+
+
+
+## Introduction
+
+Orion Proxy is a high performance and memory safe implementation of popular [Envoy Proxy](https://www.envoyproxy.io/). Orion Proxy is implemented in Rust using high-quality open source components.
+
+### Key features
+
+**Memory Safety**
+
+Rust programming language allows to avoid a whole lot of bugs related to memory management and data races making Orion Proxy a very robust and secure application.
+
+
+**Performance**
+
+Orion Proxy offers 2x-4x better throughput and latency than Envoy Proxy. Refer to [Performance](docs/performance/performance.md) to see performance figures and for more details how we tested Orion Proxy .
+
+
+**Compatibility**
+
+Orion Proxy configuration is generated from Envoy's xDS protobuf definitions. Orion Proxy aims to be a drop in replacement for Envoy.
+
+
+
+## Quick Start
+
+### Building
+```console
+git clone https://github.com/kmesh-net/orion
+cd orion
+git submodule init
+git submodule update --force
+cargo build
+```
+
+
+### Running
+```console
+cargo run --bin orion -- --config orion/conf/orion-runtime.yaml
+```
+
+
+
+
+## License
+
+Orion Proxy is licensed under the
+[Apache License, Version 2.0](./LICENSE).
diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md
new file mode 100644
index 00000000..13f096bd
--- /dev/null
+++ b/RELEASE-NOTES.md
@@ -0,0 +1,7 @@
+## [0.1.0]
+
+> First public release of Orion Proxy.
+
+>[!CAUTION]
+This project is still very unstable and not ready for use in production environments.
+
diff --git a/clippy.toml b/clippy.toml
new file mode 100644
index 00000000..106a4e09
--- /dev/null
+++ b/clippy.toml
@@ -0,0 +1,15 @@
+# for `disallowed_method`:
+# https://rust-lang.github.io/rust-clippy/master/index.html#disallowed_method
+disallowed-methods = [
+ { path = "orion_data_plane_api::decode::SourceFmt::Protobuf", reason = "Should not be used anymore. Use TryFrom instead." },
+ { path = "orion_data_plane_api::decode::SourceFmt::Yaml", reason = "Should not be used anymore. Use TryFrom instead." },
+ { path = "tokio::time::timeout", reason = "Use pingora_timeout::fast_timeout::fast_timeout instead" },
+]
+
+# The maximum number of function parameters is 5.
+too-many-arguments-threshold = 5
+
+allow-expect-in-tests = true
+allow-print-in-tests = true
+allow-unwrap-in-tests = true
+check-private-items = false
diff --git a/docker/Dockerfile b/docker/Dockerfile
new file mode 100644
index 00000000..b255629f
--- /dev/null
+++ b/docker/Dockerfile
@@ -0,0 +1,43 @@
+FROM rust:1.84 AS orion-builder
+
+#RUN rustup component add rustfmt
+
+WORKDIR /tmp/orion
+
+RUN <
+
+### HTTPS
+#### Requests per second
+
+
+#### Latency in microseconds
+
+
+### TCP
+#### Requests per second
+
+
+#### Latency in microseconds
+
+
+## Test Methodology and Testbed
+
+
+
+* Requests generator (wrk):
+ - 2048 and 16384 connections tests
+ - 45s duration per test
+ - 36 threads/18 cores for the application on NUMA0
+ - 6 cores assigned to IRQ handling on NUMA0
+ - Measures req/s, throughput, latency (min, max, mean, 99.9th, 99.999th)
+* Upstream Cluster (Nginx):
+ - In-memory direct response of 12B size
+ - 17 cores assigned to the application on NUMA1
+ - 7 cores assigned to IRQ handling on NUMA1
+ - 2.6M RPS a hard-limit of the server
+ - Measures #connections established upstream
+
+* DUT (Proxy):
+ - Comparison Envoy, Ng-proxy, and Nginx
+ - Scaling tested with 1, 2, 4, 8, 16, 24, 32 cores assigned to the proxy
+ - TCP termination toward single upstream cluster
+
+* DUT (Tunings):
+ - IRQ affinity
+ - 8 cores reserved for the IRQ affinity.
+ - 24 cores allocated for proxy (per NUMA node).
+* All interfaces are 25Gbps Mellanox and Intel NICs
diff --git a/docs/pics/logo/orion_proxy_logo.png b/docs/pics/logo/orion_proxy_logo.png
new file mode 100644
index 00000000..83887e3d
Binary files /dev/null and b/docs/pics/logo/orion_proxy_logo.png differ
diff --git a/docs/pics/logo/orion_proxy_logo.xcf b/docs/pics/logo/orion_proxy_logo.xcf
new file mode 100644
index 00000000..141b69f9
Binary files /dev/null and b/docs/pics/logo/orion_proxy_logo.xcf differ
diff --git a/docs/pics/orion.svg b/docs/pics/orion.svg
new file mode 100644
index 00000000..914d91e4
--- /dev/null
+++ b/docs/pics/orion.svg
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/docs/pics/performance/baseline/wrk-latency.png b/docs/pics/performance/baseline/wrk-latency.png
new file mode 100644
index 00000000..6dfcc765
Binary files /dev/null and b/docs/pics/performance/baseline/wrk-latency.png differ
diff --git a/docs/pics/performance/baseline/wrk-reqsec.png b/docs/pics/performance/baseline/wrk-reqsec.png
new file mode 100644
index 00000000..ba55bece
Binary files /dev/null and b/docs/pics/performance/baseline/wrk-reqsec.png differ
diff --git a/docs/pics/performance/tcp/wrk-latency.png b/docs/pics/performance/tcp/wrk-latency.png
new file mode 100644
index 00000000..49f6abb8
Binary files /dev/null and b/docs/pics/performance/tcp/wrk-latency.png differ
diff --git a/docs/pics/performance/tcp/wrk-reqsec.png b/docs/pics/performance/tcp/wrk-reqsec.png
new file mode 100644
index 00000000..82cdb520
Binary files /dev/null and b/docs/pics/performance/tcp/wrk-reqsec.png differ
diff --git a/docs/pics/performance/testbed_conf.png b/docs/pics/performance/testbed_conf.png
new file mode 100644
index 00000000..8b4c9837
Binary files /dev/null and b/docs/pics/performance/testbed_conf.png differ
diff --git a/docs/pics/performance/tls/wrk-latency.png b/docs/pics/performance/tls/wrk-latency.png
new file mode 100644
index 00000000..a93f0a3a
Binary files /dev/null and b/docs/pics/performance/tls/wrk-latency.png differ
diff --git a/docs/pics/performance/tls/wrk-reqsec.png b/docs/pics/performance/tls/wrk-reqsec.png
new file mode 100644
index 00000000..8aab8ae8
Binary files /dev/null and b/docs/pics/performance/tls/wrk-reqsec.png differ
diff --git a/docs/videos/orion-demo-lb.webm b/docs/videos/orion-demo-lb.webm
new file mode 100644
index 00000000..b9eacf0c
Binary files /dev/null and b/docs/videos/orion-demo-lb.webm differ
diff --git a/envoy-data-plane-api/Cargo.toml b/envoy-data-plane-api/Cargo.toml
new file mode 100644
index 00000000..aac3019d
--- /dev/null
+++ b/envoy-data-plane-api/Cargo.toml
@@ -0,0 +1,25 @@
+[package]
+description = "Envoy xDS protobuf and gRPC definitions"
+edition = "2021"
+license = "MIT"
+name = "envoy-data-plane-api"
+version = "0.1.9"
+
+[dependencies]
+prost.workspace = true
+prost-reflect = { version = "0.14", features = ["derive", "serde"] }
+serde.workspace = true
+serde_json.workspace = true
+serde_yaml.workspace = true
+tonic = "^0.12"
+tonic-health = "^0.12"
+
+[build-dependencies]
+glob = "^0.3"
+prost-build.workspace = true
+prost-reflect = { version = "0.14", features = ["derive", "serde"] }
+tonic-build.workspace = true
+
+
+[lib]
+doctest = false
diff --git a/envoy-data-plane-api/build.rs b/envoy-data-plane-api/build.rs
new file mode 100644
index 00000000..fe472788
--- /dev/null
+++ b/envoy-data-plane-api/build.rs
@@ -0,0 +1,54 @@
+use std::path::PathBuf;
+
+use glob::glob;
+
+/// std::env::set_var("PROTOC", The Path of Protoc);
+fn main() -> std::io::Result<()> {
+ let descriptor_path = PathBuf::from(std::env::var("OUT_DIR").unwrap()).join("proto_descriptor.bin");
+ let protos: Vec