[Sandbox] Kmesh

[hzxuzhonghu]

Application contact emails

zhhxu2011@gmail.com, wuchangye@huawei.com

Project Summary

Kmesh is a service mesh dataplane which manages service to service communication transparently based on eBPF and programmable kernel.

Project Description

Kmesh is a cloud-native high-performance and low overhead service mesh data plane based on eBPF and programmable kernel. It brings advanced traffic management, security and monitoring to service communications. It is natively sidecarless, zero intrusion and without adding any resource cost to application container.

Kmesh leverages eBPF technology to perform traffic management in kernel mode, ensuring that traffic management operates seamlessly with traffic flows. By preventing service connections from being cut off, Kmesh largely reduces the number of connections along the traffic path and minimizes application access delays.

Org repo URL (provide if all repos under the org are in scope of the application)

https://github.com/kmesh-net

Project repo URL in scope of application

https://github.com/kmesh-net/kmesh

Additional repos in scope of the application

No response

Website URL

https://kmesh.net

Roadmap

https://github.com/kmesh-net/community/blob/main/roadmap.md

Roadmap context

No response

Contributing Guide

https://github.com/kmesh-net/kmesh/blob/main/CONTRIBUTING.md

Code of Conduct (CoC)

https://github.com/kmesh-net/kmesh/blob/main/CODE_OF_CONDUCT.md

Adopters

No response

Contributing or Sponsoring Org

No response

Maintainers file

https://github.com/kmesh-net/kmesh/blob/main/OWNERS

IP Policy

• [X] If the project is accepted, I agree the project will follow the CNCF IP Policy

Trademark and accounts

• [X] If the project is accepted, I agree to donate all project trademarks and accounts to the CNCF

Why CNCF?

To grow sustainably as an open source project, Kmesh needs contunuous contibutions and innovations from its community, the CNCF is at the forefront of fostering innovation and collaboration within the open-source community. Becoming a CNCF donor enhances KMesh's visibility and credibility within the cloud-native landscape. It demonstrates KMesh's commitment to the open-source community and its dedication to supporting industry standards and best practices. This can lead to increased trust and recognition from peers, partners, and customers, positioning KMesh as a leader in the cloud-native space.

Benefit to the Landscape

It is widely accepted that sidecar traffic management mode can result in high resource overhead and great latency. And the underlying connection termination and initiation can increase connection numbers between two service instances and also cause mismatch on connection level settings like timeout. Kmesh is natively sidecarless, it makes use of ebpf and programmable kernel technology to get rid of the sidecar's defects. In doing so, Kmesh gains a substantial industry advantage over resource overhead and latency.

Kmesh also provides an slicing mode that enhances L7 traffic management by separating L4 and L7. For L4 taffic, we make use of ebpf to do simple redirecting and loadbalancing, and for L7 we automatically make use of waypoint, a userspace proxy based on istio proxy.

The greatest benefit with kmesh is that during upgrade, we donot influence application's traffic.

Cloud Native 'Fit'

Kmesh natively runns on kubernets, and manage traffic from or to pods. As a service mesh data plane, it interates with istio and subscribes xDS configurations from istiod. Kmesh has two important components, kmesh daemon that runns on each node and is responsible of subscribing xDS configuration and managing ebpf prog. The other one is ebpf progs, which works on cgroups, sockops and other hook points.

Cloud Native 'Integration'

Istio, Envoy, Gateway APIs, Prometheus

Kmesh makes use of istio as its controlplane, so it natively supports Gateway APIS. The Kmesh waypoint component adds an additional filter to istio-prxy and envoy, so the advanced L7 protocol management is mosytly exploiting envoy capabilities.

Cloud Native Overlap

No response

Similar projects

Linkerd, Istio and Cilium ServiceMesh

But Kmesh provides a totally different dataplane architecture, and in future we may provide its own control plane for simplicity.

Landscape

Yes, here it is

Business Product or Service to Project separation

N/A

Project presentations

No response

Project champions

No response

Additional information

No response

[angellk]

@hzxuzhonghu please coordinate a project presentation with TAG Network

[hzxuzhonghu]

Sure, we plan to present at next Network meeting