You can deploy applications from a Container Service for Kubernetes (ACK) cluster to Service Mesh (ASM). This simplifies service management by using service meshes, makes services observable, and reduces the workload of development and operations and maintenance (O&M).
Background information
ASM is a fully managed service mesh platform. ASM is compatible with the open source Istio service mesh. ASM allows you to manage services in a simplified manner. For example, you can use ASM to route and split inter-service traffic, secure inter-service communication with authentication, and observe the behavior of services in meshes. ASM provides the following features for you to manage application services: traffic management, security management, fault recovery, observability and monitoring, and microservices architectures.
Architecture
The following figure shows the architecture of ASM.
ASM integrates and manages all components on the Istio control plane to simplify your use of ASM. This way, you can focus on application development and deployment. In addition, ASM is compatible with open source Istio. You can use declarative parameters to define flexible routing rules and centrally manage traffic between services in a mesh.
An ASM instance with the managed control plane supports application services from multiple Kubernetes clusters or application services that run in Elastic Container Instance-based pods.
Key features
ASM builds managed and unified service mesh capabilities for hybrid cloud, multi-cloud, and multi-cluster scenarios. ASM provides the following benefits:
Centralized management mode
ASM manages application services that run in Container Service for Kubernetes (ACK) managed clusters, ACK dedicated clusters, ACK Serverless clusters, and registered clusters in hybrid cloud and multi-cloud environments in a centralized manner. This provides unified observability and traffic management for application services.
Centralized traffic management
ASM centrally manages the traffic in hybrid cloud, multi-cloud, and multi-cluster scenarios.
Managed core components of the control plane
ASM manages core components of the Istio control plane. This helps minimize your resource overhead and O&M costs.
The following table introduces the core features of ASM. For more information, see Features.
Feature | Description | References |
Full lifecycle management of ASM instances | ASM manages all components on the Istio control plane and allows you to deploy, upgrade, and delete ASM instances with a few clicks. This simplifies the use and O&M of ASM instances. | |
Management of applications in multiple types of clusters | ASM allows you to manage applications in ACK clusters, ACK Serverless clusters, edge clusters, and registered external Kubernetes clusters. | |
Unified ingress and egress gateways | ASM provides ingress and egress gateways to control inbound and outbound traffic and implement end-to-end encryption. | |
Multiple types of traffic management | ASM provides the following features for you to manage traffic: protocol-specific traffic management, end-to-end canary release, circuit breaking, local throttling, warm-up, and traffic shifting. | |
Non-intrusive zero trust security system | ASM provides an out-of-the-box zero trust security solution. This solution can be easily configured and provides features such as identity authentication, security certificate, policy implementation, and visual analytics. | |
Extensibility for custom logic | Multiple out-of-the-box extensions are provided in the plug-in marketplace, and custom Envoy filters are supported. | |
Perfect ecosystem integration | ASM allows you to use GitOps, Knative, and KServe to support serverless and AI services. |
Related steps
For more information about how to get started with ASM, see Get started.