Debugging Envoy Tunnels: A Deep Dive - Carlos Sanchez & Alexandra Stoica, Adobe
Carlos Sanchez, Alexandra Stoica, Adobe
KubeCon + CloudNativeCon Europe 2025 · Session
In the increasingly complex landscape of cloud-native applications, **Envoy Proxy** has emerged as a cornerstone for managing service-to-service communication, load balancing, and edge routing. However, as with any powerful distributed system component, debugging issues within Envoy-powered architectures, especially those leveraging **mTLS (mutual Transport Layer Security)**, can be a formidable challenge. This talk, "Debugging Envoy Tunnels: A Deep Dive," by Carlos Sanchez and Alexandra Stoica from Adobe, provides invaluable insights into common pitfalls encountered when operating Envoy in production and, critically, how to diagnose and resolve them effectively.
AI review
This talk from Adobe's SRE team provides a much-needed deep dive into debugging Envoy mTLS issues, drawing directly from real-world production challenges. It cuts through the typical cloud-native hype to deliver concrete, actionable debugging strategies using specific Envoy log components, `openssl`, and metrics. The demo-driven approach, tackling common failure modes like certificate expiry, CA mismatches, and connection overloads, makes this highly valuable for anyone running Envoy at scale. It's a pragmatic, no-nonsense guide that will save engineers countless hours.