateway using patterns implemented in Envoy.

Читать обзор

Key themes of the film

Lyft problems

Lyft faced the typical challenges of growing a microservice architecture: the complexity of debugging distributed requests, the lack of a single observability, a heterogeneous technology stack (Python, Go, Java) without a unified network infrastructure.

Matt Klein and team

Matt Klein is the creator of Envoy, who in 2016 began designing a next-generation proxy server. His vision: the network layer should be transparent to applications, and all routing and observability problems should be solved at the infrastructure level.

Architectural solutions

Envoy was originally designed as sidecar proxy: Each service gets its own Envoy instance, which intercepts all incoming and outgoing traffic. This allows you to add observability, retry logic, circuit breaking without changing application code.

Open Source and CNCF

In September 2016, Envoy was published as an open source project. In 2017 he joined the CNCF, and in 2018 he received the status graduated project - one of the first after Kubernetes and Prometheus.

Envoy technical features

L7 Protocols

  • HTTP/1.1, HTTP/2, HTTP/3
  • gRPC with balancing
  • MongoDB, Redis, MySQL
  • WebSocket support

Observability

  • Distributed tracing
  • Prometheus metrics
  • Access logging
  • Health checking

Traffic Management

  • Load balancing
  • Circuit breaking
  • Rate limiting
  • Retries & timeouts

xDS API — Discovery Services

One of Envoy's key innovations is its family xDS API for dynamic configuration. Instead of static configs, Envoy receives settings from the control plane in real time:

LDS
Listener Discovery
listeners configuration
RDS
Route Discovery
Routing Rules
CDS
Cluster Discovery
Upstream clusters
EDS
Endpoint Discovery
Backend addresses

Related film

Kubernetes: The Documentary

The history of the creation of the orchestrator on which Envoy is most often launched.

Читать обзор

Ecosystem around Envoy

IstioService Mesh

Service mesh from Google/IBM/Lyft, uses Envoy as data plane

Ambassador / EmissaryAPI Gateway

API Gateway for Kubernetes built on Envoy

ContourIngress

Ingress controller from VMware based on Envoy

Gloo EdgeAPI Gateway

API Gateway and Ingress controller from Solo.io

Key Findings

  • Sidecar pattern — a proxy next to each service solves the problem of a heterogeneous stack
  • xDS API - dynamic configuration via control plane instead of static files
  • Observability first — distributed tracing and metrics built in from day one
  • Open Source matters — the transition to CNCF accelerated the adoption and development of the ecosystem

Related materials

Enable tracking in Settings

System Design Space

© 2026 Alexander Polomodov

FAQContacts