laoshanxi/app-mesh

GitHub: laoshanxi/app-mesh

一个基于 C++ 的高性能、多租户微服务应用管理平台,提供远程进程管理、任务调度和安全访问控制能力。

Stars: 211 | Forks: 28

[![language.badge]][language.url] [![standard.badge]][standard.url] [![unittest.badge]][unittest.url] [![docker.badge]][docker.url] [![cockpit.badge]][cockpit.url] [![文档状态](https://readthedocs.org/projects/app-mesh/badge/?version=latest)](https://app-mesh.readthedocs.io/en/latest/?badge=latest) [![加入聊天 https://gitter.im/app-mesh/community](https://badges.gitter.im/app-mesh/community.svg)](https://gitter.im/app-mesh/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) Coverity Scan 构建状态 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/laoshanxi/app-mesh/badge)](https://api.securityscorecards.dev/projects/github.com/laoshanxi/app-mesh) [![release.badge]][release.url] [![pypi.badge]][pypi.url] [![npm.badge]][npm.url] [![cargo.badge]][cargo.url] # 高级应用管理平台 **App Mesh** 是一个安全平台,用于将用户定义的进程行为作为托管服务执行和管理,通过 CLI 和 RESTful API 提供控制和集成功能。 App Mesh = systemd + 调度器 + 远程执行 + API ## 1. 应用管理 以类似于 systemd 服务或 Docker 管理进程的方式管理用户定义的进程,同时提供更高级的控制、安全和集成能力。 ``` # 列出已注册应用程序 $ appc ls ID NAME OWNER STATUS HEALTH PID USER MEMORY %CPU RETURN AGE DURATION STARTS COMMAND 1 pyexec mesh disabled - - - - - - 37s - 0 "python3 ../../bin/py_exec.py" 2 ping mesh enabled OK 747 root 5.9 MiB 0 - 37s 37s 1 "ping cloudflare.com" 3 pytask mesh enabled OK 748 root 29.7 MiB 0 - 37s 37s 1 "python3 ../../bin/py_task.py" # 添加 app $ appc add -a myapp -c "ping www.baidu.com" # 查看 app $ appc ls -a myapp -o PING www.baidu.com (183.2.172.17) 56(84) bytes of data. 64 bytes from 183.2.172.17 (183.2.172.17): icmp_seq=1 ttl=52 time=34.9 ms 64 bytes from 183.2.172.17 (183.2.172.17): icmp_seq=2 ttl=52 time=35.1 ms 64 bytes from 183.2.172.17 (183.2.172.17): icmp_seq=3 ttl=52 time=35.3 ms # appc -h 了解更多用法 ``` 不仅支持长期运行的服务,还支持计划和策略驱动的执行,以及远程控制和执行状态跟踪。 ## 2. 向运行中的应用发送任务 通过 SDK 向运行中的应用发送任务或数据并接收响应,从而与其进行交互。 ``` from appmesh import AppMeshClient client = AppMeshClient() client.login("USER-NAME", "USER-PWD") result_from_server = "0" for i in range(10): task_data = f"print({result_from_server} + {i}, end='')" result_from_server = client.run_task(app_name="pytask", data=task_data) print(result_from_server) ``` ## 🚀 功能特性 功能 | 描述 ---|--- 应用管理 | 🧩 支持完全远程控制的应用增删改查 (CURD) – 包括 cgroup、OS 用户、环境变量、Docker、标准输入 (stdin) 和标准输出 – 以及全面的监控(启动次数、退出码、错误消息、健康检查)。
🧩 细粒度行为控制与调度 – 支持长期和短期任务、周期性作业、cron 调度、自定义时间安排以及稳健的错误处理。
🧩 多租户 – 内置用户所有权模型和访问控制。
🧩 统一访问接口 – 通过 [CLI](https://app-mesh.readthedocs.io/en/latest/CLI.html)、[REST](https://app-mesh.readthedocs.io/en/latest/Development.html#rest-apis)、[SDK](https://github.com/laoshanxi/app-mesh/tree/main/src/sdk) 或 [WebGUI](https://github.com/laoshanxi/app-mesh-ui) 进行交互。
计算 | 🚀 [高性能内存计算](https://app-mesh.readthedocs.io/en/latest/RemoteTask.html)
▶️ [远程执行](https://app-mesh.readthedocs.io/en/latest/success/remote_run_cli_and_python.html) 安全 | 🔐 认证:[OAuth](src/sdk/python/test/test_oauth2.py)、[2FA](https://app-mesh.readthedocs.io/en/latest/MFA.html)、基于 YAML 的存储(本地或用于集群的 Consul)
🔐 授权:[JWT](https://app-mesh.readthedocs.io/en/latest/JWT.html)、[RBAC](https://app-mesh.readthedocs.io/en/latest/USER_ROLE.html)、多租户隔离
🔐 防护:用于 `TCP`/`HTTP`/`WebSocket` 的 SSL/TLS、CSRF tokens、基于 PSK 的 HMAC 无 token 验证 云原生 | 🌩️ [Prometheus Exporter (内置)](https://app-mesh.readthedocs.io/en/latest/PROMETHEUS.html)
🌩️ [Grafana SimpleJson 数据源](https://app-mesh.readthedocs.io/en/latest/GrafanaDataSource.html)
🌩️ [Grafana Loki](https://app-mesh.readthedocs.io/en/latest/Loki.html)
🌩️ [Dockerfile](https://github.com/laoshanxi/app-mesh/blob/main/Dockerfile)
🧱 [Consul 微服务集群管理](https://app-mesh.readthedocs.io/en/latest/CONSUL.html) 额外功能 | 收集主机/应用资源使用情况
远程 Shell 命令执行
文件上传/下载 API
热更新支持 `systemctl reload appmesh`
Bash 补全
请求转发
🌐[Web GUI](https://github.com/laoshanxi/app-mesh-ui) 生态系统 | LLM:[模型上下文协议 (MCP)](src/sdk/mcp)
IoT:[MQTT](src/sdk/mqtt) 平台支持 | X86, ARM SDK | [C++](https://github.com/laoshanxi/app-mesh/blob/main/src/sdk/cpp), [Rust](https://github.com/laoshanxi/app-mesh/blob/main/src/sdk/rust), [Python](https://app-mesh.readthedocs.io/en/latest/api/appmesh.html#module-appmesh.client_http), [Golang](https://github.com/laoshanxi/app-mesh/blob/main/src/sdk/go/client_http.go), [JavaScript](https://www.npmjs.com/package/appmesh), [Java](https://github.com/laoshanxi/app-mesh/packages/2227502), [Swagger OpenAPI 规范](https://petstore.swagger.io/?url=https://raw.githubusercontent.com/laoshanxi/app-mesh/main/src/daemon/rest/openapi.yaml) ## 📦 安装 请参阅 [安装文档](https://app-mesh.readthedocs.io/en/latest/Install.html),内容包括: - Docker Compose 设置 - 原生安装 - 集群初始化
## 📚 文档 - [阅读文档](https://app-mesh.readthedocs.io/) - [REST API](https://app-mesh.readthedocs.io/en/latest/Development.html#rest-apis) - [命令行](https://app-mesh.readthedocs.io/en/latest/CLI.html) - [安全性](https://app-mesh.readthedocs.io/en/latest/Security.html) ## 🆚 对比 ### 单机模式 | 功能 | App Mesh | [Supervisor](http://supervisord.org/) | [crontab](https://crontab.guru/) | | ------------------------ | -------- | ------------------------------------- | -------------------------------- | | 精度 | 秒 | 秒 | 分钟 | | 语言 | C++11 | Python | C | | Web GUI | √ | √ | | 命令行 | √ | √ | √ | | SDK | √ | | | Cron 调度表达式 | √ | | √ | | 管理 Docker 应用 | √ | | | 会话登录 | √ | | | 管理 stdout/stderr | √ | √ | | 健康检查 | √ | | | 认证 | √ | √ | | 多租户 | √ | | √ | ### 思维导图 ![mind-diagram](https://static.pigsec.cn/wp-content/uploads/repos/2026/03/64c1e85410001725.png) ## 💡 成功案例 - [内存远程任务执行](https://app-mesh.readthedocs.io/en/latest/RemoteTask.html) - [使用 Grafana/Prometheus/Loki 构建强大的监控系统](https://app-mesh.readthedocs.io/en/latest/success/build_powerful_monitor_system_with_Grafana_Prometheus_Loki.html) - [自定义应用启动行为](https://app-mesh.readthedocs.io/en/latest/success/customize_app_startup_behavior.html) - [Open service broker 支持 Kubernetes 本地 PV](https://app-mesh.readthedocs.io/en/latest/success/open_service_broker_support_local_pv_for_K8S.html) - [将原生应用升级为微服务应用](https://app-mesh.readthedocs.io/en/latest/success/promote_native_app_to_microservice_app.html) - [安全的 REST 文件服务器](https://app-mesh.readthedocs.io/en/latest/success/secure_REST_file_server.html) - [独立的 JWT 服务器](https://app-mesh.readthedocs.io/en/latest/success/standalone_JWT_server.html) - [Kubernetes 运行非容器应用](https://app-mesh.readthedocs.io/en/latest/success/kubernetes_run_native_application.html) - [远程执行](https://app-mesh.readthedocs.io/en/latest/success/remote_run_cli_and_python.html) - [Python 并行运行](https://app-mesh.readthedocs.io/en/latest/success/python_parallel_run.html) - [安全的 Consul 集群](https://app-mesh.readthedocs.io/en/latest/success/secure_consul_cluster.html) - [带 REST 和 UI 的 JWT 服务](https://github.com/laoshanxi/app-mesh/blob/main/script/docker-compose-auth-service.yaml) ## 🔗 库依赖 - [MessagePack](https://github.com/msgpack/msgpack-c) - [boostorg/boost](https://github.com/boostorg/boost) - [ACE_TAO/ACE](https://github.com/DOCGroup/ACE_TAO) - [Thalhammer/jwt-cpp](https://github.com/Thalhammer/jwt-cpp) - [nlohmann/json](https://json.nlohmann.me) - [yaml-cpp](https://github.com/jbeder/yaml-cpp) - [nfpm](https://github.com/goreleaser/nfpm) - [jupp0r/prometheus-cpp](https://github.com/jupp0r/prometheus-cpp) - [zemasoft/wildcards](https://github.com/zemasoft/wildcards) - [mariusbancila/croncpp](https://github.com/mariusbancila/croncpp) - [spdlog](https://github.com/gabime/spdlog) - [Crypto++](https://www.cryptopp.com) - [concurrentqueue](https://github.com/cameron314/concurrentqueue) - [libwebsockets](https://libwebsockets.org/) - [uWebSockets](https://github.com/uNetworking/uWebSockets)
标签:C++, DevOps工具, DNS解析, Docker容器, GNU通用公共许可证, JS文件枚举, Node.js, PE 加载器, Python, RESTful API, Rust, Systemd替代, 任务调度, 可视化界面, 安全测试工具, 应用管理, 开源项目, 微服务平台, 微服务架构, 提示词优化, 攻击面发现, 数据可视化, 数据擦除, 无后门, 日志审计, 服务网格, 网络流量审计, 自定义请求头, 计算平台, 请求拦截, 远程执行, 远程监控, 逆向工具, 高性能计算