Skip to content
A tiny service mesh developed in golang
Go Shell
Branch: master
Clone or download
Pull request Compare This branch is even with luismoramedina:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
docker
egress
ingress
jwt
samples
sidecar
.gitignore
Dockerfile
README.adoc
build-publish.sh
build.sh
main.go

README.adoc

GoMezh

Sidecar sample app for kubernetes

Using . opentracing to keep data between ingress and egress traffic https://github.com/opentracing/opentracing-go . iptables to filter traffic

Docker (install and run)

Note
docker, docker-compose, mvn and golang needed

Build images:

./build.sh

Local run with docker:

docker-compose -f samples/docker-compose.yml up --remove-orphans

Install on minishift

#login as admin
oc project $MY_PROJECT
oc adm policy add-scc-to-user anyuid -z default
oc adm policy add-scc-to-user privileged -z default
oc patch scc/privileged --patch {\"allowedCapabilities\":[\"NET_ADMIN\"]}
# login as normal user
oc project $MY_PROJECT

# remove all items in project
oc delete all --all

oc create -f samples/books/books-gomezh.yml
oc create -f samples/stars/stars-gomezh.yml

Local testing

curl -i http://0:8081/books -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjIyMjEwMzk1NTIsImlzcyI6InRlc3QiLCJzdWIiOiJib2IifQ.OHuf7wL_XFk---LsGqC8HwJyHRiogcQIM2g3fEUdLjr8CjkZccrw20Ybq8FvD8Zw0wrzxEii8gbEnfjcAbFYUtwzQPGTHRgpvEZGCNJcuUrhkq3A5bLCArg2NANS-lZgFfEEGHY8TQB951MvVLvhu7z1q5C-eRLAZ-U10TwiGCguLL5W-SQhgHiPr6n6aVrOqWGE7h0lELQnjc2Eq7iZuULkRRMjJNE3H0F5qfxpmMj_mW3sGvq6UQTf1W3lEGA0ercTdguQy9e5JRa0DdkpwOhF8zlF29D0HP3N5EKV7W1MpChrqYuromTPrYjvetOCNVz3Nk_VeHH8qTW-hvHxQQ"
curl -i -X POST http://0:8081/books -H "Content-type: application/json" -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjIyMjEwMzk1NTIsImlzcyI6InRlc3QiLCJzdWIiOiJib2IifQ.OHuf7wL_XFk---LsGqC8HwJyHRiogcQIM2g3fEUdLjr8CjkZccrw20Ybq8FvD8Zw0wrzxEii8gbEnfjcAbFYUtwzQPGTHRgpvEZGCNJcuUrhkq3A5bLCArg2NANS-lZgFfEEGHY8TQB951MvVLvhu7z1q5C-eRLAZ-U10TwiGCguLL5W-SQhgHiPr6n6aVrOqWGE7h0lELQnjc2Eq7iZuULkRRMjJNE3H0F5qfxpmMj_mW3sGvq6UQTf1W3lEGA0ercTdguQy9e5JRa0DdkpwOhF8zlF29D0HP3N5EKV7W1MpChrqYuromTPrYjvetOCNVz3Nk_VeHH8qTW-hvHxQQ" -d "{\"id\":2100,\"title\":\"1984\",\"year\":\"1949\",\"author\":\"George Orwell\",\"stars\":5}"
Note
this is a JWT that is valid for the default (hardcoded) public key eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjIyMjEwMzk1NTIsImlzcyI6InRlc3QiLCJzdWIiOiJib2IifQ.OHuf7wL_XFk---LsGqC8HwJyHRiogcQIM2g3fEUdLjr8CjkZccrw20Ybq8FvD8Zw0wrzxEii8gbEnfjcAbFYUtwzQPGTHRgpvEZGCNJcuUrhkq3A5bLCArg2NANS-lZgFfEEGHY8TQB951MvVLvhu7z1q5C-eRLAZ-U10TwiGCguLL5W-SQhgHiPr6n6aVrOqWGE7h0lELQnjc2Eq7iZuULkRRMjJNE3H0F5qfxpmMj_mW3sGvq6UQTf1W3lEGA0ercTdguQy9e5JRa0DdkpwOhF8zlF29D0HP3N5EKV7W1MpChrqYuromTPrYjvetOCNVz3Nk_VeHH8qTW-hvHxQQ

Features

  • ✓ http support

  • ✓ transparent filter traffic with iptables

  • ✓ tracing with opentracing: propagates context through services (http headers)

  • ✓ jwt security validation and propagation

  • ✓ plain security context generation and propagation

  • ✓ prints request time

  • ❏ stores stats

You can’t perform that action at this time.