You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Orion Proxy is a high performance and memory safe implementation of popular [Envoy Proxy](https://www.envoyproxy.io/). Orion Proxy is implemented in Rust using high-quality open source components.
10
10
11
-
### Key Features
12
11
13
-
**Memory Safety**
12
+
## Key features
14
13
15
-
Rust programming language allows to avoid a whole lot of bugs related to memory management and data races making Orion Proxy a very robust and secure application.
16
14
17
-
**Performance**
15
+
### Memory Safety
18
16
19
-
Orion Proxy offers 2x-4x better throughput and latency than Envoy Proxy. Refer to [Performance](docs/performance/performance.md) to see performance figures and for more details how we tested Orion Proxy.
17
+
Rust programming language allows Orion Proxy implementation to avoid a whole set of bugs related to memory management and data races making Orion Proxy a very robust and secure application.
18
+
19
+
20
+
### Performance
21
+
22
+
Orion Proxy offers 2x-4x better throughput and latency than Envoy Proxy. Refer to [Performance](docs/performance/performance.md) to see more performance figures and more details on how Orion Proxy was tested.
20
23
21
24
<table>
22
25
<tr>
@@ -35,15 +38,21 @@ Orion Proxy offers 2x-4x better throughput and latency than Envoy Proxy. Refer t
35
38
</tr>
36
39
</table>
37
40
38
-
**Compatibility**
41
+
### Use Cases and Compatibility
39
42
40
-
Orion Proxy configuration is generated from Envoy's xDS protobuf definitions. Orion Proxy aims to be a drop in replacement for Envoy.
43
+
Orion Proxy configuration is generated from Envoy's xDS protobuf definitions. Orion Proxy aims to be a drop in replacement for Envoy for the most common or popular use-cases.
44
+
45
+
**Kubernetes Gateway** - Orion Proxy can be used as Kubernetes Gateway API and Orion Proxy is passing basic conformance tests. See [Kubvernor documentation](https://github.com/kubvernor/kubvernor/blob/main/conformance/GATEWAY_API_CONFORMANCE.md) on how to run conformance tests with Orion Proxy.
46
+
**Kubernetes Gateway for Inference Flows** - Orion Proxy can also be used to route Inference Flows and it is passing Gateway API Inference Extension conformance tests. See [Kubvernor documentation](https://github.com/kubvernor/kubvernor/blob/main/conformance/GATEWAY_API_INFERENCE_EXTENSION_CONFORMANCE.md) on how to run inference extension conformance tests with Orion Proxy.
41
47
42
48
## Architecture
43
49
44
50
Orion Proxy is designed as a high-performance L7 proxy compatible with Envoy's xDS API while delivering superior performance through Rust's zero-cost abstractions and memory safety guarantees.
Orion Proxy has been built on a share-nothing principle. In the default configuration, Orion Proxy tries to create and pin one instance of Tokio Runtime per CPU/Thread, so the spawned tasks and actions are always executed in the local context minimizing cross CPU communication.
53
+
Other modes are available through configuration settings.
@@ -64,8 +73,6 @@ Orion Proxy is designed as a high-performance L7 proxy compatible with Envoy's x
64
73
-**Memory Safety**: Eliminates entire classes of bugs (use-after-free, data races) through Rust's type system
65
74
-**Envoy Compatibility**: Direct protobuf compatibility with Envoy xDS APIs for seamless integration with Istio and other control planes
66
75
67
-
## Quick Start
68
-
69
76
### Building
70
77
71
78
```console
@@ -76,6 +83,12 @@ git submodule update --force
76
83
cargo build
77
84
```
78
85
86
+
### Kubernetes Integration
87
+
A great use case for Orion Proxy is to use Orion Proxy as Gateway API Service in Kubernetes environments.
88
+
89
+
Orion Proxy can be used as Kubernetes Gateway API and Orion Proxy is passing basic conformance tests. See [Kubvernor documentation](https://github.com/kubvernor/kubvernor/blob/main/conformance/GATEWAY_API_CONFORMANCE.md) on how to run conformance tests with Orion Proxy.
90
+
91
+
79
92
### Running
80
93
81
94
```console
@@ -99,24 +112,15 @@ curl -v http://localhost:8000/direct-response # Should return HTTP 200 with "meo
99
112
100
113
For detailed Docker configuration options, see [docker/README.md](docker/README.md).
101
114
102
-
## CPU/Thread Limit Configuration
115
+
## Orion Configuration
103
116
104
-
Orion can be configured to use a specific number of CPU cores/threads by setting the `ORION_CPU_LIMIT` environment variable. This is especially useful in containerized environments where access to `/sys/fs` may be restricted.
117
+
Orion has two levels of configuration options.
105
118
106
-
### Kubernetes Example (Downward API)
119
+
**Runtime configuration** allows controlling how Orion uses the CPUs of the operating system. Orion exposes tuning parameters allowing fine-tuning how Orion's worker threads are pinned to CPUs/Threads.
107
120
108
-
Add the following to your container spec to set `ORION_CPU_LIMIT` to the container's CPU limit:
121
+
**Bootstrap configuration** is the same as for Envoy bootstrap configuration.
109
122
110
-
```yaml
111
-
env:
112
-
- name: ORION_CPU_LIMIT
113
-
valueFrom:
114
-
resourceFieldRef:
115
-
resource: limits.cpu
116
-
divisor: "1"
117
-
```
118
-
119
-
Orion will automatically use this value to determine the number of threads/cores.
123
+
See [example config file](orion-proxy/conf/orion-runtime.yaml) for more details.
120
124
121
125
## Testing with Backend Servers
122
126
@@ -167,4 +171,5 @@ For detailed information, see [examples/tlv-filter-demo/README.md](examples/tlv-
167
171
168
172
Orion Proxy is licensed under the [Apache License, Version 2.0](./LICENSE).
0 commit comments