Maesh 1.0
Simpler Service Mesh, Now Production Ready
Three months ago (in September 2019) we were proud to unleash Maesh, the simpler service mesh. With so many tools already available on the market, we couldn’t wait to see how the community would react to our vision of the concept.
The answer is — incredibly well. In less than a month, Maesh had gathered a community of people that adopted it right from the start on their development cluster. These brave early adopters provided us with invaluable insights about various cluster configurations and shed light on possible improvements. We listened the best we could, helped them contribute to the project, fixed what had to be fixed, and we’re now contemplating the result of this common effort — Maesh 1.0
What is Maesh?
Maesh allows for visibility and management of the traffic that flows inside your Kubernetes cluster, which is just as important as the ingress and egress traffic. Maesh is designed from the ground up to be straightforward, easy to install, and easy to use.
Built on top of Traefik, Maesh is a simple, yet full-featured service mesh. It fits as your de-facto service mesh in your Kubernetes cluster and supports the latest Service Mesh Interface specification (SMI) that facilitates integration with pre-existing solutions. Maesh is opt-in by default, which means that your existing services are unaffected until you decide to add them to the mesh.
Maesh does not use any sidecar container but handles routing through proxy endpoints running on each node. Not using sidecars means that Maesh does not modify your Kubernetes objects, and does not modify your traffic without your knowledge. Using the Maesh endpoints is all that is required.
What’s New since the Alpha?
Performance Improvements
Based on feedback, we started to rework the inner architecture of Maesh to improve performance and stability. In particular, we made the Maesh controller stateless (again) and refactored the internal architecture used to refresh the configuration. As a result Maesh reacts faster and is more resilient to changes. To make it easier to customize, plenty of options are now configurable (namespaces, the cluster domain, …).
GKE Support
Many of our early adopters tried to install Maesh (alpha) on GKE with no success. The reason was that Maesh relied on CoreDNS to opt-in into the usage of the internal mesh and that GKE doesn’t embed it.
As a result and to support GKE and distributions that do not ship with CoreDNS, we’ve added support for kube-dns.
For Maesh 1.0, we’ve tested many distributions but couldn’t test every one of them. If your favorite appears to be unsupported, please raise your voice and help us fixing that!
Support for the SMI TCPRoute
Maesh supported the SMI HTTP part from the beginning, and now supports the TCP portion as well. (Bellow is an example of an SMI TCPRoute.)
kind: TrafficTarget
apiVersion: access.smi-spec.io/v1alpha1
metadata:
name: api-service-target
namespace: default
destination:
kind: ServiceAccount
name: api-service
namespace: default
specs:
- kind: TCPRoute
name: my-tcp-route
sources:
- kind: ServiceAccount
name: my-other-service
namespace: default
---
apiVersion: specs.smi-spec.io/v1alpha1
kind: TCPRoute
metadata:
name: my-tcp-routeWhat’s Next
Once again, we are thankful for the multitude of contributors that went straight ahead and added Maesh to their development clusters. You provided us with invaluable and early feedback and made this release possible.
But it’s just the beginning! Keep telling us what you like, giving us thoughts and ideas, and keep (or start) contributing! Pull requests and Issues are the best way to support the product and make it your own.
Useful links
