{"id":21878965,"url":"https://github.com/nitro/envoy-docker-shim","last_synced_at":"2025-04-15T03:06:52.891Z","repository":{"id":64303476,"uuid":"135295599","full_name":"Nitro/envoy-docker-shim","owner":"Nitro","description":"Run Envoy in place of docker-proxy and get metrics, tracing for free","archived":false,"fork":false,"pushed_at":"2018-06-14T16:01:18.000Z","size":144,"stargazers_count":21,"open_issues_count":0,"forks_count":3,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-06-21T11:12:06.990Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Nitro.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-05-29T12:51:59.000Z","updated_at":"2020-07-08T03:18:21.000Z","dependencies_parsed_at":"2023-01-15T10:01:01.515Z","dependency_job_id":null,"html_url":"https://github.com/Nitro/envoy-docker-shim","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nitro%2Fenvoy-docker-shim","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nitro%2Fenvoy-docker-shim/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nitro%2Fenvoy-docker-shim/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nitro%2Fenvoy-docker-shim/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Nitro","download_url":"https://codeload.github.com/Nitro/envoy-docker-shim/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":226881023,"owners_count":17696894,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-28T08:14:15.882Z","updated_at":"2024-11-28T08:14:16.584Z","avatar_url":"https://github.com/Nitro.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"Envoy Docker Shim\n=================\n\n![goreportcard](https://goreportcard.com/badge/github.com/Nitro/envoy-docker-shim)\n[![Build Status](https://travis-ci.org/Nitro/envoy-docker-shim.svg?branch=master)](https://travis-ci.org/Nitro/envoy-docker-shim)\n\nThis is a pre-production project to use Envoy in place of Docker's own\n`docker-proxy`. The point of doing this is to enable Envoy's metric gathering\nand distributed tracing capabilities for any service running on Docker.\nEssentially if you run this, you get half of a basic service mesh almost for\nfree.  There are four parts to the system:\n\n1. A registrar service that runs on the Docker host and serves the discovery\n   APIs to Envoy.\n2. A command line application that takes the same arguments as Docker's\n   native `docker-proxy` command but registers the new endpoint with\n   the registrar. It talks to the registrar over a Unix socket.\n3. An instance of Envoy, normally itself running inside a Docker container\n   in host networking mode.\n4. A shell script which can restore the state in the registrar in the event\n   that it needs to be restarted while containers are running.\n\nTogether these form a system which allows Envoy to handle both HTTP and TCP\nproxying duties and the command line tool continues to handle UDP traffic using\nthe code from `docker-proxy`. Currently SCTP is not supported.\n\nInstallation\n------------\n\nYou must run `dockerd` with the following settings:\n\n* `--userland-proxy-path=/path/to/envoy-docker-shim`: Replaces `docker-proxy`\n  with the shim from this project, in order to tell Envoy what to listen on\n  and where to forward to.\n* `--iptables=false`: Disables IPTables forwarding of Docker traffic,\n  thereby forcing everything over Envoy.\n\nOnce you've enabled the `--iptables=false` setting, you will no longer be\nallowing traffic to flow into the bridged network directly via the Kernel.  All\ntraffic will be proxied at Layer 4 or 7, depending on which mode you are\nproxying.\n\nOperations\n----------\n\nThe command line tool doesn't require any special operations. However, the\nother two components require a little attention.\n\n### Server\n\nYou will need to start the server part of this application on the Docker host\nitself. We'll be building a container for this, but for now you need to just\nput the binary somewhere and get it to start.\n\n### Resync\n\nTo prevent issues with getting out of sync with reality, the server only stores\nstate in memory. Upon restart of the service, when existing copies of the shim\nare running for containers, you need to run the `resync` script, which will\nlookin the process table and replay entries for existing containers. If you run\nthe server from systemd or another process manager, you should make sure that\nthe resync is run when the service is up.\n\nContainer Settings\n------------------\n\nThis project currently assumes that you will have set at least two, and\npossibly three Docker labels on each of your containers. These are _not_\nrequired, but do improve the experience of using this project, particularly\naround the area of distributed tracing. The Docker labels are used to create\nthe tags that get applied to services when reported to Zipkin or Jaeger. The\nthree labels are inherited from [Sidecar](https://github.com/Nitro/sidecar) and\nare:\n\n* `EnvironmentName`: Intended to be something that is meaningful to you. It could\n  be a customer name, or something like `production` or `staging`.\n* `ServiceName`: How you want to name the service in traces. This normally does not\n  include the name of the environment. Thus if your service is named `nginx-prod`\n  you would probably just name it `nginx` in this label.\n* `ProxyMode`: This shim assumes that you will be running in `http` proxy mode\n  and that is the default value for this label if you don't provide it. If you\n  instead want Envoy to proxy TCP traffic, you need to provide the value `tcp`.\n\nExample Configuration\n---------------------\n\nWe've included an exmaple `envoy.yaml` in the [examples](./examples) directory,\nwhich will get you up and running with Envoy (tested on 1.6, 1.7). This should\nwork with the upstream Envoy container, or with [Nitro's Envoy\ncontainer](https://hub.docker.com/r/gonitro/envoyproxy/)\n\nContributing\n------------\n\nContributions are more than welcome. Bug reports with specific reproduction\nsteps are great. If you have a code contribution you'd like to make, open a\npull request with suggested code.\n\nPull requests should:\n\n * Clearly state their intent in the title\n * Have a description that explains the need for the changes\n * Include tests!\n * Not break the public API\n\nPing us to let us know you're working on something interesting by opening a\nGitHub Issue on the project.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnitro%2Fenvoy-docker-shim","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnitro%2Fenvoy-docker-shim","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnitro%2Fenvoy-docker-shim/lists"}