EnRoute is a lightweight shim to drive Envoy proxy as an API Gateway
ONE edge gateway for all your APIs
Kubernetes Ingress
Use Custom Resource Definitions (CRDs) to drive EnRoute Kubernetes Ingress Controller to secure microservices
Standalone
Use simple REST/GraphQL APIs on the Standalone Gateway to enforce policy for APIs on public/private cloud
EnRoute Auriga
When all you need is an Envoy proxy outside Kubernetes to enforce policy for your microservices
EnRoute Controller to replicate and run policy across multiple Gateways
EnRoute Controller can also enforce the same policy across multiple stateless micro-gateways
Over 90% savings in TCO
EnRoute community edition includes premium features.
Advanced Rate Limits
EnRoute Community edition supports advanced rate-limiting. Define Limits using any L7 state including JWT Claims and different rate-limits for authenticated/unauthenticated users.
JWT
EnRoute community edition supports JWT validation for both Kubernetes and non-Kubernetes workloads
OpenAPI Sync
Ingest and keep EnRoute in sync with OpenAPI Spec
High Throughput and Low Latency
EnRoute data path is built from high-perf Envoy Proxy
Flexible configuration
Configure EnRoute using CRDs for kubernetes, or using simple GraphQL or REST API on control plane
Extend using Filters/Plugins
EnRoute’s extensible filter architecture facilitates fine-grained control to add functionality at global level or on a per-route basis.Use filters like OAuth2, OIDC, JWT, Rate-Limit, Lua to control traffic.
Simple and Intuitive
Configure Standalone using GitOps OR REST
#!/bin/bash
filter_name="jwt_filter_okta"
filter_type="http_filter_jwt"
filter_config='
{
"name" : "okta",
"jwks_uri" : "https://saaras.okta.com/oauth2/default/v1/keys",
"audience" : "api://default",
"issuer" : "https://saaras.okta.com/oauth2/default"
}'
curl -X POST localhost:1323/filter \
-d "filter_name=${filter_name}" \
-d "filter_type=${filter_type}" \
-d "filter_config"="${filter_config}"
Configure Kubernetes Ingress Using CRDs
---
apiVersion: enroute.saaras.io/v1beta1
kind: HttpFilter
metadata:
name: jwt_filter_okta_k8s
namespace: enroute-gw-k8s
spec:
name: jwt_filter_okta
type: http_filter_jwt
httpFilterConfig: |
{
"name" : "okta",
"jwks_uri" : "https://saaras.okta.com/oauth2/default/v1/keys",
"audience" : "api://default",
"issuer" : "https://saaras.okta.com/oauth2/default",
}
---
Latest Articles
Drive API Security at Kubernetes Ingress using Helm and Envoy
Introduction - EnRoute Helm Chart Helm is a popular package manager choice for Kubernetes.
Read More
Enabling Auto-TLS on EnRoute with Jack’s Cert Manager
Introduction - Jack’s Cert Manager Jack’s Cert Manager is a Kubernetes package that helps working with Certificate Authorities like Let’s Encrypt to automatically sign and renew certificates.
Read More
Why and How of Kubernetes Ingress (and Networking)
Services running in Kubernetes are not accessible on public or private cloud.
Read More