Gateway module

Gloo Mesh Gateway, which is an abstraction of Istio's ingress gateway model, uses an Envoy proxy as the ingress gateway into and out of your multicluster service mesh environment.

Gateway use cases

Using the Gloo Mesh API to manage the gateway helps you simplify your networking setup because you can write advanced configurations one time and apply the same configuration in multiple places and different contexts. For example, you can write a rate limit policy once. Then, you can apply this policy both to traffic coming into the cluster via the gateway (north-south), as well as to traffic within the multicluster service mesh (east-west).

Gateway includes the following capabilities to help you manage and secure north-south traffic to your service mesh.

License requirements

You must purchase a Gloo Mesh Gateway license. When you install Gloo Mesh, use this gateway license instead of a basic Gloo Mesh Enterprise license.

For a comparison of the features you get with the open source, basic version of an Istio ingress gateway versus the Gloo Mesh Gateway, see the following table.

Feature Gloo Mesh Gateway Istio ingress
Proxy external traffic to mesh workloads
Basic security such as JWT, TLS, CORS
Advanced security including WAF and DLP
Advanced authentication for OIDC, API keys, and LDAP
Request and response transformation
Advanced rate limiting
Advanced traffic routing and shaping
Federation
Automatic service and API discovery
API developer portal

Next Steps

Try out the Gloo Mesh Gateway module guide.