Pushing Envoy Beyond the Edge

Transcript

1. None

2. JP Simard, Lyft Pushing Envoy Beyond the Edge

3. None

4. What’s Envoy Mobile? • Mobile networking client • Built on

   Envoy • Designed for iOS & Android • Runs in-process • Polyglot Library • APIs for C++, Swift, Kotlin, 
 Objective-C, Java & Python • Open Source, Apache 2.0 • envoymobile.io

5. Why build this? • Bring what makes Envoy great on

   the server to mobile apps • Rich Observability • Support for latest networking technologies • Consistency: Same networking engine on iOS, Android & Server • Control: Lots of knobs! Open source so we can fix/change things. • Debuggability: Stepping through your networking code and seeing exactly how it works • On iOS, the networking library mostly ships with the OS and is a closed-source black box

6. Timeline • 2016: Envoy is announced • 2019: Work begins

   on Envoy Mobile • 2019-2021: Envoy Mobile gains mostly feature-parity with the standard networking libraries on iOS & Android • 2021-2022: Production experiments with Lyft apps begin • Mid-2022: Envoy Mobile is serving 98% of all network requests made by Lyft’s mobile apps

7. eng.lyft.com Now Powering Lyft Apps

8. Rich Observability

9. Server vs Mobile Environments Server • Stable • Fast •

   Single Provider • Control

10. Server vs Mobile Environments Mobile • Unreliable • Inconsistent •

    Many Carriers • User Configured

11. Carrier Variability

12. Mobile Constraints • Low available memory • Unreliable connectivity •

    Many carriers • User configurations • Frequently moving between networks and interfaces • Can get killed/backgrounded by the OS at any moment • Can’t SSH into a problematic instance to troubleshoot • New IDEs & distribution processes: Xcode & Android Studio • Binary size is important

13. Mobile Constraints (cont’d) • iOS and Android sometimes behave in

    surprising ways • Android can block some DNS resolutions when backgrounded and in low power mode • Android uses dual stack sockets, and for some carrier configurations this means IPv4 addresses don’t work • We always force IPv6 on Android for that reason • On iOS, Envoy Mobile can crash when the app is shutting down • Crossing the JNI (Java Native Interface) is cumbersome and costly

14. Binary Size Reduction

15. IDE Integration

16. Recent Developments • Support for VPNs on Android • Required

    moving from c-ares to getaddrinfo as a DNS resolver • Support for proxies on Android • Mostly complete, running production experiments now • Android platform certificate chain delegation • Next up: Support for proxies on iOS • This is the last big piece of core functionality we’re missing • Next up: QUIC/HTTP3 production experiments • Next up: Improving xDS for mobile use cases

17. Architecture Overview

18. Architecture Overview

19. Architecture Overview

20. Architecture Overview

21. Architecture Overview

22. Architecture Overview

23. Architecture Overview

24. Architecture Overview

25. Architecture Overview

26. Architecture Overview

27. Architecture Overview

28. Contributors Mike José Michael Keith Rafał and dozens more on

    Envoy Mobile directly, not to mention over a hundred contributors to the main Envoy project Alyssa Alan Ryan Ali

29. Questions? JP Simard • [email protected] • @simjp