With an ever steady eye to the needs of workloads and developers who create them and operators who run them, TAG Network’s mission is to enable widespread and successful development, deployment and operation of resilient and intelligent network systems in cloud native environments.

In this endeavor, we seek to:

1. Clarify and inform.
2. Collaborate and interrelate.
3. Assist and attract projects.
4. Afford impartial stewardship.

Mission Statement

CNCF TAG Network�Chairs and Technical Leads

Nic Jackson

HashiCorp

@sherifjackson

Lee Calcote

Layer5

@lcalcote

Zack Butcher

Tetrate

@zackbutcher

Zhonghu Xu

Huawei

@zhonghuxu

Co-chair

Co-chair

Co-chair

Technical Lead

KubeCon NA 2021

• Service Mesh Performance
• Submariner
• Cilium
• Meshery

KubeCon China 2021

• FabEdge
• Aeraki Mesh
• Antrea

KubeCon EU 2022

• Istio
• Merbridge

KubeCon NA 2023

• Easegress

KubeCon EU 2023

• Proposed: Slime
• Spiderpool

KubeCon EU 2024

• Proposed: Connect
• Proposed: KubeSlice

KubeCon NA 2019

• CNI
• CoreDNS
• Envoy
• gRPC
• Linkerd
• NATS
• Network Service Mesh

KubeCon EU 2020

• BFE
• CNI-Genie
• Contour
• Kuma
• Service Mesh Interface

KubeCon NA 2020

• Chaos Mesh
• Open Service Mesh

KubeCon EU 2021

• Emissary Ingress
• k8gb
• MetalLB
• Kube-OVN
• OpenELB

CNCF TAG Network Projects

CNCF TAG Network

Service Mesh Working Group

Service Mesh Patterns�Enabling use of repeatable architectural patterns

Design patterns enable the business function in simple language.

• Design patterns capture service mesh behavior in an end-user centric way.

​

Design patterns are service mesh agnostic.

• But, still allow users access service mesh-specific features and differentiation.
• User ability to filter on service mesh compatibility..

​

Design patterns are reusable.

• Not only are patterns idempotent, but you can easily copy a pattern and modify to suit.
• Imbued with best practices.
• Pattern components can be interchanged and used as building blocks, combining multiple components into a new, integrated pattern.

github.com/service-mesh-patterns

meshery.io/catalog

+

=

80

Design Patterns

Service Mesh Catalog

Discover and publish reusable resources

WASM Filters

eBPF Programs

OPA Policies

Design Patterns

​

Retry Deadline

​

Mutual TLS

SECURITY

MESHERY014

​

Circuit Breaker

TRAFFIC MGMT

MESHERY003

​

Multi-Cluster

DEPLOYMENT

MESHERY013

​

Singleton Queue

TRAFFIC MGMT

MESHERY023

​

JWT Transformer

TRAFFIC MGMT

MESHERY034

Sesion Authorizer

MESHERY019

SECURITY

​

HTTP Metrics

MESHERY028

OBSERVABILITY

​

L7 Traces

MESHERY045

​

Node Agent

DEPLOYMENT

MESHERY043

OBSERVABILITY

SECURITY

MESHERY044

RESILIENCY

​

L7 Denial

MESHERY046

SECURITY

​

Only w/Agent

​

Correlate Event

MESHERY055

​

Pre-provision

DEPLOYMENT

MESHERY056

OBSERVABILITY

SECURITY

MESHERY057

RESILIENCY

​

Single Tenant

MESHERY059

SECURITY

meshery.io/catalog

Coming Soon

Coming Soon

• - the cloud native manager.
• - supports Nighthawk, wrk2, and fortio, and as single instance load generators.

• - L7 performance characterization tool.
• - a load generator custom-built for data plane proxy testing.

Nighthawk: Distributed Performance Analysis

Distributed systems require distributed analysis

Problem:

• Many performance benchmarks are limited to single instance load generation.This limits the amount of traffic and the variety of behavioral analysis.
• Distributed load testing in parallel poses a challenge when merging results without losing the precision we need to gain insight into the high tail percentiles.

Distributed load testing offers insight into system behaviors that arguably more accurately represent real world behaviors of services under load as that load comes from any number of sources.

Nighthawk

Meshery

+

=

Design Specification, Working Group Objectives

getnighthawk.dev

Service Mesh Performance�vendor neutral service mesh performance measurement standard

Initiative:

• test, and report performance of various service mesh deployments under various configurations.

�Directly enables:

• capturing details of infrastructure capacity, service mesh configuration, and workload metadata.

​

Facilitates:

• benchmarking of service mesh performance�
• exchange of performance information from system-to-system / mesh-to-mesh�
• apples-to-apples performance comparisons of service mesh deployments.�
• a universal performance index to gauge a service mesh’s efficiency against deployments in other organizations’ environments.

smp-spec.io

smp-spec.io/dashboard

+

=

140,000 Tests

MeshMark

Cloud Native Value Measurement

• MeshMark distills a variety of overhead signals and key performance indicators into a simple index. �
• MeshMark’s purpose is to convert measurements into insights about the value of functions your cloud native infrastructure is providing. �
• MeshMark specifies a uniform way to analyze and report on the degree to which measured performance provides business value.

An open index for measuring performance of cloud native infrastructure in context of the value provided to your business.

smp-spec.io/meshmark

A Cloud Native TCO

MeshMark

Cloud Native Value Measurement

Learn more: https://smp-spec.io/meshmark

[ Utilization Class1 (MUE1 x weight) ... + (MUEn x weight)

—----------------------------------------

# of MUEs ]

… + …

[ Utilization ClassN (MUE1 x weight) ... + (MUEn x weight)

—----------------------------------------

# of MUEs ]

—---------------------------------------------------------------------

# of Utilization Classes

​

where weight in range -50% : +50%

MeshMark =

Utilization Classes group MUEs by similarity of resource being measured.

Call for Participation

• Meet on 1st and 3rd Thursday of every month at 11am Pacific.
• Read: meeting minutes.
• Connect: Slack Channel (#tag-network).
• Join: cncf-sig-network-servicemesh-wg mailer

Lee Calcote, Layer5

Nic Jackson, HashiCorp

Zack Butcher, Tetrate

Intro and Deep Dive

​

CNCF TAG Network &

CNCF Service Mesh WG