Architecture overview

• Introduction
  • Terminology
  • Threading model
• Listeners
  • Listeners
  • Listener filters
  • Network Filter Chain
  • Network (L3/L4) filters
  • TCP proxy
  • UDP proxy
  • DNS Filter
  • Connection limiting
• HTTP
  • HTTP connection management
  • HTTP filters
  • HTTP routing
  • HTTP3 overview
  • HTTP upgrades
  • HTTP dynamic forward proxy
• Upstream clusters
  • Cluster manager
  • Service discovery
  • DNS Resolution
  • Health checking
  • Connection pooling
  • Load Balancing
  • Aggregate Cluster
  • Outlier detection
  • Circuit breaking
  • Upstream network filters
  • Load Reporting Service (LRS)
  • Load balancing policies
• Observability
  • Statistics
  • Access logging
  • Tracing
• Security
  • TLS
  • JSON Web Token (JWT) Authentication
  • External Authorization
  • Role Based Access Control
  • Threat model
  • Extension security: robust_to_untrusted_downstream_and_upstream
  • Extension security: data_plane_agnostic
  • Extension security: robust_to_untrusted_downstream
  • Extension security: requires_trusted_downstream_and_upstream
  • Extension security: unknown
  • External dependencies
  • External dependencies: dataplane_core
  • External dependencies: dataplane_ext
  • External dependencies: controlplane
  • External dependencies: api
  • External dependencies: observability_core
  • External dependencies: observability_ext
  • External dependencies: build
  • External dependencies: other
  • External dependencies: test_only
  • Google Vulnerability Reward Program (VRP)
• Operations & configuration
  • xDS configuration API overview
  • Initialization
  • Draining
  • Runtime configuration
  • Hot restart
  • Overload manager
• Other features
  • Local rate limiting
  • Global rate limiting
  • Bandwidth limiting
  • Scripting
  • IP Transparency
  • Compression Libraries
• Other protocols
  • gRPC
  • MongoDB
  • DynamoDB
  • Redis
  • Postgres
• Advanced
  • Sharing data between filters
  • Attributes
  • Generic Matching