EnvoyCon 2018 has ended

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Monday, December 10


Registration and Pastries
Monday December 10, 2018 8:30am - 9:00am
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Welcome + Introduction - Matt Klein, Lyft
avatar for Matt Klein

Matt Klein

Software Engineer, Lyft
Matt is a software engineer at Lyft and a project lead for Envoy proxy.

Monday December 10, 2018 9:00am - 9:10am
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Lightning Talk: Who is Envoy - Harvey Tuch, Google
An analysis of Envoy source code, contributors, history and evolution, providing insight into the trust relationships in the community, who is developing, reviewing and approving changes. What the Envoy developer dynamic looks like, a quantitative state-of-the-union.

avatar for Harvey


Staff Software Engineer, Google
Harvey Tuch is a Staff Software Engineer at Google, where he works on Cloud networking products and the development of the Envoy proxy. He works primarily on APIs, security and performance topics.

Monday December 10, 2018 9:10am - 9:20am
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Lightning Talk: It’s 10pm, do you know what your proxy is doing? Understanding the xDS Protocol! - Isaac Diamond, Stripe
The Envoy xDS protocol forms the backbone of the Envoy v2 discovery APIs but understanding the the details can be pretty challenging. Remembering the differences between the CDS, LDS, EDS, and RDS is tough, let alone figuring out how they work under the hood! The documentation for the xDS protocol can be hard to understand for beginners and there are a few subtleties to consider while building an implementation. This talk explores the design of the xDS protocol through the lens of our experience building a management server implementation. Over the course of this talk we’ll cover the basics of the lifecycle of xDS gRPC connections and the way configuration updates are delivered to Envoy. Attendees will hopefully come away with a clearer understanding of the internals of the protocol that underlies Isito and Envoy’s Go Control Plane and will be equipped with an understanding of where to look to start building xDS implementations themselves!

avatar for Isaac Diamond

Isaac Diamond

Software Engineer, Stripe

Monday December 10, 2018 9:20am - 9:30am
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Envoy at Square - Michael Puncel + Snow Petteren, Square, Inc.
This talk will cover:
- motivation for Square's move to Envoy
- design considerations that went into our implementation and rollout process
- particulars about our Envoy setup in our infrastructure (unix sockets, no TLS in apps, etc)
- how we supported legacy client behavior in Envoy
- how we streamlined the migration process to minimize interruption to app engineer road maps


Snow Pettersen

Software Engineer, Square, Inc.
I work on the Square's Traffic team, responsible for managing our software proxies and other RPC infrastructure.
avatar for Michael Puncel

Michael Puncel

Software and Production Engineer, Square, Inc.
I spent my first few years at Square building our deployment system called P2. Now I'm working on migrating us to an Envoy-based service mesh.Outside of work I love cooking, running, and backpacking.

Monday December 10, 2018 9:30am - 10:00am
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Use Envoy + Knative to auto scale Java RPC micro service - Andy Shi, Alibaba
Envoy and Istio have greatly enhanced Observability of micro-services. But are we stopping at observing and reporting? How about reacting based on the metrics collected?

Kubernets and other orchestration systems have already offered auto-scaling capability.  Is there a way to incorporate the matrics into the mechanism?

Dubbo RPC is an Open Source Java RPC framework. Now that Envoy has supported Dubbo protocol, the metric generated by Dubbo can be fed into the Prometheus. With that, we can gain many insights that outside systems like Kubernets simply cannot access.

In this talk, we'll talk about how we integrated Dubbo protocol with Envoy and feed the metric into Prometheus. We will show a live demo of a feedback loop where Prometheus triggers an alert to a Knative Serverless function that will auto-scale the pods.

avatar for andy shi

andy shi

developer advocate, Alibaba Inc
Andy is a developer advocate for Alibaba group. He is passionate about open source projects. He has years of experience working on open source projects from large popular ones to less famous ones. Inside Alibaba he is a strong advocate for adopting open source mind set in engineering... Read More →

Monday December 10, 2018 10:00am - 10:30am
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Monday December 10, 2018 10:30am - 11:00am
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Running Envoy as an Edge Proxy - Bala Madhaven, eBay + Qiu Yu, eBay
At eBay we run Envoy as our Edge proxy in PoPs (Point of Presence) across the globe. In this talk, while we walk through eBay's journey of running Envoy at all eBay POP's, we will discuss the following key aspects:
  • Architecture overview of eBay Edge Proxy
  • Managing Envoy in Kubernetes.
  • Consistently developing the entire stack across all edges of Helm.
  • Building a metrics and access log based pipelines for better visibility using Prometheus and ELK stacks. 
  • Migrating Hardware LB configurations to Envoy and validating them using automation tools.
  • Integrating Envoy at ATS (Apache Traffic Server) to enable dynamic caching at eBay.
In this talk, we will touch on the challenges and the solutions that were applied while we completely moved all eBay mobile traffic from Hardware LB to Envoy. 

avatar for Bala Madhavan

Bala Madhavan

MTS, eBay
A Software guy interested in all types of cloud networking technologies, analytics, ML etc.

Qiu Yu

Senior Software Engineer, eBay
Cloud and Infrastructure Handyman

Monday December 10, 2018 11:00am - 11:30am
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Running Envoy at the Edge - Derek Argueta, Pinterest
Migrating infrastructure can be hard, but we want to help you accomplish it. In this talk, we will walk you through the story of how we operationalized and deployed Envoy as the edge load balancer for Pinterest, and all the fun learnings along the way. We will demonstrate how we leverage Envoy's powerful stats subsystem to build confidence in the load balancing tier and aid debugging for all engineers. We will also discuss some of the upstream contributions we have made and why we needed them, as well as cover the custom extensions we wrote to accomplish on-par feature parity with our previous load balancing system. You will learn how we debug, profile, and develop on Envoy. Lastly, we will lay out the vision for Envoy in the service mesh use-case at Pinterest and provide information about how we plan to get there.

avatar for Derek


Traffic SRE, Pinterest
Derek is a Site Reliability Engineer on the Traffic team and an Envoy advocate within Pinterest. He's passionate about observability in networked systems and building resilient software.

Monday December 10, 2018 11:30am - 12:00pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


How to DDOS yourself with Envoy (and other tales of migration horror) - Ben Plotnick, Yelp + John Billings, Yelp
Yelp has been working with service meshes since the introduction of SmartStack in 2014. After reaching the limits of the SmartStack featureset, we were eager to upgrade to Envoy. With years of experience operating a service mesh at scale, we figured that the migration would be a walk in the park… It turns out the park is larger than we thought.

In this session, we’ll discuss our experience migrating Yelp’s hundreds of services to using Envoy, the migration challenges we faced, and the solutions that we’ve come up with including:

* Transparently moving clients between SmartStack and Envoy using client library feature toggles
* Transforming Envoy’s grpc access log messages to HAProxy-formatted syslog messages in order to harness our existing log processing pipeline
* Using docker-based acceptance testing to confidently push control plane changes directly to production
* How to avoid DDOSing yourself with Envoy’s health checks

avatar for John Billings

John Billings

Group Tech Lead, Yelp
John is a Technical Lead for Infrastructure at Yelp. Prior to this, he received his PhD from the University of Cambridge by building compilers for Internet routing protocols.

Ben Plotnick

Software Engineer, Yelp
Ben Plotnick is a software engineer at Yelp. As a member of the Engineering Effectiveness group, his goal is to make engineering at Yelp faster, more efficient, and easier.

Monday December 10, 2018 12:00pm - 12:30pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Monday December 10, 2018 12:30pm - 1:30pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Lightning Talk: Extending Envoy with Go - Thomas Graf, Covalent
Envoy has become a popular proxy in the cloud native landscape thanks to its robustness, stability, efficiency and community. What if we could extend Envoy filters and parsers using Go. This talk introduces the new Go based extension framework for Envoy that allows to extend Envoy with customized filters, logic and protocol parsers written in Go without requiring to understand the entire C++ codebase. We will walk through how everyone in the community can write a Go extension to Envoy to add additional protocol parsers or filtering logic and discuss how this allows to implement a fully distributed servicemesh.

avatar for Thomas Graf

Thomas Graf

Co-Founder & CTO, Isovalent
Thomas Graf is Co-Founder & CTO at Isovalent and creator of the Cilium project. Before this, Thomas has been a Linux kernel developer at Red Hat for many years.

Monday December 10, 2018 1:30pm - 1:40pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Lightning Talk: Debugging microservices applications with Envoy + Squash - Idit Levine, Solo.io
The mainstreaming of containerization and microservices is raising a critical question by both developers and operators: how do we debug all this?

Debugging microservices applications is a difficult task. The state of the application is spread across multiple microservices, and it is hard to get a holistic view of the state of the application. To meet this challenge we developed Squash, the microservices debugger. Squash integrates with Envoy to attach a debugger to any application in the service mesh.

In this talk, we will describe the Envoy filters we wrote to integrate with Squash to facilitate distributed debugging. 

avatar for Idit Levine

Idit Levine

CEO, Solo.io
Idit Levine is the founder and CEO of solo.io, which develops open-source tools to help the enterprise adopt innovative cloud technologies.

Monday December 10, 2018 1:40pm - 1:50pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Bridging the gap between on-prem and cloud: a story about Envoy + a hybrid boundary - Tristan J Blease, Groupon + Michael Chang, Groupon
Groupon operates regional data centers where our product and platform engineering teams deploy and manage over 600 microservices on-premise. This year marks the start of our journey to migrate these microservices to the cloud where we expect them to run alongside our existing on-premise deployments.

Like many others on similar journeys, we have an important problem to solve: how do we enable traffic to cross our new hybrid boundaries?

From the previous usage, we know that Envoy can play a pivotal role in solving this problem, but what other components would be needed? How can we create a fully automated system that deeply integrates with our on-premise environments, which currently lack automation in key places? For this project to be successful, we have to answer these questions and more.

Join us to learn how Groupon is answering these questions and to learn how we are rolling out a fully automated system of edge proxies leveraging Envoy and other technologies for traffic management.

avatar for Tristan J Blease

Tristan J Blease

Principal Software Engineer, Groupon
Tristan Blease is a principal software engineer at Groupon. He focuses on leading teams that are building tooling and infrastructure to ensure the success of our cloud migration.

Michael Chang

Senior Software Engineer, Groupon
Michael Chang is a senior software engineer at Groupon. He focuses on application security, building our internal PKI, and internal traffic migrations to HTTPS.

Monday December 10, 2018 1:50pm - 2:20pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Hardening Envoy - Alyssa Wilk, Google
As Envoy picks up momentum both as a standalone proxy and the signature proxy of CNCF it becomes more and more important to improve Envoy's reliability and stability without reducing developer momentum.

This talk will cover some of the recent enhancements made both to the Envoy binary to improve reliability and decrease attack surface, work done to fuzz both Envoy and Envoy's third party dependencies to reduce the likelihood of queries of death sneaking into the code base, and committed and planned changes to the Envoy test framework to improve end to end coverage and better test production-like scenarios.

avatar for Alyssa Wilk

Alyssa Wilk

Senior Staff Software Engineer, Google
Alyssa is a Staff Software Engineer at Google, where she spent a decade writing and enhancing the GFE, Google's front-line HTTP proxy, before shifting focus to making Envoy as awesome as the GFE.

Monday December 10, 2018 2:20pm - 2:50pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Lightning Talk: Integrating Envoy with DPDK-based virtual networks - Raja Sivaramakrishnan, Voltera Edge Services
This talk will focus on the work we have done at Volterra to
integrate Envoy with a user space network stack built on top
of DPDK (Data Plane Developer Kit) with support for load
balancing across multiple virtual networks.



Software Engineer, Volterra Edge Services
Raja Sivaramakrishnan is a software engineer at Volterra, working on packet forwarding infrastructure. He was previously at Juniper Networks and Contrail Systems.

Monday December 10, 2018 2:50pm - 3:00pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Monday December 10, 2018 3:00pm - 3:30pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Lightning Talk: How to deploy mutually authenticated TLS without ruining everything - Spike Curtis, Tigera
TLS with mandatory mutual authentication is the gold standard for communication in distributed applications and forms the backbone of a Zero Trust Network. Envoy can do it for you with no application code changes, but if you just “turn it on” in a live production cluster you’ll quickly find you have a major disruption on your hand.

In this presentation, Spike will explain and demonstrate how to take a production cluster from a completely unencrypted to fully secured without dropping traffic. The demonstration will use Istio, but Spike will explain conceptually and cover the Envoy config changes being made in each step so the techniques can be applied to any Envoy service mesh. 

avatar for Spike Curtis

Spike Curtis

Senior Software Engineer, Tigera
Spike Curtis is a software developer at Tigera. He co-leads the Istio Security Working Group and is a contributing author of SPIFFE specifications.  He is also a core developer for Calico.

Monday December 10, 2018 3:30pm - 3:40pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Using Envoy for data aware traffic routing in Azure Service Fabric - Vaclav Turecek, Microsoft
Learn how Envoy is the key component in solving Service Fabric's unique data-aware traffic routing challenges. With co-located compute and state, service communication needs to be aware of data partitioning and replica placement in addition to the ingress, discovery, and networking challenges typically found in distributed applications and cloud-native architectures.
We'll show you how Envoy is being integrated into Service Fabric to abstract away the complexities of traffic routing and provide a language and platform agnostic service communication layer. As a bonus, we'll also show you how we made Envoy work on Windows.

avatar for Vaclav Turecek

Vaclav Turecek

Principal Program Manager, Microsoft
Vas is a Principal Program Manager at Microsoft. Over the last few years, he has been working at Microsoft Azure to bring large-scale distributed systems to the masses with Service Fabric.

Monday December 10, 2018 3:40pm - 4:10pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Building + operating a service mesh at a mid-size company - Taiki Ono, Cookpad Inc.
Service meshes are not only for big companies. It works for intermediate-sized companies as well. We, Cookpad, are a mid-sized company having 200+ developers, 10+ teams, 90M monthly users.

We are building our own service mesh using Envoy proxy for our microservices. And, we are getting the benefit of service mesh. The biggest benefit is observability: we can easily know how our microservices are working by looking into fine-grained metrics per upstream service. The second benefit is process model independency: we now have the outbound proxy for every app which controls retries, timeouts, circuit breaking and load balancing.

I will share the knowledge and techniques through our case: how did we build, and our architecture and toolchains. We are using AWS ECS as a container orchestration, and our service mesh is built on it.

avatar for Taiki Ono

Taiki Ono

Software Engineer, Cookpad, Inc.
Taiki Ono is a Software Engineer at Cookpad, where he is building a microservices platform including a service mesh, to archive high development efficiency and quality.

Monday December 10, 2018 4:10pm - 4:40pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


Closing Remarks - Matt Klein, Lyft
avatar for Matt Klein

Matt Klein

Software Engineer, Lyft
Matt is a software engineer at Lyft and a project lead for Envoy proxy.

Monday December 10, 2018 4:40pm - 5:10pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building


EnvoyCon Reception
Please stay and socialize with attendees and speakers. EnvoyCon will provide beverages and light catering. Please meet us on the floor below the meeting room and be sure to keep your name badge on!

Monday December 10, 2018 5:10pm - 6:30pm
Tahoma 3+4 @ TCC The Conference Center (TCC) - Separate from the WSCC building