Add Security blog post on kgateway and Istio integration for Egressin… by AryanParashar24 · Pull Request #453 · kgateway-dev/kgateway.dev

AryanParashar24 · 2025-10-21T17:40:20Z

Description

This pull request adds a new Security blog post introducing the integration of kgateway with Istio Ambient Mesh, focusing on managing egress traffic and the benefits of a sidecar-less data plane. The post outlines the architecture, advantages, and policy management capabilities of kgateway within Istio's ambient mesh environment.

Change Logs

New blog post on Istio Ambient Mesh and kgateway:

Added content/blog/egress-traffic-with-kgateway-and-Istio-integration.md with an overview of Ambient Mesh, its separation of L4 and L7 layers, and how kgateway integrates as a pluggable waypoint for Istio.
Described the benefits of Ambient Mesh for reducing computational overhead and improving security and resource usage, as well as the unique features of kgateway such as shared observability and unified configuration.
Included sections for future elaboration on Istio authorization policies, external authorization management, CEL-based RBAC policies, and a demo to show Traffic.

Summary

This blog post discusses the integration of kgateway with Istio, highlighting its benefits, features, and how it manages egress traffic effectively. It covers the differences between Layer 4 and Layer 7 authorization policies and provides insights into the advantages of using kgateway in various scenarios.

…g Traffic This blog post discusses the integration of kgateway with Istio, highlighting its benefits, features, and how it manages egress traffic effectively. It covers the differences between Layer 4 and Layer 7 authorization policies and provides insights into the advantages of using kgateway in various scenarios. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Updated the blog post to including corrections to headings and added configs for all the resources. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md

Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md

…moved unnecessary curly braces. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md

Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

…figuration for kGateway Updated the configuration for egress traffic management with kGateway and Istio integration. Changes include adjustments to service and gateway definitions, as well as enhancements to the external authorization setup using Kyverno with Istio. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

… TrafficPolicy Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Updated the egress traffic documentation to reflect changes in the configuration and improved clarity on the use of kGateway and Kyverno for external authorization. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md

Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Added testing instructions for client and resiliency checks for kGateway integration with Istio. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Added a demo section with a YouTube link to the blog post. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md

Nadine2016 · 2025-11-07T20:13:11Z

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md

+[Demo](https://youtu.be/5PegECeu0v0)
+
+
+{{< youtube 5PegECeu0v0 >}}


not sure if we typically mention other relevant blogs that people can explore??

I think we can upload the video to the kgateway youtube! @linsun do you have permissions for the youtube account?

…n.md Co-authored-by: Nadine Spies <nadinekipsch@onlinehome.de> Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Co-authored-by: Nadine Spies <nadinekipsch@onlinehome.de> Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

…n.md Co-authored-by: Nadine Spies <nadinekipsch@onlinehome.de> Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

…d point and an output with our container's IP Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

…on plane of Kyverno. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Explain the advantages of using ServiceEntry over kgateway Backend for egress traffic management. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

Added my Mentorship experience as well with the blog. If it cant go along then can revert back to previous commit! Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

npolshakova mentioned this pull request Oct 22, 2025

kgateway ecosystem integrations #327

Open

Added config to Security Blog

4a7024d

Updated the blog post to including corrections to headings and added configs for all the resources. Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

npolshakova reviewed Oct 23, 2025

View reviewed changes

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md Outdated Show resolved Hide resolved

npolshakova reviewed Oct 23, 2025

View reviewed changes

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md Outdated Show resolved Hide resolved

npolshakova reviewed Oct 23, 2025

View reviewed changes

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md Outdated Show resolved Hide resolved

npolshakova reviewed Oct 23, 2025

View reviewed changes

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md Outdated Show resolved Hide resolved

corrected config errors

1b6736d

Signed-off-by: Aryan Parashar <aryanparashar24@gmail.com>

npolshakova reviewed Oct 27, 2025

View reviewed changes

content/blog/egress-traffic-with-kgateway-and-Istio-integration.md Show resolved Hide resolved