Huabing (Robin) Zhao
Engineer, Tetrate
Actions
Huabing (Robin) Zhao is a software engineer at Tetrate and a CNCF ambassador. He has developed a managed service mesh product on the cloud and assisted a lot of users in deploying Istio service mesh in production. He also founded Aeraki Mesh, a CNCF sandbox project that facilitates non-HTTP protocol management within Istio service mesh.
https://zhaohuabing.com
Links
Area of Expertise
Beyond the Gateway API: Envoy Gateway's Extensions in Action
Envoy Gateway is revolutionizing edge traffic management for cloud-native applications. It efficiently manages Envoy-based application gateways and extends Kubernetes Gateway API functionalities through custom resource definitions (CRDs). This presentation will delve into Envoy Gateway's API extensions: ClientTrafficPolicy, BackendTrafficPolicy, SecurityPolicy, and EnvoyExtensionPolicy. We'll explore their practical applications in managing and securing edge traffic, showcasing advanced features like JWT authorization, rate limiting, OIDC integration, external processing, and WASM plugins. Attendees will gain hands-on knowledge to implement these cutting-edge capabilities, staying ahead of Gateway API advancements. Join us to learn how Envoy Gateway is shaping the future of cloud-native networking and how you can leverage its power in your infrastructure today.
Gateway API and Beyond: Introducing Envoy Gateway's Gateway API Extensions
Envoy Gateway, a new member of the Envoy project family, efficiently manages Envoy-based application gateways. In strict adherence to the Kubernetes Gateway API, it amplifies its functionalities by leveraging custom resource definitions (CRDs) in areas where the Gateway API hasn't yet ventured. This presentation will delve into the Gateway API extensions of Envoy Gateway, specifically focusing on ClientTrafficPolicy, BackendTrafficPolicy, and SecurityPolicy. We'll explore their practical applications in managing and securing edge traffic for cloud-native applications. Additionally, we'll discuss a strategic approach for potentially integrating these extensions into the formal Gateway API specifications.
Envoy Gateway: The API Gateway in the Cloud Native Era
EnvoyProxy is a proxy in the cloud-native era and one of the graduation projects under CNCF. Envoy Gateway is an API gateway project initiated by Matt Klein, the creator of EnvoyProxy, and jointly maintained by Emissary, Contour and other API gateway projects.
Envoy Gateway, as the official API Gateway project initiated by EnvoyProxy, is the official implementation of EnvoyProxy-based north-south API Gateway, which greatly reduces the threshold to use EnvoyProxy, so that users do not have to repeatedly "build wheels" to EnvoyProxy control plane, and deal with the difficult to understand the complex xDS protocol and the configuration of EnvoyProxy. Envoy Gateway uses the Kubernetes Gateway API as its configuration, which can easily start to manage north-south traffic.
Envoy Gateway is rapidly developing, driven by multiple communities and active contributors. This topic takes you through a comprehensive look at Envoy Gateway and why it is the API gateway for the Cloud-Native era.
Struggling to Manage Non-HTTP Traffic with Istio? Aeraki Mesh to Rescue!
In this session, Huabing Zhao will introduce Aeraki Mesh, a CNCF sandbox project which allows you to manage any layer-7 traffic in a service mesh. Huabing will talk about the reason why we need a non-HTTP service mesh solution, how Aeraki Mesh solves this by working along with other CNCF projects including Istio and Envoy, and dig into Aeraki Mesh's design, architecture, and components. Additionally, our co-speaker from Boss Zhipin will showcase how Aeraki Mesh can be used to manage Dubbo, a popular RPC protocol widely utilized by Chinese web companies.
Aeraki [Air-rah-ki] is the Greek word for 'breeze'. We hope this breeze can help Kubernetes and Istio sail further in the cloud-native adventure. Aeraki Mesh provides the same layer-7 capabilities for those non-HTTP protocols as Istio does for HTTP.
Aeraki Mesh website: https://www.aeraki.net/
How to manage any layer-7 traffic in an Istio service mesh?
Traffic management is probably the most used feature of Istio. However, handling layer-7 traffic other than HTTP and gRPC can become challenging in an Istio service mesh. In this session, I'll discuss a few possible approaches to extend Istio's traffic management capability to other layer-7 protocols such as Dubbo, Thrift, TARS, Redis, MySql, MongoDB, etc. I'll introduce Aeraki, an open-source project that provides a framework to allow Istio to support more layer 7 protocols than just HTTP and gRPC. A demo of Thrift and Dubbo traffic version-based routing and percentage-based routing will also be shown in this session. In the end, l'll discuss some other interesting things we are planning at Aeraki, such as on-demand xDS to the sidecars.
Github: https://github.com/aeraki-framework/aeraki
Live Demo: http://aeraki.zhaohuabing.com:3000/d/pgz7wp-Gz/aeraki-demo?orgId=1&kiosk
Recorded Demo: Dubbo and Thrift Traffic Management https://youtu.be/vrjp-Yg3Leg
Managing Non-HTTP Traffic with Istio Made Easy by Aeraki Mesh!
Did you know that Istio + Aeraki Mesh supported the streaming service of the 2022 Winter Olympic Games? In this session, Huabing Zhao will introduce Aeraki Mesh, a CNCF sandbox project that enables you to manage layer-7 traffic within an Istio service mesh. Huabing will discuss the necessity of a non-HTTP service mesh solution and demonstrate how Aeraki Mesh addresses this issue by collaborating with other CNCF projects like Istio and Envoy. Furthermore, the presentation will delve into the design, architecture, and components of Aeraki Mesh.
Tencent Music’s service mesh practice with Istio and Aeraki(Istio + Aeraki 在腾讯音乐的服务网格落地)
This session will introduce Tencent music's service mesh practice with Istio and Aeraki. Including:
* How to extend Istio with Aeraki to manage the traffic of proprietary protocols
* Deep dive into Aeraki and MetaProtcol Proxy
* How Tencent Music leverage Istio and Aeraki to build a fully functional service mesh, managing both the HTTP and proprietary protocols
本场分享将介绍腾讯音乐使用 Istio + Aeraki 的服务网格落地实践,主要包含下述内容:
* 如何利用 Aeraki 来扩展 Istio 的协议扩展能力
* Aeraki 和 MetaProtocol Proxy 的原理介绍
* 腾讯音乐如何使用 Istio + Aeraki 来构建一个管理 HTTP 和私有协议的全功能服务网格
Aeraki: https://aeraki.net
Github: https://github.com/aeraki-mesh
Tencent Music: https://www.tencentmusic.com
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top