• Stars
    star
    140
  • Rank 261,473 (Top 6 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created almost 4 years ago
  • Updated about 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

GetMesh License

Overview

An integration, and lifecycle management CLI tool that ensures the use of supported and trusted versions of Istio. The enterprises require ability to control Istio versioning, support multiple versions of istio, ability to easily move between the versions, integration with cloud providers certification systems and centralized config management and validation.

The getmesh CLI tool supports these enterprise level requirements via:

  • enforcement of fetching certified versions of Istio and enables only compatible versions of Istio installation
  • allows seamlessly switching between multiple istioctl versions
  • includes FIPS compliant flavor
  • delivers Istio configuration validations platform based by integrating validation libraries from multiple sources
  • uses number of cloud provider certificate management systems to create Istio CA certs that are used for signing Service-Mesh managed workloads
  • also provides multiple additional integration points with cloud providers

Istio release schedule can be very aggressive for the enterprise life-cycle and change management practices - getmesh addresses this concern by testing all Istio versions against different kubernetes distributions for functional integrity. The getmesh supported versions of Istio are actively supported for security patches and other bug updates and have much longer support life than provided by upstream Istio.

Considering that some of Service-Mesh customers need to support elevated security requirements - getmesh addresses the compliance restriction by offering three flavors of Istio distribution:

  • tetrate tracks the upstream Istio and may have additional patches applied
  • tetratefips a FIPS compliant version of tetrate flavor
  • istio is upstream built Istio

The above functionality is achieved via elegant transparent approach, where the existing setup and tools are fully leveraged to provide additional functionality and enterprise desired feature sets and controls:

  • getmesh connects to the kubernetes cluster pointed to by the default kubernetes config file. If KUBECONFIG environment variable is set, then takes precedence.
  • Config validation is done against two targets: cluster current config that might include multiple Istio configuration constructs in addition getmesh validates the manifest yaml files (that are not applied yet to the cluster)
  • Creation of CA cert for Istio assumes the provider set up to issue intermediary CA cert is already done. This is optional and the default is self signed cert by Istio for workload certificates

Get Started

getmesh can be obtained by issuing the following command:

curl -sL https://istio.tetratelabs.io/getmesh/install.sh | bash

This, by default, downloads the latest version of getmesh and certified Istio. To check if the download was successful, run the version command:

getmesh version

or

getmesh version --remote=false #only the client version details

An output of the form below suggests that getmesh was installed successfully.

getmesh version: 0.6.0
active istioctl: 1.8.2-tetrate-v0

To see the list of commands available with getmesh and its supported features, run the help command:

getmesh --help

For more information on getmesh, please visit istio.tetratelabs.io.

Contributing

For developers interested in contributing to , please follow the instruction in CONTRIBUTING.md.

More Repositories

1

wazero

wazero: the zero dependency WebAssembly runtime for Go developers
Go
4,823
star
2

proxy-wasm-go-sdk

WebAssembly for Proxies (Go SDK)
Go
686
star
3

func-e

func-e (pronounced funky) makes running Envoy® easy
Go
351
star
4

istio-weekly

Demos, slides, resources and other stuff from Istio Weekly and Istio Big Talk episodes
73
star
5

envoy-wasm-rust-sdk

Rust SDK for WebAssembly-based Envoy extensions
Rust
51
star
6

istio-tools

A set of tools written by Tetrate to help wrangle Istio.
Go
47
star
7

car

Like tar, but for containers!
Go
45
star
8

istio-0to60

Istio 0 to 60 workshop labs
HTML
26
star
9

wabin

wabin: WebAssembly Binary Format in Go
Go
24
star
10

istio-security-analyzer

Go
18
star
11

cncf-istio-course

Go
17
star
12

istio-cheatsheet

Istio config cheatsheet
JavaScript
16
star
13

wasm-rate-limiting

A sample Istio WebAssembly plugin for rate limiting.
Go
15
star
14

istio-training

Materials for Istio training
15
star
15

tinymem

WebAssembly compatible memory utilities for TinyGo
Go
13
star
16

istio-workshop-zh

Istio Workshop/教程中文版
13
star
17

tetrate-service-bridge-sandbox

Deploy Tetrate Service Bridge Demo on Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE) and/or Elastic Kubernetes Service (EKS) using Terraform
HCL
12
star
18

archive-envoy

Archive of Envoy® release binaries
Shell
11
star
19

wasmxds

a Kubernetes operator implementing Extension Configuration Discovery Service for Envoy Wasm extensions
Go
11
star
20

istio-cost-analyzer

Cluster Egress Cost Analysis
Go
10
star
21

zta-demo-2022

Demo delivered at the 2022 ZTA and DevSecOps for Cloud Native Applications NIST conference
Go
9
star
22

terraform-eksblueprints-tetrate-istio-addon

HCL
7
star
23

log

Common logging infrastructure
Go
7
star
24

envoy-postgres-stats-example

PLpgSQL
6
star
25

telemetry

Telemetry interfaces for logs and metrics allowing complete decoupling of instrumentation implementations.
Go
6
star
26

tetrate-todos

Sample Spring Boot Application
Java
6
star
27

istio-distro.io

Tetrate Istio Distro project website, formerly GetIstio
SCSS
6
star
28

run

run.Group is a universal mechanism to manage package lifecycles. Based on https://github.com/oklog/run
Go
5
star
29

zipkin-es-templater

Tests for and creates when needed Elasticsearch index templates for Zipkin
Go
5
star
30

tetrate-tech-talks

HTML
4
star
31

qcon-labs

4
star
32

envoy-als

gRPC access logging service example from Envoy Fundamentals course
Go
4
star
33

envoy-smtp-filter

WebAssembly-based SMTP filter for Envoy
Rust
3
star
34

pulumi-checkmate

TypeScript
3
star
35

venafi-demo

3
star
36

telemetry-opentelemetry

OpenTelemetry backed implementation to the Tetratelabs Telemetry metrics interfaces
Go
2
star
37

wasm-json-validation-demo

Go
2
star
38

terraform-provider-checkmate

Go
2
star
39

tsb-helm-install-demos

How-to install TSB using Helm
Shell
2
star
40

istio-vault-ext-certs

Makefile
2
star
41

tsb-gitops-demo

This repository demonstrates TSB GitOps support integrated with ArgoCD, ArgoRollout, FluxCD & SkyWalking for Canary Analysis and Progressive Delivery Automation.
2
star
42

kubecon2022-eu-immersion-day

Labs for the Kubecon 2022 EU immersion day
Go
1
star
43

wazero-playground

Demo architecture for a service that embeds a golang to webassembly compiler
1
star
44

tetrate-service-express-sandbox

Deploy Tetrate Service Express Demo on Elastic Kubernetes Service (EKS) using Terraform
HCL
1
star
45

bugs-are-features

This repository is a sample buggy React application based on CRA
TypeScript
1
star
46

istio-api

Makefile
1
star
47

networking-demo

Go
1
star
48

wazero-fuzz

This has been merged into https://github.com/tetratelabs/wazero
Go
1
star
49

tsb-cheatsheet

JavaScript
1
star
50

aws-app-mesh-to-istio-example

This is an example of moving AWS demo application to Istio
Go
1
star
51

telemetry-gokit-log

Telemetry Logger implementation bridging Go Kit Log
Go
1
star
52

charts

Smarty
1
star
53

telemetry-opencensus

Telemetry Metric implementation bridging OpenCensus metrics
Go
1
star
54

helm-charts

Smarty
1
star