Huabing Blog

在 Ambient Mesh 中使用 Envoy Gateway 扩展 Redis 集群

本文介绍如何在 Istio Ambient Mesh 中,通过 Envoy Gateway 实现对 Redis 集群 的透明接入与智能路由,为无 Sidecar 模式下的有状态服务提供高效、可扩展的解决方案。

Posted by Kailun Wang、Yangyang Zhao、Huabing Zhao on Thursday, November 6, 2025

Envoy AI Gateway 现已支持 Model Context Protocol

我们很高兴地宣布,Envoy AI Gateway 的下一个版本将正式支持 [Model Context Protocol](https://modelcontextprotocol.io/)(简称 MCP),让 Envoy AI Gateway(EAIGW)成为 AI 流量的通用入口。

Posted by nacx, mathetake on Monday, October 6, 2025

Bringing Full L7 Power to Istio Ambient Mesh with Envoy Gateway

Use Envoy Gateway as the Unified Ingress Gateway and Waypoint Proxy for Ambient Mesh

In this article, we’ll look at how you can use Envoy Gateway, an Envoy project open source solution, together with Istio when running in Ambient mode. This will allow you to easily leverage the power of Envoy’s L7 capabilities for Ingress traffic and east-west traffic in your mesh with easy-to-use CRDs.

Posted by Huabing Zhao & Ric Hincapie on Thursday, July 24, 2025

Envoy Gateway Policies: Unlocking the Full Power of Envoy Proxy for API Gateways

KubeCon Japan 2025

This presentation will delve into Envoy Gateway's API extensions: ClientTrafficPolicy, BackendTrafficPolicy, SecurityPolicy, and EnvoyExtensionPolicy. We'll explore their practical applications in managing and securing edge traffic, showcasing advanced features like JWT authorization, rate limiting, OIDC integration, external processing, and WASM plugins.

Slides YouTube

Istio Ambient 模式流量管理实现机制详解(一)

HBONE 隧道原理

Istio ambient 模式采用了被称为 HBONE 的 方式来连接 ztunnel 和 waypoint proxy。HBONE 是 HTTP-Based Overlay Network Environment 的缩写。虽然是一个新的名词,但其实 HBONE 并不是 Istio 创建出来的一个新协议,而只是利用了 HTTP 协议标准提供的隧道能力。简单地说,ambient 模式采用了 HTTP 的 CONNECT 方法 在 ztunnel 和 waypoint proxy 创建了一个隧道,通过该隧道来传输数据。本文将分析 HBONE 的实现机制和原理。

Posted by 赵化冰 on Monday, May 26, 2025

Fixing High CPU Usage in VS Code

A small shell script to limit CPU usage of node processes in VS Code remote server.

Posted by Huabing Zhao on Friday, May 16, 2025

Envoy Gateway Architecture Diagrams

I put together these diagrams to get a clearer picture of the Envoy Gateway's architecture. If you’re trying to understand how Envoy Gateway works under the hood, you might find them useful too.

Posted by     "赵化冰" on Monday, May 12, 2025

Envoy Gateway OIDC Authentication & Authorization Demo

In this demo, I’ll walk you through how to use Envoy Gateway’s SecurityPolicy to enforce OIDC authentication and authorization, using Amazon Cognito as the identity provider.

YouTube GitHub

Securing the Gateway: A Deep Dive into Envoy Gateway's Advanced Security Policy

KubeCon Europe 2025

Envoy Gateway's Security Policy simplifies access to Envoy's robust security features, eliminating the need for users to navigate complex Envoy configurations. These features include CORS, JWT authentication, Basic Auth, OpenID Connect (OIDC), External Authentication (Ext Auth), and more. This session includes a demo showcasing OIDC authentication and authorization based on JWT claims, offering practical insights for enhancing application security—whether you're an experienced Envoy user or new to open source.

Slides YouTube

Envoy Gateway v 1.2.0 版本发布:新功能与改进介绍

Envoy Gateway(本文中简称 EG)在 11 月 6 日发布了最新的 1.2 版本。该版本带来了一系列激动人心的新特性和改进,本文将为您一一介绍。

Posted by Huabing Blog on Tuesday, November 5, 2024

avatar

CNCF Ambassador, engineer @tetrate.io, creator @Aeraki Mesh, open-source enthusiast, technical writer and life adventurer

QUICK LINKS
FEATURED TAGS
aeraki aeraki mesh ambient mesh api gateway bitcoin blockchain cryptocurrency dubbo envoy envoy gateway istio kubecon kubernetes metaprotocol microservice onap service mesh
PUBLICATIONS
avatar avatar avatar