Envoy
Cloud-native high-performance proxy
The Lens
It's the data plane behind Istio, AWS App Mesh, and dozens of service meshes.
Everything is free under Apache 2.0. No paid tier from the Envoy project itself. It's a CNCF graduated project, which means it's been vetted for production use by the Cloud Native Computing Foundation. Maintained by a large contributor base including engineers from Google, Lyft (where it was created), and Microsoft.
Self-hosting is the only option, and the ops burden is significant. Envoy is powerful but complex. Configuration is verbose YAML. The learning curve is steep if you're not already in the service mesh world. Most teams don't run Envoy directly. They use it through Istio or a gateway controller. Solo developers: you don't need this. Use Nginx or Caddy. Small teams with a few services: still probably overkill. Use Traefik or Caddy. Growing teams with 10+ microservices: this is where Envoy starts making sense, especially through Istio or a gateway API.
The catch: Envoy is infrastructure for infrastructure people. The configuration complexity is legendary. Unless you're building a service mesh or need advanced traffic management (circuit breaking, retries, observability), simpler proxies do the job with 10% of the config.
Free vs Self-Hosted vs Paid
fully free### Free Everything. HTTP/1.1, HTTP/2, gRPC proxying, automatic retries, circuit breaking, rate limiting, health checking, load balancing algorithms, TLS termination, observability (metrics, tracing, logging), WebSocket support, and a dynamic configuration API. Apache 2.0.
### Self-Hosted (Only Option) Envoy is a C++ binary. Run it as a sidecar alongside each service, as an edge proxy, or as a gateway. Docker images are official and well-maintained. The binary itself is lightweight. The complexity is in configuration, not resources.
### Resource Costs Envoy is efficient. A sidecar instance typically uses 50-100MB RAM and minimal CPU under normal load. At scale (thousands of sidecars), the aggregate resource overhead matters. Budget ~5-10% additional compute for sidecar proxies.
### Managed Alternatives If Envoy's complexity is too much, managed service meshes (AWS App Mesh, GCP Traffic Director) use Envoy under the hood with simplified configuration. These have their own pricing models.
### Verdict Free and production-grade. The cost is operational complexity, not money.
Completely free. Apache 2.0. The only cost is the significant operational complexity of configuring and maintaining it.
Similar Tools
About
- Stars
- 27,751
- Forks
- 5,324
Explore Further
More tools in the directory
Get tools like this delivered weekly
The Open Source Drop — the best new open source tools, analyzed. Free.
