Skip to content

luismoramedina/gomezh

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
docker
docker
 
 
egress
egress
 
 
ingress
ingress
 
 
jwt
jwt
 
 
samples
samples
 
 
sidecar
sidecar
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.adoc
README.adoc
 
 
build-publish.sh
build-publish.sh
 
 
build.sh
build.sh
 
 
main.go
main.go
 
 

Repository files navigation

GoMezh

Sidecar sample app for kubernetes

Using . opentracing to keep data between ingress and egress traffic https://github.com/opentracing/opentracing-go . iptables to filter traffic

Docker (install and run)

Note
 docker, docker-compose, mvn and golang needed

Build images:

./build.sh

Local run with docker:

docker-compose -f samples/docker-compose.yml up --remove-orphans

Install on minishift

#login as admin
oc project $MY_PROJECT
oc adm policy add-scc-to-user anyuid -z default
oc adm policy add-scc-to-user privileged -z default
oc patch scc/privileged --patch {\"allowedCapabilities\":[\"NET_ADMIN\"]}
# login as normal user
oc project $MY_PROJECT

# remove all items in project
oc delete all --all

oc create -f samples/books/books-gomezh.yml
oc create -f samples/stars/stars-gomezh.yml

Local testing

curl -i http://0:8081/books -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjIyMjEwMzk1NTIsImlzcyI6InRlc3QiLCJzdWIiOiJib2IifQ.OHuf7wL_XFk---LsGqC8HwJyHRiogcQIM2g3fEUdLjr8CjkZccrw20Ybq8FvD8Zw0wrzxEii8gbEnfjcAbFYUtwzQPGTHRgpvEZGCNJcuUrhkq3A5bLCArg2NANS-lZgFfEEGHY8TQB951MvVLvhu7z1q5C-eRLAZ-U10TwiGCguLL5W-SQhgHiPr6n6aVrOqWGE7h0lELQnjc2Eq7iZuULkRRMjJNE3H0F5qfxpmMj_mW3sGvq6UQTf1W3lEGA0ercTdguQy9e5JRa0DdkpwOhF8zlF29D0HP3N5EKV7W1MpChrqYuromTPrYjvetOCNVz3Nk_VeHH8qTW-hvHxQQ"
curl -i -X POST http://0:8081/books -H "Content-type: application/json" -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjIyMjEwMzk1NTIsImlzcyI6InRlc3QiLCJzdWIiOiJib2IifQ.OHuf7wL_XFk---LsGqC8HwJyHRiogcQIM2g3fEUdLjr8CjkZccrw20Ybq8FvD8Zw0wrzxEii8gbEnfjcAbFYUtwzQPGTHRgpvEZGCNJcuUrhkq3A5bLCArg2NANS-lZgFfEEGHY8TQB951MvVLvhu7z1q5C-eRLAZ-U10TwiGCguLL5W-SQhgHiPr6n6aVrOqWGE7h0lELQnjc2Eq7iZuULkRRMjJNE3H0F5qfxpmMj_mW3sGvq6UQTf1W3lEGA0ercTdguQy9e5JRa0DdkpwOhF8zlF29D0HP3N5EKV7W1MpChrqYuromTPrYjvetOCNVz3Nk_VeHH8qTW-hvHxQQ" -d "{\"id\":2100,\"title\":\"1984\",\"year\":\"1949\",\"author\":\"George Orwell\",\"stars\":5}"
Note
 this is a JWT that is valid for the default (hardcoded) public key eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjIyMjEwMzk1NTIsImlzcyI6InRlc3QiLCJzdWIiOiJib2IifQ.OHuf7wL_XFk---LsGqC8HwJyHRiogcQIM2g3fEUdLjr8CjkZccrw20Ybq8FvD8Zw0wrzxEii8gbEnfjcAbFYUtwzQPGTHRgpvEZGCNJcuUrhkq3A5bLCArg2NANS-lZgFfEEGHY8TQB951MvVLvhu7z1q5C-eRLAZ-U10TwiGCguLL5W-SQhgHiPr6n6aVrOqWGE7h0lELQnjc2Eq7iZuULkRRMjJNE3H0F5qfxpmMj_mW3sGvq6UQTf1W3lEGA0ercTdguQy9e5JRa0DdkpwOhF8zlF29D0HP3N5EKV7W1MpChrqYuromTPrYjvetOCNVz3Nk_VeHH8qTW-hvHxQQ

Features

  • ✓ http support

  • ✓ transparent filter traffic with iptables

  • ✓ tracing with opentracing: propagates context through services (http headers)

  • ✓ jwt security validation and propagation

  • ✓ plain security context generation and propagation

  • ✓ prints request time

  • ❏ stores stats

About

A tiny service mesh developed in golang

Topics

docker kubernetes golang openshift service-mesh sidecar

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages