Embedded Service Mesh for Go. No Sidecars. No Control Plane.
Automatic mTLS, built-in service discovery, and round-robin load balancing as a Go library. Nodes generate certificates on startup, sync topology gossip-style, and route requests — zero infrastructure required.
Get Startedimport "github.com/zoobz-io/aegis"
// Create a node with services
node, _ := aegis.NewNode(
aegis.WithAddress("localhost:9090"),
aegis.WithServices(aegis.ServiceInfo{
Name: "identity", Version: "v1",
}),
)
// mTLS certificates generated automatically
node.Start(ctx)
// Connect to peers — topology syncs gossip-style
peer := aegis.NewPeerManager(node)
peer.Connect(ctx, "peer-1:9090", "peer-2:9090")
// Discover and call services — load balanced
pool := aegis.NewServiceClientPool(node)
conn, _ := pool.Get("identity", "v1")
// Know who's calling on every request
caller := aegis.CallerFromContext(ctx)
fmt.Println(caller.NodeID, caller.Services)Why Aegis?
Service mesh capabilities as a library — no infrastructure to deploy or manage.
Automatic mTLS
Certificates generated on first run, stored and reloaded on subsequent starts. Zero PKI configuration for development.
Gossip-Style Discovery
Topology syncs via version-based merging across peers. No external service registry — nodes discover providers automatically.
Caller Identity on Every Request
CallerFromContext() extracts calling node identity from mTLS certificates. Enable allowlists, RBAC, and caller-specific logic.
Round-Robin Load Balancing
ServiceClientPool distributes calls across all providers atomically. Connection pooling with automatic rebalancing.
gRPC Foundation
Protocol Buffers for typed contracts with built-in streaming, deadlines, and interceptors. mTLS integrated into gRPC credentials.
Location-Transparent Routing
Consumers don't know specific addresses. Topology handles routing — services move between nodes without client changes.
Capabilities
Secure service-to-service communication with automatic certificate management and discovery.
| Feature | Description | Link |
|---|---|---|
| Certificate Management | Auto-generated CA and node certificates. File, environment, or Vault sources for production deployment. | Certificates |
| Service Declaration | Declare services at node creation. Topology queries answer which nodes provide a given service and version. | Services |
| Topology Sync | Version-based merging provides eventual consistency. Nodes exchange full topology — highest version wins. | Concepts |
| Health Checking | Interface-based health checker for custom logic. Extensible health status reporting across the mesh. | Architecture |
| Testing Utilities | Test node creation, shared CA patterns for integration tests, and topology sync verification helpers. | Testing |
| Troubleshooting | Certificate errors, connection issues, and service discovery problems with debugging guidance. | Troubleshooting |
Articles
Browse the full aegis documentation.