Elchi Documentation
Elchi is an enterprise Envoy management platform: a central control plane with a visual editor for every Envoy resource, plus edge agents that deploy and operate Envoy on your hosts — with GSLB, ACME certificates, WAF, API discovery, and API security built in.
Start here
- Introduction — what Elchi is and how the pieces fit together.
- Architecture — the processes, the edge node, and how every wire connects.
- Quick Start — get the platform running on Kubernetes in four steps.
Install it
Pick the deployment substrate that fits — all bring up the same control plane:
- Helm — on an existing Kubernetes cluster.
- Docker Swarm — one command, container-based, single-node or HA, online or air-gapped.
- Single-Host (kind) — the whole stack on one VM for evaluation.
- Bare-Metal — plain VMs with systemd, no containers.
- Elchi Client — then install the edge agent (+ bundled Shield) next to Envoy.
Configure & operate
- The Dashboard — the landing screen: resource counts, error summary, health at a glance.
- Configuring — the resource model: build, validate, publish. Or generate config with the Scenario wizard.
- Shield — API-security enforcement at the edge (WAF, auth, rate-limit, DLP).
- GSLB, Certificates (ACME), WAF — traffic and protection.
- API Discovery — a live, risk-scored inventory of every API your gateways serve.
- Fleet Operations — manage running Envoy services and connected edge clients.
- Observability — metrics, logs, audit, and jobs.
Administer
- Authentication & Access — projects, RBAC, tokens, LDAP, 2FA.
- Registry & High Availability — scaling the control plane.
- Troubleshooting — when something doesn't work.