Envoy Gateway

Last update: June 10 2026

Envoy Gateway is a solution for managing inbound and outbound traffic in Kubernetes, built on Gateway API resources and the Envoy proxy server.

Envoy Gateway tasks:

• routing of HTTP, HTTPS, and TCP traffic;
• load balancing;
• SSL and TLS connection termination;
• advanced traffic management — for example, support for canary and blue-green deployments.

In Managed Kubernetes, Envoy Gateway is not pre-installed in the cluster; it must be installed manually.

Gateway API

Gateway API is a Kubernetes plugin with a set of API resources for managing network traffic at layers L4 and L7, load balancing, routing, security policies, and multi-cluster support.

Gateway API resources include:

• GatewayClass;
• Gateway;
• HTTPRoute;
• GRPCRoute.

Read more about Gateway API resources in the Resource model section of the Gateway API guide in the Kubernetes documentation.

Gateway API is a modern alternative to Ingress. Their key differences can be found in the Key Differences Between Ingress API and Gateway API section of the Migrating from Ingress guide in the Gateway API documentation.

Install Envoy Gateway

Control panel

To run the application, a load balancer of the Basic redundant type and a public IP address will be created. The load balancer type cannot be changed after creation. If you want to change the load balancer type or its parameters, install the application using a Helm chart.

1. Ensure that a quota for at least one public IP address is allocated in the pool.
2. In the Control panel, on the top menu, click Products and select Managed Kubernetes.
3. Open the cluster page → Applications tab.
4. In the Available for installation block, click Envoy Gateway.
5. Check the price of the load balancer and the public IP address.
6. Click Install. A new Basic redundant load balancer with a public IP address will be created. The load balancer will appear in the Control panel: on the top menu, click Products and select Cloud servers → Load balancers section → tab Load balancers.

Helm

You can install Envoy Gateway:

• without configuring parameters — the default parameter values specified in the Helm chart are used. You can view the default values using the helm inspect values oci://docker.io/envoyproxy/gateway-helm; command;
• or with parameter configuration — you configure parameters in a file and use it for installation.

Without parameter configuration

1. Connect to the cluster.

2. Install the Helm package manager Helm.

3. Install Envoy Gateway:

   helm upgrade --install eg --create-namespace oci://docker.io/envoyproxy/gateway-helm --version v1.6.3 -n envoy-gateway-system

4. Ensure that Envoy Gateway is installed:

   kubectl get pods -n envoy-gateway-system

   Information about Envoy Gateway will appear in the response:

   NAME                              READY   STATUS    RESTARTS   AGE
   envoy-gateway-8545855df8-vjqtf    1/1     Running   0          35s

With parameter configuration

1. Connect to the cluster.

2. Install the Helm package manager Helm.

3. Get the default values for the envoyproxy/gateway-helm Helm chart and save them to the envoy-gateway-values.yaml file:

   helm inspect values oci://docker.io/envoyproxy/gateway-helm --version v1.6.3 > envoy-gateway-values.yaml

4. In the envoy-gateway-values.yaml file, configure the necessary parameters and save the changes.

5. Install Envoy Gateway:

   helm upgrade --install eg --create-namespace oci://docker.io/envoyproxy/gateway-helm --version v1.6.3 -n envoy-gateway-system --values envoy-gateway-values.yaml

6. Ensure that Envoy Gateway is installed:

   kubectl get pods

   Information about Envoy Gateway will appear in the response. For example:

   NAME                              READY   STATUS    RESTARTS   AGE
   envoy-gateway-8545855df8-vjqtf    1/1     Running   0          35s