Aeraki Mesh allows you to manage any layer-7 traffic in a service mesh
Aeraki (中文)
Manage any layer-7 traffic in a service mesh!Aeraki [Air-rah-ki] is the Greek word for 'breeze'. While service mesh becomes an important infrastructure for microservices, many(if not all) service mesh implementations mainly focus on HTTP protocols and treat other protocols as plain TCP traffic. Aeraki Mesh is created to provide a non-intrusive, highly extendable way to manage any layer-7 traffic in a service mesh.
Note: Aeraki only handles non-HTTP layer-7 traffic in a service mesh, and leaves the HTTP traffic to other existing service mesh projects. (As they have already done a very good job on it, and we don't want to reinvent the wheel! ) Aeraki currently can be integrated with Istio, and it may support other service mesh projects in the future.
Problems to solveWe are facing some challenges in service meshes:
Those obstacles make it very hard, if not impossible, for users to manage the traffic of other widely-used layer-7 protocols in microservices. For example, in a microservices application, we may have the below protocols:
If you have already invested a lot of effort in migrating to a service mesh, of course, you want to get the most out of it — managing the traffic of all the protocols in your microservices.
Aeraki's approachTo address these problems, Aeraki Mesh provides a non-intrusive, extendable way to manage any layer-7 traffic in a service mesh.
As this diagram shows, Aeraki Mesh consists of the following components:
EnvoyFilter
API to push the configurations to the sidecar proxies. Aeraki also serves as the RDS server for MetaProtocol proxies in the data plane. Contrary to Envoy RDS, which focuses on HTTP, Aeraki RDS is aimed to provide a general dynamic route capability for all layer-7 protocols.Dubbo , Thrift , bRPC and a number of other protocols have been implemented based on MetaProtocol. More protocols are on the way. If you're using a close-source, proprietary protocol, you can also manage it in your service mesh simply by writing a MetaProtocol codec for it.
Most request/response style, stateless protocols can be built on top of the MetaProtocol Proxy. However, some protocols' routing policies are too "special" to be normalized in MetaProtocol. For example, the Redis proxy uses a slot number to map a client query to a specific Redis server node, and the slot number is computed by the key in the request. Aeraki can still manage those protocols as long as there's an available Envoy Filter in the Envoy proxy side. Currently, for protocols in this category, Redis and Kafka are supported in Aeraki.
Supported protocols:Aeraki can manage the below protocols in a service mesh:
DemoNote: Protocols built on top of MetaProtocol support all the above features in Aeraki Mesh, Envoy native filters only support some of the above features, depending on the capacities of the native filters.
https://www.aeraki.net/docs/v1.x/quickstart/
Installhttps://www.aeraki.net/docs/v1.x/install/
Build Pre-requirements:goimports
, gofmt
, etc.# build aeraki binary on Linux make build # build aeraki binary on darwin make build IMAGE_OS=darwinBuild Aeraki Image
# build aeraki docker image with the default latest tag make docker-build # build aeraki docker image with xxx tag make docker-build IMAGE_TAG=xxx # build aeraki e2e docker image make docker-build-e2eContribute to Aeraki
If you're interested in contributing to this project, please read Contributing to Aeraki.
TalksSincerely thank everyone for choosing, contributing, and using Aeraki. We created this issue to collect the use cases so we can drive the Aeraki community to evolve in the right direction and better serve your real-world scenarios. We encourage you to submit a comment on this issue to include your use case:#105
ContactThis project is licensed under Apache 2.0 License
ConductWe follow the CNCF Code of Conduct
Landscapes
Aeraki Mesh is a CNCF sandbox project.
Twice a month we will interview people behind open source businesses. We will talk about how they are building a business on top of open source projects.
We'll never share your email with anyone else.