Overview
The article discusses how SafetyCulture utilizes Envoy and Lua for edge routing, focusing on routing traffic based on application criteria and user characteristics. It highlights the requirements for edge routing, compares various solutions, and provides insights into implementing region-based routing using JWTs.
What You'll Learn
1
How to implement edge routing using Envoy and Lua
2
Why region routing is essential for user-specific traffic management
3
When to use JWTs for routing decisions in edge networks
Prerequisites & Requirements
- Understanding of HTTP/2, gRPC, and REST APIs
- Familiarity with Envoy and Lua scripting(optional)
Key Questions Answered
What are the main requirements for edge routing at SafetyCulture?
The main requirements include HTTP/2 support at both frontend and backend, gRPC and REST support, end-to-end TLS encryption, and region routing based on user characteristics. These criteria ensure efficient and secure traffic management for the platform APIs.
How does Envoy handle region routing based on JWTs?
Envoy routes requests by extracting user region information from JWTs. The routing logic updates the region header dynamically based on the user's region, allowing requests to be forwarded to the appropriate geographical datacenter, enhancing performance and compliance.
What are the limitations of using Nginx and OpenResty for edge routing?
Nginx and OpenResty support HTTP/2 and gRPC but lack proper DNS management for upstream clusters. This limitation can lead to configuration errors when using certain proxy directives, making them less suitable for complex routing requirements compared to Envoy.
What are the potential pitfalls when using Lua with Envoy?
Common pitfalls include memory leaks due to non-local variable declarations and the risk of I/O blocking operations, which can degrade performance. Developers must ensure proper variable scoping and avoid synchronous I/O operations to maintain Envoy's efficiency.
Technologies & Tools
Some links below are affiliate links. We may earn a commission if you make a purchase.
Backend
Envoy
Used as a high-performance edge router for managing traffic and implementing routing logic.
Scripting
Lua
Utilized for implementing custom routing logic within Envoy.
Authentication
JWT
Used to carry user information for routing decisions.
Key Actionable Insights
1Implement region routing in your edge network by leveraging JWTs to extract user information.This approach allows for dynamic routing decisions based on user characteristics, improving performance and user experience.
2Ensure Envoy is compiled with exported symbols to fully utilize Lua scripting capabilities.Without this, Lua scripts may not function correctly, leading to unexpected behaviors in production environments.
3Monitor file descriptor usage closely in high-load scenarios to prevent service interruptions.Increasing the file descriptor limit is crucial for maintaining performance under heavy traffic, especially in environments with many simultaneous connections.
Common Pitfalls
1
Not declaring variables as local in Lua scripts can lead to memory leaks.
This occurs because non-local variables persist across requests, causing memory usage to grow uncontrollably, which can result in service failures under load.
2
Performing I/O blocking operations within Lua scripts can degrade Envoy's performance.
Since Lua execution in Envoy is synchronous, any blocking operation will halt request processing, leading to increased latency and potential timeouts.
Related Concepts
Edge Routing
Traffic Management
Microservices Architecture
API Gateway Patterns