This project is a service mesh platform designed to manage, secure, and observe service-to-service communication within Kubernetes clusters. It functions as a control plane that orchestrates transparent sidecar proxies, which intercept and manage network traffic to provide reliable connectivity for microservices. By automating the injection of these proxies, the platform ensures that infrastructure-level policies are applied consistently across all workloads without requiring manual configuration changes. The platform distinguishes itself through its focus on zero-trust security and cross-clu
Pingora is a Rust-based framework for building high-performance network services, including HTTP reverse proxies, layer seven load balancers, and TLS termination proxies. It serves as an asynchronous network library designed to intercept and route HTTP, gRPC, and WebSocket traffic between clients and upstream backend servers. The project enables zero-downtime service updates by handing over listening sockets between processes during binary or configuration upgrades. It utilizes a programmable multi-phase pipeline to modify request and response bodies and headers, and it provides a pluggable T
Mosn is a multi-protocol network proxy designed for cloud-native service meshes, API gateway management, and distributed load balancing. It forwards layer four and layer seven traffic across diverse network protocols to ensure interoperability between distributed cloud components. The project is distinguished by its ability to perform zero-downtime proxy updates, replacing the running binary while maintaining existing network connections. It further supports dynamic proxy extension, allowing custom request processing logic to be added via external plugins or compiled Go modules without restar
Redbird is a Node.js reverse proxy used to route external network traffic to internal servers. It functions as a layer 7 load balancer that maps incoming requests from specific domains or hosts to target upstream servers, shielding backend services from direct public exposure. The project features dynamic route management, allowing routing rules to be updated programmatically at runtime. It synchronizes these routes automatically by polling external sources such as Docker containers and etcd clusters to align proxy configurations with service lifecycles. Additional capabilities include SSL a