Nginx vs Envoy: Which Proxy to Self-Host?
Quick Verdict
Nginx is the right choice for self-hosting. It’s a proven web server and reverse proxy with simple configuration, static file serving, and decades of community knowledge. Envoy is a cloud-native service proxy designed for microservice architectures and service meshes — its complexity is unjustified for self-hosting setups.
Overview
Nginx is the world’s most popular web server, also serving as a reverse proxy, load balancer, and HTTP cache. It powers roughly a third of the internet. Current version: 1.28.2.
Envoy is a high-performance L7 proxy designed for cloud-native architectures, originally built at Lyft. It’s the data plane for service meshes like Istio. Current version: v1.37.0.
Feature Comparison
| Feature | Nginx 1.28 | Envoy v1.37 |
|---|---|---|
| Web server | Yes | No |
| Static file serving | Excellent | No |
| Config format | nginx.conf (familiar) | Typed YAML (verbose) |
| SSL termination | Yes | Yes |
| Automatic HTTPS | No (needs Certbot) | No (needs SDS) |
| gRPC proxying | Basic | Native first-class |
| Circuit breaking | No | Yes |
| Distributed tracing | No | Yes |
| xDS dynamic config | No | Yes |
| WebAssembly extensions | No | Yes |
| Load balancing | 3 algorithms | 12+ algorithms |
| HTTP/3 | Yes (1.25+) | Yes |
| Modules | Dynamic/compiled | Filter chains |
| Learning curve | Moderate | Very steep |
| RAM usage | ~5-10 MB | ~30-50 MB |
| Written in | C | C++ |
Use Cases
Choose Nginx If…
- You need a web server and reverse proxy
- You’re serving static files
- You want familiar, widely-documented configuration
- You need Nginx-specific modules (njs, Lua, RTMP)
- You’re following self-hosting tutorials (most use Nginx)
- You want minimal resource usage
Choose Envoy If…
- You’re running Kubernetes with a service mesh
- You need native gRPC load balancing
- You need circuit breaking and distributed tracing
- You need xDS dynamic configuration
- You’re building cloud-native microservice infrastructure
Final Verdict
Nginx for self-hosting, Envoy for cloud-native infrastructure. Nginx is simpler, lighter, doubles as a web server, and has vastly more self-hosting community resources. Envoy’s features target problems (service mesh routing, gRPC load balancing, distributed tracing) that don’t exist in typical self-hosting setups.
For self-hosters who want even less complexity than raw Nginx, use Nginx Proxy Manager (GUI), Caddy (automatic HTTPS), or Traefik (Docker auto-discovery).
Frequently Asked Questions
Is Envoy faster than Nginx?
For proxying, Envoy has slightly lower latency. For serving static files, Nginx wins (Envoy can’t serve static files). For self-hosting loads, the difference is imperceptible.
Can Nginx replace Envoy in a service mesh?
Not directly. Service meshes (Istio, Consul Connect) use Envoy’s xDS API for dynamic configuration. Nginx doesn’t implement this protocol. There’s an Nginx-based alternative (NGINX Service Mesh), but it’s less mature.
Which has better documentation for self-hosting?
Nginx by a wide margin. Decades of community content, tutorials for every self-hosted app, and active forums. Envoy’s documentation targets infrastructure engineers working with Kubernetes.
Related
Get self-hosting tips in your inbox
New guides, comparisons, and setup tutorials — delivered weekly. No spam.