Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Solidity

Clojure

MATLAB

C#

Ruby

Julia

Python

C

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

F#

Crystal

Elixir

Ada

Python

PHP

R

JavaScript

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇿🇼 Zimbabwe

🇫🇴 Faroe Islands

🇲🇳 Mongolia

🇩🇿 Algeria

🇬🇫 French Guiana

🇲🇷 Mauritania

🇳🇺 Niue

🇸🇨 Seychelles

All Countries Compare Countries

istio-ecosystem/wasm-extensions

Stars
107
Rank 323,587 (Top 7 %)
Language
C++
License
Apache License 2.0
Created over 4 years ago
Updated 10 months ago

istio-ecosystem/wasm-extensions

istio-ecosystem

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Contains miscellaneous Wasm extensions for Istio

Istio Ecosystem Wasm Extensions

This repository contains several canonical Wasm extensions, which intend to demonstrate:

Wasm extension development patterns.
Best practice to test, build, and release a Wasm extension.

Extensions

Basic auth enforces basic auth based on request host, path, and methods. In this extension, you can find how to perform local auth decision based on headers and local reply, as well as JSON configuration string parsing and base64 decoding.
C++ scaffold provides an empty C++ extension, which can be used as a starting point to write a C++ Wasm extension.
gRPC access logging makes a logging request to a gRPC service with various kinds of request and workload attributes. In this extension, you can find how to perform asynchronous telemetry reporting, fetch various request attributes and proxy properties, use protobuf and make gRPC callout.
JWT based routing (WIP) reads JWT token information from Envoy dynamic metadata written by JWT auth filter, update host header accordingly, and trigger routing recomputation. In this extension, you can find how to read dynamic metadata, manipulate headers, and affect request routing.
Local rate limit applies a token bucket rate limit to incoming requests. Each request processed by the filter utilizes a single token, and if no tokens are available, the request is denied. In this extension you can find how to share data across all plugin VMs and deny request with local reply.
Open Policy Agent client makes HTTP callout to an Open Policy Agent (OPA) server and based on OPA server response decides whether to allow or deny an incoming request. A result cache is also included to avoid expensive callout on every request. In this extension, you can find how to perform HTTP callout, and asynchronously continue or stop an incoming request based on the response of HTTP call. You will also find how to record stats, which can be scraped in the same way as Istio standard metrics.
Zig scaffold provides an empty Zig extension, which can be used as a starting point to write a Zig Wasm extension.

Development Guides

Write a Wasm Extension with C++

Integration Test

Write integration test with Istio proxy for Wasm extension

Tips & Tricks

Wasm development tips and tricks

admiral

Admiral provides automatic configuration generation, syncing and service discovery for multicluster Istio service mesh

authservice

Move OIDC token acquisition out of your app code and into the Istio mesh

dns-discovery

Record DNS lookups and convert them into service registry entries

istio-coredns-plugin

DEPRECATED. CoreDNS gRPC plugin to serve DNS records out of Istio ServiceEntries

sail-operator

The Sail Operator is able to install and manage the lifecycle of the Istio control plane in an Kubernetes & OpenShift cluster.

consul-mcp

Consul-mcp watches for changes in consul catalog and provides services to Istio pilot via MCP protocol

multi-mesh-examples

Examples for multi mesh

coddiwomple

Coddiwomple: a Multi-Cluster-Config Generator

README

A catalog of all projects in the Istio Ecosystem GH org

hsm-sds-server

This repo follows the SDS extension standard of Envoy and implements an external SDS server via more secure solution which is known as Hardware Security Module(HSM). By using this repo, User can maintain the credentials for workloads managed by Istio/Envoy in more secure scenario via external SDS server Besides supporting management for new credentials, it also allows user to upload existing credentials and manages them in higher security level This external SDS server can be used for both gateways and workload sidecars to provide their credential information.

wharf-multicluster-sync

wharf-multicluster-sync: User friendly Multicluster Istio configuration

classic-operator-controller

emcee

User friendly Multi-mesh Istio configuration

istioctl-proxy-sample

sd-for-vm-telemetry

This repo contains an experimental feature to support VM telemetry with file-based service discovery of Prometheus.

admiral-sharding-manager

Admiral sharding manager

synergasia

A collaborative effort to design and implement a multi-gateway control protocol for Istio

admiral-api

admiral-state-syncer

Admiral state syncer

security-policy-migrate

A tool to convert the Istio v1alpha1 authentication policy to the v1beta1 version.