linkerd-tcp - A TCP/TLS load balancer for the linkerd service mesh.

  •        20

A TCP load balancer for the linkerd service mesh.We ❤️ pull requests! See for info on contributing changes.



Related Projects

linkerd - Resilient service mesh for cloud native apps

Linkerd is a transparent service mesh, designed to make modern applications safe and sane by transparently adding service discovery, load balancing, failure handling, instrumentation, and routing to all inter-service communication.linkerd (pronouned "linker-DEE") acts as a transparent HTTP/gRPC/thrift/etc proxy, and can usually be dropped into existing applications with a minimum of configuration, regardless of what language they're written in. It works with many common protocols and service discovery backends, including scheduled environments like Mesos and Kubernetes.

Kong - The Microservice API Gateway

Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015. Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations.

HAProxy - The Reliable, High Performance TCP/HTTP Load Balancer

HAProxy is a fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads while needing persistence or Layer7 processing. Supporting tens of thousands of connections is clearly realistic with todays hardware.

ghostunnel - A simple SSL/TLS proxy with mutual authentication for securing non-TLS services

Ghostunnel is a simple TLS proxy with mutual authentication support for securing non-TLS backend applications.Ghostunnel supports two modes, client mode and server mode. Ghostunnel in server mode runs in front of a backend server and accepts TLS-secured connections, which are then proxied to the (insecure) backend. A backend can be a TCP domain/port or a UNIX domain socket. Ghostunnel in client mode accepts (insecure) connections through a TCP or UNIX domain socket and proxies them to a TLS-secured service. In other words, ghostunnel is a replacement for stunnel.

loadbalancer - A sticky load balancer optimized for realtime apps

LoadBalancer.js is a sticky-session TCP load balancer which is optimized to work with realtime frameworks (with support for HTTP long polling fallbacks). It captures raw TCP connections from a specified port and forwards them to various targets (defined as host and port combinations). It chooses the appropriate target based on a hash of the client's IP address.LoadBalancer.js was originally designed to work with SocketCluster ( but it can work equally well with any other realtime framework.

haproxy-aws - Documentation on building a HTTPS stack in AWS with HAProxy

This configuration uses an Elastic Load Balancer in TCP mode, with PROXY protocol enabled. The PROXY protocol adds a string at the beginning of the TCP payload that is passed to the backend. This string contains the IP of the client that connected to the ELB, which allows HAProxy to feed its internal state with this information, and act as if it had a direct TCP connection to the client. First, we need to create an ELB, and enable a TCP listener on port 443 that supports the PROXY protocol. The ELB will not decipher the SSL, but instead pass the entire TCP payload down to Haproxy.

Envoy - C++ front/service proxy

As on the ground microservice practitioners quickly realize, the majority of operational problems that arise when moving to a distributed architecture are ultimately grounded in two areas: networking and observability. It is simply an orders of magnitude larger problem to network and debug a set of intertwined distributed services versus a single monolithic application.

Artica Load-balancer Appliance

Artica Load-Balancer is load balance and fail over appliance for TCP based services. it is usable for HTTP(S), SSH, SMTP, DNS, etc.. This appliance is typically located between network clients and a farm of servers. It designed to dispatches client requests to servers in the farm so that processing load is distributed.

nssocket - An elegant way to define lightweight protocols on-top of TCP/TLS sockets in node.js

Working within node.js it is very easy to write lightweight network protocols that communicate over TCP or TLS. The definition of such protocols often requires repeated (and tedious) parsing of individual TCP/TLS packets into a message header and some JSON body.Although this is not as optimal as other message formats (pure binary, msgpack) most of your applications are probably IO-bound, and not by the computation time needed for serialization / deserialization. When working with NsSocket instances, all events are namespaced under data to avoid collision with other events.

node-ipc - Inter Process Communication Module for node supporting Unix sockets, TCP, TLS, and UDP

a nodejs module for local and remote Inter Process Communication with full support for Linux, Mac and Windows. It also supports all forms of socket communication from low level unix and windows sockets to UDP and secure TLS and TCP sockets. This work is licenced via the DBAD Public Licence.

NSQ - A realtime distributed messaging platform in Go

NSQ is a realtime distributed messaging platform designed to operate at scale, handling billions of messages per day. It promotes distributed and decentralized topologies without single points of failure, enabling fault tolerance and high availability coupled with a reliable message delivery guarantee. It scales horizontally, without any centralized brokers. Built-in discovery simplifies the addition of nodes to the cluster.

Ribbon - IPC library with built in software load balancers

Ribbon is a client side IPC library that is battle-tested in cloud. It provides Load balancing, Fault tolerance, Multiple protocol (HTTP, TCP, UDP), support in an asynchronous and reactive model Caching and batching.

fabio - A fast, modern, zero-conf load balancing HTTP(S) router for deploying microservices managed by consul

fabio is a fast, modern, zero-conf load balancing HTTP(S) and TCP router for deploying applications managed by consul.Register your services in consul, provide a health check and fabio will start routing traffic to them. No configuration required. Deployment, upgrading and refactoring has never been easier. It integrates with Consul, Vault, Amazon ELB, Amazon API Gateway and more.

Secure Socket Funneling - Network tool and toolkit

Secure Socket Funneling (SSF) is a network tool and toolkit. It provides simple and efficient ways to forward data from multiple sockets (TCP or UDP) through a single secure TLS link to a remote computer. SSF also allows dynamic port forwarding with a SOCKS server from the client to the server and from the server to the client.

nssocket - An elegant way to define lightweight protocols on-top of TCP/TLS sockets in node.js

An elegant way to define lightweight protocols on-top of TCP/TLS sockets in node.js

socket - Async, streaming plaintext TCP/IP and secure TLS socket server and client connections for ReactPHP

Async, streaming plaintext TCP/IP and secure TLS socket server and client connections for ReactPHP. The socket library provides re-usable interfaces for a socket-layer server and client based on the EventLoop and Stream components. Its server component allows you to build networking servers that accept incoming connections from networking clients (such as an HTTP server). Its client component allows you to build networking clients that establish outgoing connections to networking servers (such as an HTTP or database client). This library provides async, streaming means for all of this, so you can handle multiple concurrent connections without blocking.

sniproxy - Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session

Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session. This enables HTTPS name-based virtual hosting to separate backend servers without installing the private key on the proxy machine. For Debian or Fedora based Linux distributions see building packages below.

Tokio - Platform for writing fast networking code in Rust.

Tokio is a platform for writing fast networking code in Rust. Core I/O and event loop abstraction for asynchronous I/O in Rust built on futures and mio.

Kamailio - The Open Source SIP Server

Kamailio (successor of former OpenSER and SER) is an open source implementation of a SIP Signaling Server. SIP is an open standard protocol specified by the IETF. The core specification document is RFC3261.

minuteman - A distributed Load Balancer

A distributed, highly available service discovery & internal load balancer for distributed systems (microservices and containers). You can use the layer 4 load balancer by specifying a VIP from the Marathon UI. The VIP must be specified in the format IP:port, for example: Alternatively, if you're using something other than Marathon, you can create a label on the port protocol buffer while launching a task on Mesos. This label's key must be in the format VIP_$IDX, where $IDX is replaced by a number, starting from 0. Once you create a task, or a set of tasks with a VIP, they will automatically become available to all nodes in the cluster, including the masters.