AWS App Mesh
Managed service mesh that simplifies monitoring and controlling inter-service communication in microservices
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Kernel-native, sidecar-less service mesh with eBPF performance
Kmesh delivers high-performance, low-overhead service-mesh data plane using eBPF and programmable kernel, providing traffic management, zero-trust security, and monitoring without sidecars or code changes.
Kmesh is a kernel-native service mesh data plane that leverages eBPF to intercept and forward traffic directly in the Linux kernel. By eliminating the sidecar proxy, it adds negligible latency and consumes far fewer CPU and memory resources, making it ideal for latency‑sensitive microservices.
The platform offers L4 load balancing, simple L7 routing, mutual TLS, and policy enforcement through both eBPF programs and optional Waypoint components. It speaks standard xDS APIs and supports the Gateway API, allowing seamless integration with existing control planes. Operators can start with kernel‑level L4 security and incrementally enable full L7 governance via the dual‑engine mode, facilitating a smooth migration path.
Designed for Kubernetes clusters on Linux kernels with eBPF support, Kmesh targets teams that need high throughput, minimal resource footprints, and transparent security without modifying application code.
When teams consider Kmesh, these hosted platforms usually appear on the same shortlist.
Managed service mesh that simplifies monitoring and controlling inter-service communication in microservices
Fully managed service mesh on Google Cloud for traffic management and observability
Enterprise service mesh management platform extending Istio across multi-cloud environments
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
High-frequency trading platform
Achieves sub-millisecond request latency while enforcing mutual TLS without sidecars.
Edge microservices in resource-constrained nodes
Reduces CPU and memory usage, allowing higher pod density.
Gradual mesh adoption in existing Kubernetes cluster
Starts with L4 security via eBPF, then adds L7 policies via waypoint.
Zero-trust service communication in regulated industry
Provides kernel-level encryption and policy enforcement meeting compliance requirements.
No, Kmesh operates in the kernel using eBPF, so no sidecar containers are deployed.
Kmesh works on Kubernetes clusters running on Linux kernels that support eBPF (typically 4.14+).
Kmesh enables mutual TLS by default, with encryption performed in the eBPF data path and optional waypoint enforcement.
Kmesh subscribes to standard xDS APIs, allowing it to receive configuration from compatible control planes.
Kmesh exposes observability data through Prometheus metrics and integrates with standard service-mesh dashboards.
Project at a glance
ActiveLast synced 4 days ago