Skip to content

Prototype lightweight mesh using envoy go-control-plane for kubernetes

License

Notifications You must be signed in to change notification settings

kyessenov/envoymesh

Folders and files

NameName
Last commit message
Last commit date

Latest commit

1581578 · May 24, 2018
Mar 7, 2018
May 18, 2018
May 22, 2018
May 22, 2018
May 22, 2018
May 22, 2018
May 22, 2018
Dec 22, 2017
May 14, 2018
May 14, 2018
May 18, 2017
May 15, 2018
Mar 7, 2018
May 15, 2018
May 24, 2018
Dec 22, 2017

Repository files navigation

envoymesh

Warning: under active development

Envoy mesh is an experimental simple service mesh built on top of go-control-plane that provides the following features:

  • sidecar-based service mesh architecture
  • lightweight installation, targeted for Kubernetes
  • out-of-the-box telemetry, authorization checks, and L7 routing capabilities
  • direct access to Envoy xDS APIs for customizing application-level network behavior

Goals

  • Minimal implementation of a control plane for a fleet of Envoy proxies
  • ADS for coordinated configuration rollout
  • Implementation of native Envoy extension points (access log, metrics, external authorization)

Limitations

  • This project uses jsonnet extensively for rapid prototyping of Envoy API processing logic.
  • No support for health checks in the application deployment.

Build instructions

envoymesh uses standard go tooling. Requirements:

  • golang 1.9.2 or above
  • godep
  • (recommended) jsonnet or go-jsonnet

Use build.sh script to generate and push containers for the sidecar envoy and a controller binary.

For local development:

# Start the controller 
go run cmd/controller/main.go  --logtostderr -v 2 --kubeconfig ~/.kube/config
# Start the proxy
go run cmd/agent/main.go --envoy=$(which envoy)

Test instructions

  1. Use the famous bookinfo app for demonstration:

     kubectl apply -f samples/bookinfo.yaml
    

Access the web page by using EXTERNAL_IP of productpage service: http://EXTERNAL_IP/productpage

  1. Grant admin permissions to the application service account:

     kubectl create clusterrolebinding envoymesh --clusterrole=cluster-admin --serviceaccount=default:envoymesh
    
  2. Inject the sidecar using the following script:

     cat samples/bookinfo.yaml \
       | go run cmd/inject/main.go \
       > samples/bookinfo-injected.yaml 
    
  3. Submit the envoy config generation script:

     kubectl create configmap jsonnet --from-file envoy.jsonnet
    
  4. Deploy the mesh:

     # Proxy controller
     kubectl apply -f samples/mesh.yaml
    
     # Policy and telemetry controller
     kubectl apply -f samples/mixer.yaml
    
     # Bookinfo
     kubectl apply -f samples/bookinfo-injected.yaml
    

Access the web page again at http://EXTERNAL_IP/productpage. Traffic should be flowing through Envoy!

About

Prototype lightweight mesh using envoy go-control-plane for kubernetes

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published