3Scale - Envoy proxy authorization cache

3Scale’s API Management service allows us to manage APIs with features like authorize, rate-limit, and monetize, etc.In this project, we are going to implement an in-proxy cache as an Envoy filter extension to add necessary smarts to avoid calling SM API for each request requiring authorization. The target benchmark to beat would be “1 auth and rep (using authrep.xml endpoint)” per request. The filter will be written in Rust and then later “translated” into WASM code packaged as WASM Module which is loaded on WASM VMs spun up by a runtime (V8, WAVM, or Wasmtime) embedded inside the Envoy. Many advantages come with using the WASM module instead of the native C++ extension like dynamically loading the filter extension, abstraction from the underlying CPU and programming language used, and being safe from crashing the proxy when a developer makes a mistake. Even though the module is sandboxed, it has the capability for I/O as described in the ABI Specification which empowers us with access to shared data storage (key-value based) and a message queue used in this project.