An API Gateway can do sophisticated edge security challenges (OIDC, Authz based on OPA, web app firewalling/WAF, etc) as well as things like message transformation, swagger/grpc detection, exposing APIs for self-service signup through a portal, etc. Gloo does all these things.
I've written in depth about this as well, specifically in terms of things like contour, Istio ingress gateway, consul's service mesh gateway, etc, etc
Thanks for the detailed response. In that regard, it is like Kong. What is the difference between Kong vs Gloo? Kong is based on nginx which is rock solid.
I'd say the main reason to use Gloo is it's much simpler, it's based on Envoy which is where most of the innovation around L7 proxies is happening these days (ie, see WebAssembly), and was built from the ground up with a cloud-native and kube-native architecture.
Can Contour actually do the same? For me, the main benefit of an API gateway is being able to specify an internal service to handle authn/authz. With Envoy that's done via a filter, iirc. Can you set that Envoy specific config with Contour?
Disclaimer: I work for Solo.io
An API Gateway can do sophisticated edge security challenges (OIDC, Authz based on OPA, web app firewalling/WAF, etc) as well as things like message transformation, swagger/grpc detection, exposing APIs for self-service signup through a portal, etc. Gloo does all these things.
I've written in depth about this as well, specifically in terms of things like contour, Istio ingress gateway, consul's service mesh gateway, etc, etc
https://blog.christianposta.com/microservices/do-i-need-an-a...
Gloo resources: https://docs.solo.io/gloo/latest/guides/dev_portal/ https://docs.solo.io/gloo/latest/guides/security/waf/ https://docs.solo.io/gloo/latest/guides/security/auth/oauth/... https://docs.solo.io/gloo/latest/guides/security/opa/ https://docs.solo.io/gloo/latest/installation/advanced_confi... https://docs.solo.io/gloo/latest/guides/traffic_management/r...