Aeraki Mesh officially became a CNCF sandbox project, Tencent Cloud and partners accelerate the mature commercial use of service mesh

In June, Aeraki Mesh, a service mesh open source project initiated by Tencent Cloud, in conjunction with Baidu, Lingqueyun, Tencent Music, Didi, Zhengcaiyun and other partners, passed the Cloud Native Computing Foundation, the world's top open source foundation. (CNCF) Technical Oversight Committee assessed and officially became a CNCF sandbox project . This means that Aeraki Mesh has been recognized by the cloud native open source community , and joining CNCF also ensures the neutrality and open source of the project, taking a firm step for the further development of Aeraki Mesh in the cloud native ecosystem.

Aeraki Mesh joined CNCF at this point in time, shortly after Istio announced its donation of Istio to the CNCF Foundation. As a leading project in the open source field of Service Mesh, Istio has been welcomed by the majority of developers. Joining CNCF marks that Istio, K8s, and Knative, the three major cloud-native container automation frameworks, have been incorporated into the same governance structure. Istio and other projects in CNCF The cooperation will be closer and smoother, and it will also clear the final obstacle for Istio to become the de facto standard in the field of service mesh. However, although Istio is powerful, it mainly deals with the HTTP protocol and treats other protocols as TCP traffic. This is one of the main problems encountered by the service mesh when the product is launched. Other protocols are often used in microservices, such as Dubbo, Thrift, Redis, and private protocols. Service governance of this traffic is not possible with Istio alone. Aeraki Mesh provides a non-intrusive, highly scalable solution to manage any Layer 7 traffic in a service mesh. Aeraki Mesh joined CNCF at this time, providing non-HTTP protocols with the same governance capabilities as HTTP in Istio, accelerating the process of mature commercial use of service meshes and product implementation .

Aeraki [Air-rah-ki] is Greek for "breeze". The moral of the name is to hope that the "breeze" of Aeraki Mesh will help Istio and Kubernetes go faster and further in their cloud-native journey. The positioning of Aeraki Mesh is very clear: only handle the non-HTTP Layer 7 traffic of the service mesh, leaving the HTTP traffic to Istio . (We think the existing projects are good enough to not have to reinvent the wheel).

Aeraki Mesh Architecture

As shown in this figure, Aeraki Mesh consists of the following two parts .

Aeraki : Aeraki works on the control plane, provides high-level, user-friendly traffic management rules for operation and maintenance, converts the rules into envoy proxy configuration, and uses the standard interface provided by Istio to push the configuration to the sidecar proxy on the data plane. Aeraki also acts as an RDS (Route Discovery Service) server for MetaProtocol Proxy in the control plane. Unlike Envoy RDS, which focuses on HTTP, Aeraki RDS aims to provide common dynamic routing capabilities for all Layer 7 protocols.

MetaProtocol Proxy : MetaProtocol Proxy works on the data plane and is a seven-layer proxy framework that provides common traffic management capabilities for seven-layer protocols, such as load balancing, circuit breaker, routing, local/global traffic limiting, fault injection, indicator collection, and invocation tracking and so on. We can create our own proprietary protocol Layer 7 proxy based on the general capabilities provided by MetaProtocol Proxy. To add a new protocol to a service mesh, the only thing that needs to be done is to implement the codec interface (usually only hundreds of lines of code) and a few lines of yaml configuration. If there are special requirements and the built-in functions cannot be satisfied, MetaProtocol Proxy also provides an extension mechanism that allows users to write their own seven-layer filters and add custom logic to MetaProtocol Proxy.

Dubbo, Thrift, bRPC and a series of proprietary protocols are already supported in MetaProtocol Proxy. If you are using a closed source proprietary protocol, you can also manage it in a service mesh, just write a MetaProtocol codec for it.

MetaProtocol Proxy Architecture

MetaProtcolProxy highly abstracts the seven-layer protocol and extracts Metadata, a very flexible extension mechanism. During the decoding process of the application protocol, the key attributes in the protocol are filled into the Metadata. These attributes can be used for subsequent requests such as routing and current limiting. Seven layers of filter processing. The framework layer handles Meatdata as a transparent key/value string, and does not need to understand the business details of the protocol. This design can ensure that any application protocol developed based on MetaProtocol can be managed using the same set of control plane API, which is the basis for Aeraki to implement unified management of Dubbo, Thrift, bRPC and other protocols. At the same time, MetaProtocolProxy also provides the Mutation data structure, which is used to modify the data packet during encoding, such as adding/modifying the content of the request header.

The following figure is the process of MetaProtocolProxy processing a request:

MetaProtocol Proxy request processing flow

Key features of Aeraki Mesh :

It integrates seamlessly with Istio and is a recommended project for Istio Ecosystem integration. You can use Istio + Aeraki Mesh
to build a full-stack service mesh that can manage HTTP and other seven-layer protocols at the same time.
Supports traffic management of open source protocols such as Dubbo, Thrift, and Redis in Istio.
Supports traffic management of private protocols in Istio with only hundreds of lines of code and no changes to Istio.
It supports request-level load balancing, dynamic routing with arbitrary matching conditions, global and local current limiting, traffic mirroring and other powerful Layer 7 traffic management capabilities.
Provides rich request-level performance indicators, including request delay, error, quantity, etc., and supports distributed call tracking.
It is completely non-intrusive to upstream open source projects such as Istio and Envoy, and can follow upstream projects for rapid iteration, making full use of the new capabilities provided by the new version of upstream projects.
Aeraki Mesh has been commercialized in large-scale projects such as CCTV and Tencent Music, and has passed the actual combat test of the large-scale online traffic of the 2022 Winter Olympics. Several products are currently being tested. Baidu, Lingqueyun, Didi, Zhengcaiyun and other partners have joined the community for joint construction.

Summarize

The Aeraki Mesh community is developing vigorously, everyone is welcome to join !

Install trial : https://www.aeraki.net/en/docs/v1.0/quickstart/

Join the community meeting : https://www.aeraki.net/en/community/#community-meetings

Star it : https://github.com/aeraki-mesh/aeraki

Aeraki Mesh product landing practice :
Istiocon 2022 Sharing: Istio + Aeraki Landing on Tencent Music's Service Mesh | Aeraki Mesh
Tencent Cloud Native Sharing: Service Mesh Practice of Areaki Mesh in the 2022 Winter Olympics Live Video Application | Aeraki Mesh

about us

For more cases and knowledge about cloud native, you can pay attention to the public account of the same name [Tencent Cloud Native]~

Welfare:

① Reply to the [Manual] in the background of the official account, you can get the "Tencent Cloud Native Roadmap Manual" & "Tencent Cloud Native Best Practices"~

②The official account will reply to the [series] in the background, and you can get "15 series of 100+ super practical cloud native original dry goods collection", including Kubernetes cost reduction and efficiency enhancement, K8s performance optimization practices, best practices and other series.

③If you reply to the [White Paper] in the background of the official account, you can get the "Tencent Cloud Container Security White Paper" & "The Source of Cost Reduction - Cloud Native Cost Management White Paper v1.0"

④ Reply to [Introduction to the Speed of Light] in the background of the official account, you can get a 50,000-word essence tutorial of Tencent Cloud experts, Prometheus and Grafana of the speed of light.

[Tencent Cloud Native] New products of Yunshuo, new techniques of Yunyan, new activities of Yunyou, and information of cloud appreciation, scan the code to follow the public account of the same name, and get more dry goods in time! !