A data plane framework that supports any layer-7 protocols.

中文

meta-protocol-proxy

Why MetaProtocol is needed?

Almost all open source and commercial Service Meshes currently support only two Layer-7 protocols - HTTP and gRPC. Other widely used protocols in microservices, including Dubbo, Thrift, Redis, MySql, etc. can only be handled as plain TCP traffic , hence advanced traffic management capabilities promised by Service Mesh are not available for those protocols. In addition, some microservices are using proprietary RPC protocols for inter-service communication, we need to manage these protocols as well.

As shown in the figure below, we usually have these layer-7 protocols in a typical microservice application

  • RPC: HTTP、gRPC、Dubbo、Thrift、proprietary RPC ...
  • Async Message:Kafka, RabbitMQ ...
  • DB:mySQL, PostgreSQL, MongoDB ...

What MetaProtocol provides?

MetaProtocol is aimed to support any layer-7 protocols in Service Mesh.

  • Data plane:MetaProtocol Proxy provides common capabilities for Layer-7 protocols, such as load balancing, circuit breaker, load balancing, routing, rate limiting, fault injection, and auth.
  • Control plane:Aeraki provides a centralized control plane for MetaProtocol Proxy. Aeraki sends the configuration and dynamic routing rules to the MetaProtocol Proxies in the data plane. It also has high-level CRDs to provide a user-friendly interface to operation teams. Advanced traffic management such as traffic splitting, canary deployment, traffic mirroring, and RBAC can be achieved by these CRDs.

To add a new protocol into the service mesh, the only thing you need to do is implementing the codec interface.

If you have special requirements which can't be meet by the built-in capabilities, MetaProtocol Proxy also has a filter chain mechanism, allowing users to write their own layer-7 filters to add custom logic into MetaProtocol Proxy.

Build MetaProtocol Proxy

Follow this guide Building Envoy with Bazel to install the required software.

Run ./build.sh, if the build completes successfully, the generated binary will be at bazel-bin/envoy, which contains the MetaProtocol Proxy and the codecs of the application protocols.

Test MetaProtocol Proxy

Two layer-7 protocols, Dubbo and Thrift, have been implemented based on MetaProtocol. More protocols are under development.

Dubbo

Since the dubbo test client will use dns name org.apache.dubbo.samples.basic.api.demoservice to access th dubbo test server, we need to add the below line to hte hosts file:

127.0.0.1 org.apache.dubbo.samples.basic.api.demoservice

Run ./test/dubbo/test.sh , this script will run the envoy, dubbo test client and dubbo test server。You'll expect to see the below output:

Hello Aeraki, response from ed9006021490/172.17.0.2
Hello Aeraki, response from ed9006021490/172.17.0.2
Hello Aeraki, response from ed9006021490/172.17.0.2

This output means that the dubbo test client has successful reached the dubbo test server through envoy MetaProtocol proxy. To understand how it works, you can look into test/dubbo/test.yaml and play with the MetaProtocol configuration.

Thrift

Run ./test/thrift/test.sh , this script will run the envoy, thrift test client and thrift test server。You'll expect to see the below output:

Hello Aeraki, response from ae6582f53868/172.17.0.2
Hello Aeraki, response from ae6582f53868/172.17.0.2
Hello Aeraki, response from ae6582f53868/172.17.0.2

This output means that the thrift test client has successfully reached the thrift test server through envoy MetaProtocol proxy. To understand how it works, you can look into test/thrift/test.yaml and play with the MetaProtocol configuration.

RDS

MetaProtocol framework implements RDS discovery protocol, which means the route configuration can be fetched from a RDS server on the fly. MetaProtocol Proxy will apply the updated routes to all the subsequent requests, and the existing connections won't be interrupted in this process.

Run ./test/rds/test.sh , this script will run the envoy, an example rds server, dubbo test client and thrift test server。You'll expect to see the below output:

Hello Aeraki, response from 400c8a27e761/172.17.0.2
Hello Aeraki, response from 400c8a27e761/172.17.0.2
Hello Aeraki, response from 400c8a27e761/172.17.0.2

This output means that the dubbo test client has successfully reached the dubbo test server through envoy MetaProtocol proxy, with the route configuration fetched from the RDS server. To understand how it works, you can look into test/rds/test.yaml and play with the MetaProtocol configuration.

Owner
Aeraki
Manage any layer 7 traffic in an Istio Service Mesh.
Aeraki
https://github.com/aeraki-framework/meta-protocol-proxy
Comments
  • 关于压测崩溃的问题

    关于压测崩溃的问题

    赵老师,我这边自己按照awesome的那个例子完成了编码器的工作,我们的编解码比较简单,我仅用编解码后部获取一个路由信息后,防到medata里去就好了。 但是在压测的时候,就会出现Segment fault。 并且有两种情况 使用make release编译的,在envoy debug模式下能够接收一些请求才down掉。 而正常启动模式下貌似出现了解码器失效的情况,解析的头部全部不对了。非常奇怪。 寻求您的帮助,您是否做过相关的压力测试

  • add an idle downstream connection timer.

    add an idle downstream connection timer.

    1、this timer is for idle downstream connection timeout 2、this timer default is ms,you also can set second in field "idle_timeout" of configuration. 3、before you make build,you should make api first,because the config proto has changed,you should protoc it.

  • adjust to istio 1.12.7

    adjust to istio 1.12.7

    fix for https://github.com/aeraki-mesh/aeraki/issues/222

    aeraki contrl plane have already adjust to istio 1.12.7

    but meta-protocol-proxy build with envoy 1.18 (istio 1.10)

    this pr is used to adjust to envoy 1.20(istio 1.12)

  • GitHub workflow to run build for PRs

    GitHub workflow to run build for PRs

    Currently, there's no auto building for new PRs. We need to set up an appropriate github workflow with actions to run auto building for PRs to make sure the new PRs can pass building.

  • add idle downstream connection timer feature.

    add idle downstream connection timer feature.

    1、you can "make api" first,then make build or release. 2、idle timer default represent ms. 3、idle timer don't have default value,when you don't set this value in configuration,the connection will always hold on except remote close this connection.

  • 仅在Envoy中编译meta-protocol-proxy

    仅在Envoy中编译meta-protocol-proxy

    meta-protocol-proxy可以单纯的不引入istio的库,仅仅作为network级别的filter在envoy代码中编译吗?请赵老师帮忙看看,当然我也可以慢慢自己移植代码过去。想问赵老师有没有比较方便的方法,想引入该filter作为我们私有协议的tcp框架。谢谢赵老师,希望也能为项目贡献代码。

  • Split StopIteration into two statuses: PauseIteration and AbortIteration

    Split StopIteration into two statuses: PauseIteration and AbortIteration

    The meaning of the StopIteration status is ambiguous: it is used in two scenarios now:

    Pause the current iteration of the l7 filter chain and the execution of the filter chain will be resumed later. In this case, the current implementation is fine. Abort the iteration of the l7 filter chain. In this case, the current implementation results in memory leak since the active message will not be deleted from the connection manager until the downstream connection is closed. This PR solves this issue by splitting StopIteration into two unambiguous statuses: PauseIteration and AbortIteration

    PauseIteration: the filter iteration is paused and will be resumed later, for e.g, waiting for an available connection. The corresponding message remains in the connection manager. AbortIteration: the filter iteration is aborted, for e.g, the upstream host is not found, and the corresponding message will be deleted from the connection manager.

  • Rate limit metrics

    Rate limit metrics

    Relate issue: https://github.com/aeraki-mesh/aeraki/issues/179

    *_rate_limit_ok counter: requests enforced rate limiting but are not rate limited *_rate_limit_rate_limited counter: requests are rate limited

    ➜  ~ aerakictl_sidecar_stats v1 meta-thrift|grep thrift|grep local_rate_limit
# TYPE envoy_meta_protocol_thrift_sample_server_meta_thrift_svc_cluster_local_local_rate_limit_ok counter
envoy_meta_protocol_thrift_sample_server_meta_thrift_svc_cluster_local_local_rate_limit_ok{} 25
# TYPE envoy_meta_protocol_thrift_sample_server_meta_thrift_svc_cluster_local_local_rate_limit_rate_limited counter
envoy_meta_protocol_thrift_sample_server_meta_thrift_svc_cluster_local_local_rate_limit_rate_limited{} 19
  • add test-step after build in github actions

    add test-step after build in github actions

    1、just test the dubbo case beacause of the mostly common in different protocal; 2、Not build with the container because it fails more frequently than local way;

  • import user.bazelrc twice

    import user.bazelrc twice

    Now user.bazelrc may import twice in .bazelrc and envoy.bazelrc,cause a warning: WARNING: The following configs were expanded more than once: [clang]. For repeatable flags, repeats are counted twice and may lead to unexpected behavior.

    here is my user.bazelrc:

    cat user.bazelrc 
build --config=clang

    I think we can delete try-import %workspace%/user.bazelrc in .bazelrc

  • Github workflow for auto test

    Github workflow for auto test

    Currently, there's no auto testing for new PRs. We need to set up an appropriate github workflow with actions to run auto testing for PRs to avoid breaking existing functionalities.

    The existing test stub docker and scripts can be found here: https://github.com/aeraki-mesh/meta-protocol-proxy/tree/master/test

  • when protocol is like mysql, should connection to server after tcp connected? because mysql is server send first package

    when protocol is like mysql, should connection to server after tcp connected? because mysql is server send first package

    i write a mysql codec

    admin: access_log_path: ./envoy_debug.log address: socket_address: address: 127.0.0.1 port_value: 8080 static_resources: listeners: name: listener_meta_protocol address: socket_address: address: 0.0.0.0 port_value: 3306 filter_chains: - filters: - name: aeraki.meta_protocol_proxy typed_config: '@type': type.googleapis.com/aeraki.meta_protocol_proxy.v1alpha.MetaProtocolProxy application_protocol: mysql codec: name: aeraki.meta_protocol.codec.mysql metaProtocolFilters: - name: aeraki.meta_protocol.filters.router routeConfig: routes: - name: default match: metadata: - name: method exact_match: sayHello route: cluster: outbound|9090||mysql.testhl.svc.cluster.local statPrefix: outbound|9090||mysql.testhl.svc.cluster.local clusters: name: outbound|9090||mysql.testhl.svc.cluster.local type: STATIC connect_timeout: 5s load_assignment: cluster_name: outbound|9090||mysql.testhl.svc.cluster.local endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 10.97.54.132 port_value: 3306

    used this config to test it

    then debug it it seems when the tcp connection connected, the server will not connect to upstream but protocol like mysql ,the first package is sent by server? how to solve this problem? when downstream connected, why not connect to upstream?

    [[email protected]:/root]tcpdump -i cni0 tcp port 3306 -s 0 -vv tcpdump: listening on cni0, link-type EN10MB (Ethernet), capture size 262144 bytes 16:23:25.244400 IP (tos 0x0, ttl 64, id 27261, offset 0, flags [DF], proto TCP (6), length 60) huangli-k8s.22028 > 10.244.0.169.mysql: Flags [S], cksum 0x16c0 (incorrect -> 0xbe32), seq 910018611, win 64240, options [mss 1460,sackOK,TS val 385023985 ecr 0,nop,wscale 7], length 0 16:23:25.244424 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60) 10.244.0.169.mysql > huangli-k8s.53302: Flags [S.], cksum 0xc387 (incorrect -> 0x1ed7), seq 1108886376, ack 910018612, win 64308, options [mss 1410,sackOK,TS val 1062450034 ecr 385023985,nop,wscale 7], length 0 16:23:25.244436 IP (tos 0x0, ttl 64, id 27262, offset 0, flags [DF], proto TCP (6), length 52) huangli-k8s.22028 > 10.244.0.169.mysql: Flags [.], cksum 0x16b8 (incorrect -> 0x6da2), seq 910018612, ack 1108886377, win 502, options [nop,nop,TS val 385023985 ecr 1062450034], length 0 16:23:25.244532 IP (tos 0x8, ttl 64, id 35959, offset 0, flags [DF], proto TCP (6), length 130) 10.244.0.169.mysql > huangli-k8s.53302: Flags [P.], cksum 0xc3cd (incorrect -> 0x4ca8), seq 1:79, ack 1, win 503, options [nop,nop,TS val 1062450034 ecr 385023985], length 78 16:23:25.244542 IP (tos 0x0, ttl 64, id 27263, offset 0, flags [DF], proto TCP (6), length 52) huangli-k8s.22028 > 10.244.0.169.mysql: Flags [.], cksum 0x16b8 (incorrect -> 0x6d54), seq 0, ack 79, win 502, options [nop,nop,TS val 385023985 ecr 1062450034], length 0 16:23:25.244577 IP (tos 0x0, ttl 64, id 27264, offset 0, flags [DF], proto TCP (6), length 239) huangli-k8s.22028 > 10.244.0.169.mysql: Flags [P.], cksum 0x1773 (incorrect -> 0x4b07), seq 0:187, ack 79, win 502, options [nop,nop,TS val 385023985 ecr 1062450034], length 187 16:23:25.244590 IP (tos 0x8, ttl 64, id 35960, offset 0, flags [DF], proto TCP (6), length 52) 10.244.0.169.mysql > huangli-k8s.53302: Flags [.], cksum 0xc37f (incorrect -> 0x45a7), seq 79, ack 188, win 502, options [nop,nop,TS val 1062450034 ecr 385023985], length 0

    [2022-02-08 16:24:16.754][9311][debug][main] [external/envoy/source/server/server.cc:209] flushing stats [2022-02-08 16:24:21.758][9311][debug][main] [external/envoy/source/server/server.cc:209] flushing stats [2022-02-08 16:24:22.343][9406][debug][filter] [./src/application_protocols/mysql/mysql_codec.h:186] mysql: begin to construct [2022-02-08 16:24:22.343][9406][debug][filter] [src/meta_protocol_proxy/conn_manager.cc:55] meta protocol: onNewConnection [2022-02-08 16:24:22.343][9406][debug][conn_handler] [external/envoy/source/server/active_tcp_listener.cc:328] [C0] new connection [2022-02-08 16:24:22.343][9406][trace][connection] [external/envoy/source/common/network/connection_impl.cc:547] [C0] socket event: 2 [2022-02-08 16:24:22.343][9406][trace][connection] [external/envoy/source/common/network/connection_impl.cc:656] [C0] write ready

  • Didn't find a registered implementation for name exception

    Didn't find a registered implementation for name exception

    hello

    i want to write a mysql codec use meta-protocol-proxy

    MysqlCodec() { ENVOY_LOG(debug, "mysql: begin to construct "); transport_ = MysqlProxy::NamedTransportConfigFactory::getFactory(MysqlProxy::TransportType::Auto) .createTransport();

    but MysqlProxy::NamedTransportConfigFactory::getFactory(MysqlProxy::TransportType::Auto) .createTransport(); this line get exection

    Thread 21 "wrk:worker_7" hit Breakpoint 1, Envoy::Extensions::NetworkFilters::MysqlProxy::NamedTransportConfigFactory::getFactory (type=Envoy::Extensions::NetworkFilters::MysqlProxy::TransportType::Auto) at ./src/application_protocols/mysql/transport.h:104 104 const std::string& name = TransportNames::get().fromType(type); (gdb) n 105 return Envoy::Config::Utility::getAndCheckFactoryByName(name); (gdb) p name $1 = (const std::string &) @0x5555617dbae0: {static npos = 18446744073709551615, _M_dataplus = {<std::allocator> = {<__gnu_cxx::new_allocator> = {}, }, _M_p = 0x5555617dbaf0 "auto"}, _M_string_length = 4, {_M_local_buf = "auto", '\000' <repeats 11 times>, _M_allocated_capacity = 1869903201}} (gdb) s Envoy::Config::Utility::getAndCheckFactoryByNameEnvoy::Extensions::NetworkFilters::MysqlProxy::NamedTransportConfigFactory (name=...) at bazel-out/k8-dbg/bin/external/envoy/source/common/config/_virtual_includes/utility_lib/common/config/utility.h:255 255 if (name.empty()) { (gdb) n 259 Factory* factory = Registry::FactoryRegistry::getFactory(name); (gdb) p name $2 = (const std::string &) @0x5555617dbae0: {static npos = 18446744073709551615, _M_dataplus = {<std::allocator> = {<__gnu_cxx::new_allocator> = {}, }, _M_p = 0x5555617dbaf0 "auto"}, _M_string_length = 4, {_M_local_buf = "auto", '\000' <repeats 11 times>, _M_allocated_capacity = 1869903201}} (gdb) n 261 if (factory == nullptr) { (gdb) n 263 fmt::format("Didn't find a registered implementation for name: '{}'", name));

    then gdb ,i find it is a nullptr exception, can any one tell me how to resolve?

Related tags
Miscellaneous service-mesh istio envoyproxy
layer to control the global priority of any vulkan application

vk-force-priority vk-force-priority allows you to control the global priority of any vulkan application. Building from Source Dependencies Before buil

Sep 2, 2021
Recognize stairs with lidar. Project the laser points to X-Z plane and use least squares for linear fitting.
 Recognize stairs with lidar. Project the laser points to X-Z plane and use least squares for linear fitting.

stairs_recogniton Recognize stairs with lidar. Project the laser points to X-Z plane and use least squares for linear fitting. Dependencies PCL 1.8 Ei

Nov 25, 2022
Projects related to sync'ing esphome devices with other protocols: DDP, E131, etc...

esphome sync This project is due to a desire to leverage WLED's new virtual strip (via DDP) feature or software like xLights or LEDFx to controls ESP

Dec 24, 2022
Static reflection for enums (to string, from string, iteration) for modern C++, work with any enum type without any macro or boilerplate code

__ __ _ ______ _____ | \/ | (_) | ____| / ____|_ _ | \ / |

Jan 5, 2023
Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.
 Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.

CosMapper Loads a signed kernel driver (signed with leaked cert) which allows you to map any driver to kernel mode without any traces of the signed /

Jan 2, 2023
Automatically load dlls into any executables without replacing any files!

Automatically loaded dll using xinput9_1_0 proxy. Please put the modified xinput9_1_0.dll in the executable's directory.

Dec 24, 2022
Create a calculator of any kind in any language, create a pr.

calculators Create a calculator of any kind in any language, create a pr. Create a calculator of any type using the programming language of your choic

Oct 21, 2022
tiny_csg is a C++ library that generates meshes from brush-based level data and supports incremental updates (real-time CSG).
 tiny_csg is a C++ library that generates meshes from brush-based level data and supports incremental updates (real-time CSG).

tiny_csg is a C++ library that generates meshes from brush-based level data and supports incremental updates (real-time CSG). It is intended to be used as a backend in 3d level editors and/or generators.

Dec 18, 2022
This is a tool for software engineers to view,record and analyse data(sensor data and module data) In the process of software development.
 This is a tool for software engineers to view,record and analyse data(sensor data and module data) In the process of software development.

![Contributors][Huang Jianyu] Statement 由于工具源码在网上公开,除使用部分开源项目代码外,其余代码均来自我个人,工具本身不包含公司的知识产权,所有与公司有关的内容均从软件包中移除,软件发布遵循Apache协议,任何人均可下载进行修改使用,如使用过程中出现任何问

Dec 25, 2022
Support for TrueType (.ttf) font files with Simple Directmedia Layer.

This library is a wrapper around the excellent FreeType 2.0 library

Dec 31, 2022
Application layer for sounding rockets software
 Application layer for sounding rockets software

Lynx On-Board Software The on-board software represents the top layer of the rocket's firmware. This includes all the logics needed for a successful f

Apr 13, 2022
Yet another abstraction layer - a general purpose C++ library.

Yet Another Abstraction Layer What yaal is a cross platform, general purpose C++ library. This library provides unified, high level, C++ interfaces an

Jul 27, 2022
Wayfire plugin for handling touchpad gestures globally in a layer-shell surface

wf-globalgestures Global touchpad gestures plugin for Wayfire: implements a special protocol (also in this repo) that lets clients request that a part

Oct 3, 2022
Translation layer from ANARI to OSPRay, ANARILibrary and ANARIDevice "ospray".

ANARI-OSPRay Translation layer from Khronos® ANARI™ to Intel® OSPRay: ANARILibrary and ANARIDevice "ospray". Status This is an experimental project, v

Dec 30, 2022
Webusb-libusb - Translation layer from libusb to webusb.

webusb-libusb IMPORTANT: This implementation requires a patched version of Emscripten to work properly. This project is a translation layer from libus

Dec 9, 2022
A Direct3D9 to Vulkan layer using the DXVK backend. [Upstreamed to DXVK]

This work has been upstreamed and is continuing development there This repo is only open for the remaining issues on the tracker https://github.com/do

Dec 24, 2022
A d3d9 and d3d10 to d3d11 translation layer.
 A d3d9 and d3d10 to d3d11 translation layer.

DXUP A D3D9 and D3D10 -> D3D11 Translation Layer Get latest build here or tagged builds here. What's the point? The main reason is for DXVK, a D3D11->

Dec 18, 2022
Add anything about data structure and algorithm in any language.

Hacktoberfest 2021 Follow the README below to get started! Note : This repo is excluded from the Hacktoberfest but you can still contribute and the re

Dec 6, 2022
Contribute a Data Structure you coded or solve the problems given in the Description.md file in any language! Happy coding!

Pro Lang Contribute a Data Structure you coded or solve the problems given in the Description.md file (can be found in the both the folders) in any la

Jan 16, 2022