Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Pushing Envoy Beyond the Edge

JP Simard
October 24, 2022

Pushing Envoy Beyond the Edge

Over the last decade, infrastructure has been moving away from monolithic centralized servers and increasingly towards end users, with a focus on Edge Computing to run code as close to the people who are accessing it, wherever they are in the world. Envoy Mobile has pushed Envoy beyond the edge, all the way to your fingertips, unlocking a world of possibilities (and challenges) by being able to run Envoy on every node in the network chain from app to service and back again. Come learn how we’ve adapted Envoy to run as native embedded libraries for iOS and Android that feel right at home no matter the platform ecosystem; how we narrowed and in some cases exceeded the performance gap with established mobile networking libraries; what mobile-specific use cases or problem areas we discovered along the way, and how we solved for them; how Envoy’s rich observability tools helped us roll out safely to billions of requests a day; and how this is just the beginning of pushing mobile networking to the next level.

JP Simard

October 24, 2022

More Decks by JP Simard

Other Decks in Programming


  1. What’s Envoy Mobile? • Mobile networking client • Built on

    Envoy • Designed for iOS & Android • Runs in-process • Polyglot Library • APIs for C++, Swift, Kotlin, 
 Objective-C, Java & Python • Open Source, Apache 2.0 • envoymobile.io
  2. Why build this? • Bring what makes Envoy great on

    the server to mobile apps • Rich Observability • Support for latest networking technologies • Consistency: Same networking engine on iOS, Android & Server • Control: Lots of knobs! Open source so we can fix/change things. • Debuggability: Stepping through your networking code and seeing exactly how it works • On iOS, the networking library mostly ships with the OS and is a closed-source black box
  3. Timeline • 2016: Envoy is announced • 2019: Work begins

    on Envoy Mobile • 2019-2021: Envoy Mobile gains mostly feature-parity with the standard networking libraries on iOS & Android • 2021-2022: Production experiments with Lyft apps begin • Mid-2022: Envoy Mobile is serving 98% of all network requests made by Lyft’s mobile apps
  4. Mobile Constraints • Low available memory • Unreliable connectivity •

    Many carriers • User configurations • Frequently moving between networks and interfaces • Can get killed/backgrounded by the OS at any moment • Can’t SSH into a problematic instance to troubleshoot • New IDEs & distribution processes: Xcode & Android Studio • Binary size is important
  5. Mobile Constraints (cont’d) • iOS and Android sometimes behave in

    surprising ways • Android can block some DNS resolutions when backgrounded and in low power mode • Android uses dual stack sockets, and for some carrier configurations this means IPv4 addresses don’t work • We always force IPv6 on Android for that reason • On iOS, Envoy Mobile can crash when the app is shutting down • Crossing the JNI (Java Native Interface) is cumbersome and costly
  6. Recent Developments • Support for VPNs on Android • Required

    moving from c-ares to getaddrinfo as a DNS resolver • Support for proxies on Android • Mostly complete, running production experiments now • Android platform certificate chain delegation • Next up: Support for proxies on iOS • This is the last big piece of core functionality we’re missing • Next up: QUIC/HTTP3 production experiments • Next up: Improving xDS for mobile use cases
  7. Contributors Mike José Michael Keith Rafał and dozens more on

    Envoy Mobile directly, not to mention over a hundred contributors to the main Envoy project Alyssa Alan Ryan Ali