Update README.md

2026-03-09 19:20:51 +08:00 · 2022-11-03 23:22:59 +08:00
parent 4bf2b99d93
commit 25d33d79b3
1 changed files with 54 additions and 37 deletions
--- a/README.md
+++ b/README.md
@@ -8,53 +8,68 @@
   English | <a href="README-CN.md">中文<a/>
 </p>

-Higress is a next-generation cloud-native gateway based on Alibaba's internal gateway practices. 
-
-Powered by [Istio](https://github.com/istio/istio) and [Envoy](https://github.com/envoyproxy/envoy), Higress realizes the integration of the triple gateway architecture of traffic gateway, microservice gateway and security gateway, thereby greatly reducing the costs of deployment, operation and maintenance.
+Higress 是基于阿里内部两年多的 Envoy Gateway 实践沉淀，以开源 [Istio](https://github.com/istio/istio) 与 [Envoy](https://github.com/envoyproxy/envoy) 为核心构建的下一代云原生网关。Higress 实现了安全防护网关、流量网关、微服务网关三层网关合一，从而显著降低了网关的部署和运维成本。

 <BR><center><img src="https://img.alicdn.com/imgextra/i4/O1CN01dqXHDi27RhjAtZyNp_!!6000000007794-0-tps-1794-1446.jpg" alt="Higress Architecture"></center>


 ## Summary

- [**Use Cases**](#use-cases)
- [**Higress Features**](#higress-features)
+- [**使用场景**](#使用场景)
+- [**核心优势**](#核心优势)
 - [**Quick Start**](#quick-start)

-## Use Cases
+## 使用场景

- **Kubernetes ingress controller**: 
+- **Kubernetes Ingress 网关**: 

-  Higress can function as a feature-rich ingress controller, which is compatible with many annotations of K8s' nginx ingress controller.
+  Higress 可以作为 K8s 集群的 Ingress 入口网关, 并且兼容了大量 K8s Nginx Ingress 的注解，可以从 K8s Nginx Ingress 快速平滑迁移到 Higress。
  
-  [Gateway API](https://gateway-api.sigs.k8s.io/) support is in progress and will support smooth migration from Ingress API to Gateway API.
+  [Gateway API](https://gateway-api.sigs.k8s.io/) 标准的支持正在开发中，将会支持用户从 Ingress API 平滑迁移到 Gateway API。
  
- **Microservice gateway**: 
+- **微服务网关**: 

-  Higress can function as a microservice gateway, which can discovery microservices from various service registries, such as Nacos, ZooKeeper, Consul, etc.
+  Higress 可以作为微服务网关, 能够对接多种类型的注册中心发现服务配置路由，例如 Nacos, ZooKeeper, Consul 等。
  
-  It deeply integrates of [Dubbo](https://github.com/apache/dubbo), [Nacos](https://github.com/alibaba/nacos), [Sentinel](https://github.com/alibaba/Sentinel) and other microservice technology stacks.
+  并且深度集成了 [Dubbo](https://github.com/apache/dubbo), [Nacos](https://github.com/alibaba/nacos), [Sentinel](https://github.com/alibaba/Sentinel) 等微服务技术栈，基于 Envoy C++ 网关内核的出色性能，相比传统 Java 类微服务网关，可以显著降低资源使用率，减少成本。
  
- **Security gateway**:
+- **安全防护网关**:

-  Higress can be used as a security gateway, supporting WAF and various authentication strategies, such as key-auth, hmac-auth, jwt-auth, basic-auth, oidc, etc.  
+  Higress 可以作为安全防护网关， 提供 WAF 的能力，并且支持多种认证鉴权策略，例如 key-auth, hmac-auth, jwt-auth, basic-auth, oidc 等。  
  

-## Higress Features
+## 核心优势

-   （TODO）
+- **兼容并蓄**
  
+  兼容 Nginx Ingress Annotation 80%+ 的使用场景，且提供功能更丰富的注解，简单一步轻松搞定 Nginx Ingress迁移；
+  
+  支持 Nacos/Zookeeper 等多种注册中心，可以不依赖 K8s Service 进行服务发现，支持传统非容器架构业务平滑过渡到云原生架构
+
+- **生产等级**
+
+  脱胎于历经阿里巴巴2年多生产验证的内部产品，支持每秒请求量达数十万级的大规模场景，具备企业级 SLA 的开源产品
+
+- **动态热更新**
+  
+  彻底摆脱 reload 引起的流量抖动，配置变更毫秒级生效且业务无感，Wasm 插件热更新且流量无损
+  
+- **便于扩展**
+  
+  提供 Wasm、Lua、进程外三种插件扩展机制，让多语言编写插件不再成为障碍，插件生效粒度既支持全局级、域名级，也支持细粒度的路由级
+
+
 ## Quick Start
- [**Local Environment**](#local-environment)
- [**Production Environment**](#production-environment)
+- [**本地环境**](#本地环境)
+- [**生产环境**](#生产环境)


-### Local Environment
+### 本地环境


-#### step 1. install kubectl & kind
+#### 第一步、 安装 kubectl & kind

-**On MacOS**
+**MacOS：**
 ```bash
 curl -Lo ./kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/darwin/amd64/kubectl
 # for Intel Macs
@@ -65,7 +80,7 @@ chmod +x ./kind ./kubectl
 mv ./kind ./kubectl /some-dir-in-your-PATH/
 ```

-**On Windows in PowerShell:**
+**Windows 中使用 PowerShell:**
 ```bash
 curl.exe -Lo kubectl.exe https://storage.googleapis.com/kubernetes-release/release/$(curl.exe -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/windows/amd64/kubectl.exe
 curl.exe -Lo kind-windows-amd64.exe https://kind.sigs.k8s.io/dl/v0.17.0/kind-windows-amd64
@@ -73,7 +88,7 @@ Move-Item .\kind-windows-amd64.exe c:\some-dir-in-your-PATH\kind.exe
 Move-Item .\kubectl.exe c:\some-dir-in-your-PATH\kubectl.exe
 ```

-**On Linux:**
+**Linux:**
 ```bash
 curl -Lo ./kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
 curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.17.0/kind-linux-amd64
@@ -81,9 +96,9 @@ chmod +x ./kind ./kubectl
 sudo mv ./kind ./kubectl /usr/local/bin/kind
 ```

-#### step 2. create kind cluster
+#### 第二步、 创建并启用 kind 

-create a cluster config file: `cluster.conf`
+首先创建一个集群配置文件: `cluster.conf`

 ```yaml
 # cluster.conf
@@ -105,31 +120,31 @@ nodes:
    hostPort: 443
    protocol: TCP
 ```
-Mac & Linux:
+Mac & Linux 系统执行:
 ```bash
 kind create cluster --name higress --config=cluster.conf
 kubectl cluster-info --context higress
 ```
-Windows:
+Windows 系统执行:
 ```bash
 kind.exe create cluster --name higress --config=cluster.conf
 kubectl.exe cluster-info --context higress
 ```

-#### step 3. install istio & higress
+#### 第三步、 安装 istio & higress

 ```bash
 helm install istio -n istio-system oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/charts/istio-local
 helm install higress -n higress-system oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/charts/higress-local
 ```

-#### step 4. create the ingress and test it!
+#### 第四步、 创建 Ingress 资源并测试

 ```bash
 kubectl apply -f https://kind.sigs.k8s.io/examples/ingress/usage.yaml
 ```

-Now verify that the ingress works
+测试 Ingress 生效：

 ```bash
 # should output "foo"
@@ -139,30 +154,30 @@ curl localhost/bar
 ```


-### Production Environment
+### 生产环境

-#### step 1. install istio
+#### 第一步、 安装 istio

-select higress istio: 
+可以选择安装 higress 发行的 istio 版本: 
 ```bash
 kubectl create ns istio-system
 helm install istio -n istio-system oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/charts/istio
 ```

-or select official istio (lose some abilities, such as using annotation to limit request rate):
+或者选择安装官方 istio 版本 (将失去部分能力，例如通过 Ingress 注解实现限流的功能):
    
 https://istio.io/latest/docs/setup/install

-#### step 2. install higress
+#### 第二步、 安装 higress

 ```bash
 kubectl create ns higress-system
 helm install higress -n higress-system oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/charts/higress 
 ```

-#### step 3. create the ingress and test it!
+#### 第三步、 创建 Ingress 资源并测试

-for example there is a service `test` in default namespace.
+假设在 default 命名空间下已经部署了一个 test service，服务端口为 80 ，则创建下面这个 K8s Ingress
    
 ```yaml
 apiVersion: networking.k8s.io/v1
@@ -182,6 +197,8 @@ spec:
            port:
              number: 80  
 ```
+
+测试能访问到该服务：
    
 ```bash
 curl "$(k get svc -n higress-system higress-gateway -o jsonpath='{.status.loadBalancer.ingress[0].ip}')"/foo -H 'host: foo.bar.com'