kuma - The Universal Service Mesh

  •        232

Kuma is a platform agnostic open-source control plane for Service Mesh and Microservices. It can run and be operated natively across both Kubernetes and VM environments, making it easy to adopt by every team in the organization. Bundling Envoy as a data-plane, Kuma can instrument any L4/L7 traffic to secure, observe, route and enhance connectivity between any service or database. It can be used natively in Kubernetes via CRDs or via a RESTful API across other environments like VMs and Bare Metal.

Modern applications will inevitably make requests over a network to communicate to other services, like databases, caches or microservices. But - as we all know - the network is by default unreliable and unsecure, and can introduce significant challenges to any modern environment like security, tracing and routing among the others.

Kuma is a better way to build L4/L7 connectivity among your services and applications (Service Mesh) by reducing the code that application teams have to write, enabling to ship products faster and improve the reliability and security of the overall architecture with minimal effort.

https://kuma.io/
https://github.com/Kong/kuma

Tags
Implementation
License
Platform

   




Related Projects

Kong - The Microservice API Gateway

  •    Lua

Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015. Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations.

sofa-mosn - SOFAMosn is a modular observable smart network which can be used in service mesh deployed as a data plane sidecar

  •    Go

MOSN, the short name of Modular Observable Smart Network, is a powerful proxy acting as Service Mesh's data plane like Envoy but written in golang. MOSN supports Envoy and Istio's APIs and can be integrated with Istio, and we use MOSN instead of Envoy in SOFAMesh. The initial version of MOSN was jointly contributed by Ant Financial and UC Business Unit of Alibaba, and we look forward to the community to participate in the follow-up development and build an open source boutique project together. Thanks to Google, IBM, Lyft for creating the Envoy and Istio system, so that MOSN has a very good reference and we can quickly land our own ideas.

easemesh - A service mesh implementation for connecting, control, and observe services in spring-cloud

  •    Go

EaseMesh is a service mesh that is compatible with the Spring Cloud ecosystem. It is based on Easegress for the sidecar of service management and EaseAgent for the monitor of service observing. Service mesh compatible with Spring Cloud ecosystem: Micro-service in Spring Cloud ecosystem has its own service registry/discovery components. It is quite different from Kubernetes ecosystem using DNS for service discovery. The major Service Mesh solution (e.g. Istio) using the Kubernetes domain technology. It is painful and conflicted with Java Spring Cloud ecosystem. EaseMesh aims to make Service Mesh compatible with Java Spring Cloud completely.

Envoy - C++ front/service proxy

  •    C++

As on the ground microservice practitioners quickly realize, the majority of operational problems that arise when moving to a distributed architecture are ultimately grounded in two areas: networking and observability. It is simply an orders of magnitude larger problem to network and debug a set of intertwined distributed services versus a single monolithic application.

mesh - Traefik Mesh - Simpler Service Mesh

  •    Go

Traefik Mesh is a simple, yet full-featured service mesh. It is container-native and fits as your de-facto service mesh in your Kubernetes cluster. It supports the latest Service Mesh Interface specification SMI that facilitates integration with pre-existing solution. Moreover, Traefik Mesh is opt-in by default, which means that your existing services are unaffected until you decide to add them to the mesh. Traefik Mesh does not use any sidecar container but handles routing through proxy endpoints running on each node. The mesh controller runs in a dedicated pod and handles all the configuration parsing and deployment to the proxy nodes. Traefik Mesh supports multiple configuration options: annotations on user service objects, and SMI objects. Not using sidecars means that Traefik Mesh does not modify your Kubernetes objects, and does not modify your traffic without your knowledge. Using the Traefik Mesh endpoints is all that is required.


maesh - Simpler Service Mesh

  •    Go

Maesh is a simple, yet full-featured service mesh.. It is container-native and fits as your de-facto service mesh in your Kubernetes cluster. It supports the latest Service Mesh Interface specification SMI that facilitates integration with pre-existing solution. Moreover, Maesh is opt-in by default, which means that your existing services are unaffected until you decide to add them to the mesh. Maesh does not use any sidecar container but handles routing through proxy endpoints running on each node. The mesh controller runs in a dedicated pod and handles all the configuration parsing and deployment to the proxy nodes. Maesh supports multiple configuration options: annotations on user service objects, and SMI objects. Not using sidecars means that Maesh does not modify your kubernetes objects, and does not modify your traffic without your knowledge. Using the Maesh endpoints is all that is required.

Meshery - The service mesh management plane

  •    Go

Meshery is the multi-service mesh management plane offering lifecycle, configuration, and performance management of service meshes and their workloads. Meshery manages the provisioning, configuration and operation your service mesh. While supporting different types of service meshes, Meshery also offers a simple way to explore each service mesh and compare them using bundled sample applications.

ambassador - open source Kubernetes-native API gateway for microservices built on the Envoy Proxy

  •    Python

Ambassador is an open source Kubernetes-native API Gateway built on Envoy, designed for microservices. Ambassador essentially serves as an Envoy ingress controller, but with many more features. Ambassador deploys the Envoy Proxy for L7 traffic management. Configuration of Ambassador is via Kubernetes annotations. Ambassador relies on Kubernetes for scaling and resilience. For more on Ambassador's architecture and motivation, read this blog post.

Meshery - The service mesh management plane

  •    Javascript

Meshery is the multi-service mesh management plane offering lifecycle, configuration and performance management of service meshes and their workloads. Meshery manages the provisioning, configuration and operation your service mesh. While supporting different types of service meshes, Meshery also offers a simple way to explore each service mesh and compare them using bundled sample applications. Interoperate multiple service meshes with service mesh adapters provision, configure, and manage their respective service meshes.

linkerd - Resilient service mesh for cloud native apps

  •    Scala

Linkerd is a transparent service mesh, designed to make modern applications safe and sane by transparently adding service discovery, load balancing, failure handling, instrumentation, and routing to all inter-service communication.linkerd (pronouned "linker-DEE") acts as a transparent HTTP/gRPC/thrift/etc proxy, and can usually be dropped into existing applications with a minimum of configuration, regardless of what language they're written in. It works with many common protocols and service discovery backends, including scheduled environments like Mesos and Kubernetes.

Gloo - The Function Gateway built on top of Envoy

  •    Go

Gloo is a feature-rich, Kubernetes-native ingress controller, and next-generation API gateway. Gloo is exceptional in its function-level routing; its support for legacy apps, microservices and serverless; its discovery capabilities; its numerous features; and its tight integration with leading open-source projects. Gloo is uniquely designed to support hybrid applications, in which multiple technologies, architectures, protocols, and clouds can coexist.

curiefense - Curiefense is a unified, open source platform protecting cloud native applications.

  •    TypeScript

Curiefense is a new application security platform, which protects sites, services, and APIs. It extends Envoy proxy to defend against a variety of threats, including SQL and command injection, cross site scripting (XSS), account takeovers (ATOs), application-layer DDoS, remote file inclusion (RFI), API abuse, and more. There are many ways to get involved with Curiefense.

rainbond - Serverless PaaS , A new generation of easy-to-use cloud management platforms based on kubernetes

  •    Go

Rainbond is an application-centric Platform as a Service, with innovative concept and complete ecological comes from continuous verification and optimization. By integrating best practices of Kubernetes based containers management, Service Mesh microservice architecture, CI/CD and multiple data center resource management, Rainbond provides full life-cycle management of cloud native applications, connects application and infrastructure, application and application, infrastructure and infrastructure.

kubernetes-vagrant-centos-cluster - Setting up a distributed Kubernetes cluster along with Istio service mesh locally with Vagrant and VirtualBox

  •    Shell

Setting up a Kubernetes cluster and istio service mesh with vagrantfile which consists of 1 master(also as node) and 3 nodes. You don't have to create complicated CA files or configuration. Because I want to setup the etcd, apiserver, controller and scheduler without docker container.

Skywalking - APM, Application Performance Monitoring System

  •    Java

SkyWalking is an APM (application performance monitor) system, especially designed for microservices, cloud native and container-based (Docker, Kubernetes, Mesos) architectures. SkyWalking is an open source APM system, including monitoring, tracing, diagnosing capabilities for distributed system in Cloud Native architecture. It supports to collect telemetry (metrics, traces, and logs) data from multiple sources and multiple formats.

Istio - An open platform to connect, manage, and secure microservices

  •    Go

An open platform to connect, manage, and secure microservices. Istio is an open platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Istio's control plane provides an abstraction layer over the underlying cluster management platform, such as Kubernetes, Mesos, etc.

linkerd2 - Ultralight service mesh for Kubernetes

  •    Go

Linkerd2 is an ultralight service mesh, designed to make modern applications safe and sane by transparently adding service discovery, load balancing, failure handling, instrumentation, and routing to all inter-service communication. Linkerd2 (pronouned "linker-DEE-two") acts as a transparent HTTP/gRPC/thrift/tcp/etc proxy, and can be deployed alongside existing applications regardless of what language they're written in. It works with many common protocols and utilizes Kubernetes as a backend for service discovery.

coolstore-microservices - :ferris_wheel: :sailboat: :ship: A containerized polyglot service mesh based on

  •    CSharp

The structure of README is inspired from GoogleCloudPlatform Demo. CoolStore is a containerised polyglot microservices application consisting of services based on .NET Core, NodeJS and more running on Service Mesh.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.