Open Service Mesh (OSM) is a lightweight, extensible, Cloud Native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.
The OSM project builds on the ideas and implementations of many cloud native ecosystem projects including Linkerd, Istio, Consul, Envoy, Kuma, Helm, and the SMI specification.
- Overview
- OSM Design
- Install
- Demonstration
- Using OSM
- Community
- Development Guide
- Code of Conduct
- License
OSM runs an Envoy based control plane on Kubernetes, can be configured with SMI APIs, and works by injecting an Envoy proxy as a sidecar container next to each instance of your application. The proxy contains and executes rules around access control policies, implements routing configuration, and captures metrics. The control plane continually configures proxies to ensure policies and routing rules are up to date and ensures proxies are healthy.
- Simple to understand and contribute to
- Effortless to install, maintain, and operate
- Painless to troubleshoot
- Easy to configure via Service Mesh Interface (SMI)
Documentation pertaining to the usage of Open Service Mesh is made available at docs.openservicemesh.io.
Documentation pertaining to development, release workflows, and other repository specific documentation, can be found in the docs folder.
- Easily and transparently configure traffic shifting for deployments
- Secure service to service communication by enabling mTLS
- Define and execute fine grained access control policies for services
- Observability and insights into application metrics for debugging and monitoring services
- Integrate with external certificate management services/solutions with a pluggable interface
- Onboard applications onto the mesh by enabling automatic sidecar injection of Envoy proxy
OSM is under active development and is NOT ready for production workloads.
Please search open issues on GitHub, and if your issue isn't already represented please open a new one. The OSM project maintainers will respond to the best of their abilities.
Kind | SMI Resource | Supported Version | Comments |
---|---|---|---|
TrafficTarget | traffictargets.access.smi-spec.io | v1alpha3 | |
HTTPRouteGroup | httproutegroups.specs.smi-spec.io | v1alpha4 | |
TCPRoute | tcproutes.specs.smi-spec.io | v1alpha4 | |
UDPRoute | udproutes.specs.smi-spec.io | not supported | |
TrafficSplit | trafficsplits.split.smi-spec.io | v1alpha2 | |
TrafficMetrics | *.metrics.smi-spec.io | v1alpha1 | 🚧 In Progress #379 🚧 |
Read more about OSM's high level goals, design, and architecture.
- Kubernetes cluster running Kubernetes v1.19.0 or greater
- kubectl current context is configured for the target cluster install
kubectl config current-context
The simplest way of installing Open Service Mesh on a Kubernetes cluster is by using the osm
CLI.
Download the osm
binary from the Releases page. Unpack the osm
binary and add it to $PATH
to get started.
sudo mv ./osm /usr/local/bin/osm
$ osm install
See the installation guide for more detailed options.
The OSM Bookstore demo is a step-by-step walkthrough of how to install a bookbuyer and bookstore apps, and configure connectivity between these using SMI.
After installing OSM, onboard a microservice application to the service mesh.
Connect with the Open Service Mesh community:
- GitHub issues and pull requests in this repo
- OSM Slack: Join the CNCF Slack for related discussions in #openservicemesh
- OSM Community meetings take place on the second Tuesday of each month, 10:30am-11am Pacific in the CNCF OSM Zoom room
- Mailing list
- OSM Twitter
If you would like to contribute to OSM, check out the development guide.
This project has adopted the CNCF Code of Conduct. See CODE_OF_CONDUCT.md for further details.
This software is covered under the Apache 2.0 license. You can read the license here.