Control traffic with policies
Use Gloo policies to control the traffic within your service mesh environment. Review the following available policies or learn more about Policy enforcement.
FailoverUse a failover policy to determine where to reroute traffic in case of failure.
Fault injectionTest the resilience of your apps by injecting delays and connection failures.
Outlier detectionConfigure Gloo to remove unhealthy destinations from the connection pool, and add the destinations back when they become healthy again.
RetryReduce transient failures and hanging systems by setting retries and timeouts.
TimeoutReduce transient failures and hanging systems by setting retries and timeouts.
TCP connectionSet up connection pool settings such as keepalive for TCP protocols.
AccessControl access for workloads in your service mesh.
CORSEnforce client-site access controls with cross-origin resource sharing (CORS).
External authSet up an external authentication and authorization to protect the workloads in your cluster. For example, you can set up basic, passthrough, API key, OAuth, OPA, or LDAP authentication.
Traffic control policies
Header manipulationAppend or remove HTTP request and response headers at the route level.
MirrorDuplicate outgoing traffic, to test a new app.
Rate limitControl the rate of requests to destinations within the service mesh.
WebAssembly (Wasm) deploymentAdd a Wasm filter to the Envoy sidecar proxy, for use cases such as customizing the endpoints and thresholds for your workloads.
Access logConfigure how access logs are recorded for your services.
Gloo Gateway ingress policies
You can use the following policies to control traffic through the ingress gateway in north-south scenarios.
To use this feature, you must have a Gloo Gateway license in addition to your Gloo Mesh license.
CSRFApply a CSRF filter to the gateway to help prevent cross-site request forgery attacks.
JWTControl access or route traffic based on verified claims in a JSON web token (JWT).
TransformationAlter a request before matching and routing, such as with an Inja header template.
WAFFilter, monitor, and block potentially harmful HTTP traffic with a Web Application Firewall (WAF) policy.