This topic describes the release notes for Service Mesh (ASM) features that were released before 2023, and provides links to the relevant references.
December 2022
Feature | Description | Region | Supported Istio version | Edition | References |
Adaptive xDS optimization | The adaptive xDS optimization feature is added to automatically generate sidecars that contain service configurations. The feature analyzes the call dependencies among services in an ASM instance based on access logs. This is more efficient compared with the mechanism in which the control plane pushes all service configurations to sidecars on the data plane. | All regions | 1.15 and later | Enterprise and Ultimate | Use adaptive xDS optimization to improve the configuration push efficiency of the control plane |
Custom authorization service | The custom authorization service can be configured by using an ingress gateway in a few steps. This enhanced the security capabilities of ingress gateways. | All regions | 1.15 and later | Enterprise and Ultimate | |
Enhanced observability with SLOs | Service level objectives (SLOs) can be configured for applications in ASM. After you configure SLOs for an application in ASM, a Prometheus rule is automatically generated. You can import the generated Prometheus rule to the Prometheus system for the SLOs to take effect. | All regions | 1.15 and later | Enterprise and Ultimate | |
OPA version update | The version of Open Policy Agent (OPA) is updated to 0.46.1, and more features are supported. | All regions | 1.15 and later | All |
November 2022
Feature | Description | Region | Supported Istio version | Edition | References |
Support for Istio 1.15.x versions | Open source Istio 1.15 series and Kubernetes 1.21 to 1.25 versions are supported. | All regions | 1.15 | All | None |
Enhanced security capabilities of ingress gateways | A whitelist or blacklist can be configured for an ingress gateway to accept or reject requests from a specific IP address, HTTP domain, or port. | All regions | 1.15 and later | Enterprise and Ultimate | |
Inbound traffic interception by using the TPROXY mode |
| All regions | 1.15 and later | Enterprise and Ultimate | Preserve the source IP address of a client when the client accesses services in ASM |
Advanced features of Managed Service for OpenTelemetry | Advanced features of Managed Service for OpenTelemetry are supported. You can specify a sampling percentage and set tags for applications. | All regions | 1.15 and later | Enterprise and Ultimate | None |
Generation of SLOs based on Prometheus monitoring | SLOs and alert rules can be generated based on the monitoring metrics. | All regions | 1.15 and later | Enterprise and Ultimate | |
Configuration of TLS versions for the ingress gateway | Transport Layer Security (TLS) of versions earlier than V1.2 can be disabled to enhance the security of the ingress gateway. | All regions | 1.14 and later | Enterprise and Ultimate | Configure TLS versions on an ingress gateway to enhance security |
October 2022
Feature | Description | Region | Supported Istio version | Edition | References |
CNI plug-in |
| All regions | 1.14 and later | Enterprise and Ultimate | |
Selective service discovery | The selective service discovery feature is supported. You can use this feature to ensure that the Service Mesh control plane discovers and processes only applications in the data-plane namespaces that you specify. This way, the control plane pushes configurations to the data plane in a more efficient manner. | All regions | 1.14 and later | All | Use service discovery selectors to improve the efficiency of pushing ASM configurations |
Topology-powered observability | The mesh topology feature of ASM is enhanced. You can use this feature to view the topology and monitor the traffic flow in your ASM instance. This way, you can understand the structure and health status of your Service Mesh instance. | All regions | 1.14 and later | All | |
ASM security policies |
| All regions | 1.14 and later | Enterprise and Ultimate | |
Observability of throttling metrics | Throttling metrics are collected and displayed. After you configure local throttling for an ASM instance, you can view the collected throttling metrics. | All regions | 1.14 and later | Enterprise and Ultimate | |
Trial run of security policies | ASM administrators can conduct trial runs for security policies to ensure that the effect of the security policies meets expectations. | All regions | 1.14 and later | All | |
Management of applications in ACK edge clusters | Management of applications in Container Service for Kubernetes (ACK) edge clusters that are added to Service Mesh instances is supported. | All regions | 1.14 and later | Enterprise and Ultimate | |
Support for the flow management feature in lane mode | The isolation of traffic flow from the ingress gateway to different services is supported. This facilitates the release of multiple services and the parallel development of multiple versions of a service. | All regions | 1.14 and later | Enterprise and Ultimate |
September 2022
Feature | Description | Region | Supported Istio version | Edition | References |
Competence Center | The Competence Center page is added to the ASM console. The page provides an overview of the features that you can integrate with ASM. | All regions | All | All | Ecosystem integration |
Instance warm-up | New instances have time to warm up before processing requests that are distributed based on the specified load balancing policy. This prevents new instances from being knocked down by a large number of simultaneous requests when the instances are starting. | All regions | 1.14 and later | Enterprise and Ultimate | |
Trial run of security policies | ASM administrators can conduct trial runs for security policies to ensure that the effect of the security policies meets expectations. | All regions | 1.14 and later | All | |
Latency-related parameters available in access logs | You can edit the access log format to add latency-related parameters that provide reference for latency analysis. | All regions | All | All | None |
Easier sidecar proxy configuration |
| All regions | All | All | Sidecar proxy management |
Support for multiple JWT algorithms | ASM administrators can choose among different JWT algorithms for request authentication. | All regions | 1.13 and later | All | |
OIDC-based SSO | SSO to applications in ASM is supported. You can authorize an OIDC application that is added to an Alibaba Cloud Identity as a Service (IDaaS) instance by using the external authorization service of ASM, and use the authorized OIDC identity provider to get access to all the applications in ASM. Alibaba Cloud IDaaS and user-created identity authentication services are supported. | All regions | 1.13 and later | All |
August 2022
Feature | Description | Region | Supported Istio version | Edition | References |
Support for Istio 1.14.x versions |
| All regions | 1.14 | All | |
Intra-zone Provider First | The Intra-zone Provider First (also called intra-zone routing) feature is added. You can use this feature without the need to modify the application code. This feature makes traffic flow in the same zone to reduce service latency. | All regions | 1.13 and later | Enterprise and Ultimate | |
Enhanced Ingress gateway features and optimized user interface (UI) |
| All regions | 1.13 and later | Enterprise and Ultimate |
July 2022
Feature | Description | Region | Supported Istio version | Edition | References |
New region | ASM is available in the Philippines (Manila) region. | Philippines (Manila) | 1.13 and later | Standard, Enterprise, and Ultimate | |
Support for Istio 1.13.x versions | The component version is updated. | All regions | 1.13 | Standard, Enterprise, and Ultimate | None |
Canary release of the Istio control plane | A smoother update method is provided in addition to the in-place update for the Istio control plane. Canary release ensures the availability of the control plane during the update process and supports quick rollback. Note This feature is in canary release. | All regions | 1.13 and later | Enterprise and Ultimate | |
Integration with Alibaba Cloud IDaaS to support external authorization and SSO | External authorization and SSO are supported. Service Mesh uses the external authorization capability to allow access requests authenticated by using the OIDC protocol. | All regions | 1.13 and later | Standard, Enterprise, and Ultimate | |
Management of Istio resources by using software development kits (SDKs) | SDKs for Golang and Java are supported to manage Istio resources. | All regions | All | Standard, Enterprise, and Ultimate |
June 2022
Feature | Description | Region | References |
Support for Istio 1.13.4 | Istio 1.13.4 is supported. This feature is in canary release. | All regions | None |
Integration with systems such as ArgoCD, Argo Rollouts, Apsara DevOps, and Flagger | Systems such as ArgoCD, Argo Rollouts, , Apsara DevOps, and Flagger are integrated with ASM to implement blue-green or canary release of application services based on traffic management. | All regions | |
Knative components and traffic-based auto scaling | The installation and deployment of Knative components and traffic-based auto scaling are supported. This allows you to install and use Knative components without the need to maintain Istio. | All regions | |
Support for AI services based on KServe | AI services based on KServe is supported. This feature allows you to implement blue-green or canary release of model services and control traffic distribution among different versions of the services. KServe allows you to deploy serverless inference workloads that support auto scaling, and supports high scalability and concurrency-based intelligent routing. | All regions | |
Integration with ALB by using Ingress gateways | Integration with Application Load Balancer (ALB) by using Ingress gateways is supported. This feature allows you to use ALB and ASM together. | All regions | |
Enhanced observability | Mesh Topology, Prometheus monitoring, log center, and log dashboard features can be enabled for an ASM instance with a few clicks. These features are in the Enabled state after they are enabled. If a status error occurs, you are prompted with an error message. This improves the observability and user experience of ASM. | All regions | None |
More traffic management features provided |
| All regions | |
Synchronization of namespaces and tags from ACK clusters to global namespaces | Namespaces and tags can be synchronized from ACK clusters to global namespaces. This implements two-way synchronization of namespaces between ASM and ACK clusters. | All regions | None |
May 2022
Feature | Description | Region | References |
Terraform for managing ASM instances | Terraform is supported to create and update ASM instances and grant permissions to RAM users. | All regions | |
Support for Istio 1.12.4 | The service management module is added to help you manage services and configure policies in an efficient manner. Mesh Topology can be used to observe applications in ASM instances. This feature provides a GUI that allows you to monitor service behavior. | All regions | |
Istio CNI plug-in | The CNI plug-in is supported to configure pod traffic redirection in the network setup phase of the pod lifecycle. If the CNI plug-in is enabled, pods no longer need to include an init container that requires the NET_ADMIN capability. This improves the security for ASM. | All regions | |
Configuration of a sidecar proxy by adding resource annotations | Configuration of a sidecar proxy by adding resource annotations is supported. You can modify the configurations of a sidecar proxy at the global, namespace, and workload levels. This allows you to implement more flexible and fine-grained management of sidecar proxies. | All regions | |
Enhanced mesh diagnosis capabilities | ASM instances can be diagnosed based on more items. This helps you identify more types of exceptions and locate the exceptions in an efficient manner. | All regions | |
Enhanced observability | A unified dashboard is provided to view monitoring logs, Prometheus monitoring is enhanced, and the mesh topology is optimized. | All regions |
April 2022
Feature | Description | Region | References |
Commercial release | Commercial editions of ASM are released on April 1, 2022. The commercial editions are Enterprise Edition and Ultimate Edition. | All regions | |
Envoy filter marketplace | Envoy filter templates are provided. You can bind Envoy filter templates to workloads to implement custom Envoy filter extensions. | All regions | |
Association or disassociation of an EIP with or from the API server | A public endpoint for the API server can be generated after an elastic IP address (EIP) is associated with the internal-facing Classic Load Balancer (CLB) instance configured for the API server. You can disassociate the EIP from the API server and associate a new EIP with the API server. | All regions | None |
Multiple enhanced capabilities of ingress gateways | Capabilities of ingress gateways are enhanced. Ingress gateways support graceful shutdown of CLB connections, IPv6 addresses, certificate management, and multiple O&M and management capabilities. For example, you can retain the CLB instance of an ASM instance after the ASM instance is deleted, obtain the source IP address of a client that accesses an ingress gateway, and use CLB instances with different specifications to expose an ingress gateway. | All regions | |
Multiple enhanced security capabilities |
| All regions | |
Enhanced O&M capabilities | O&M capabilities are enhanced. The ASM console can detect the alert rules that you configure for the CLB instance for exposing Istio Pilot. You can navigate to the monitoring page of the CLB instance for exposing Istio Pilot from the ASM console. | All regions | None |
March 2022
Feature | Description | Region | References |
OPA injection scope control | The injection scope of OPA can be controlled by using the opa-istio-injection label of a namespace. This decouples OPA from the automatic injection policy of Istio-proxy, and allows you to control the effective scope of OPA. | All regions | |
Domain name and certificate management | cert-manager can be used to issue certificates for ingress gateways. This way, you can use the ingress gateways to access services over HTTPS. This ensures data transmission security. | All regions | |
Updated Envoy filter marketplace | Envoy filter templates can be bound to workloads to implement custom Envoy filter extensions. The following built-in templates are provided. You can also customize Envoy filter templates.
| All regions | None |
February 2022
Feature | Description | Region | References |
Support for Istio 1.12.x versions and Kubernetes 1.22 | Open source Istio 1.12 series and Kubernetes 1.22 are supported. | All regions | None |
Envoy filter template | A plug-in center is added to the ASM console, in which Envoy filters can be managed. In addition, Envoy filters can be created by using Envoy filter templates. | All regions | |
Local throttling | The local throttling feature is supported in ASM to throttle the traffic of gateways and services so as to protect the system. | All regions |
January 2022
Feature | Description | Region | References |
ASM gateway update |
| All regions | None |
Enhanced ASM Professional Edition features |
| All regions | None |
Spring Cloud services | Spring Cloud services can be managed by using ASM. | All regions | |
New region | ASM is available in the China (Guangzhou), China (Hohhot), China (Heyuan) regions. | China (Guangzhou), China (Hohhot), China (Heyuan) | None |
Support for Istio 1.11.5 | Istio 1.11.5 is supported. | All regions | None |
December 2021
Feature | Description | Region | References |
Flexible external authorization | External authorization services can be declared in meshes, and external authorization can be flexibly customized by using authorization policies. | All regions | |
Sidecar resources automatically recommended based on access log analysis | Sidecar resources can be automatically recommended based on access log analysis. This way, the sidecars of workloads focus only on the services that have dependency relationships with the workloads. | All regions | Use the sidecars that are automatically recommended based on access log analysis |
Global and namespace-level sidecar proxies | Global and namespace-level sidecar proxies can be configured in ASM. | All regions | |
Custom metrics | Custom metrics are supported in ASM. You can customize metrics for a specific ASM instance, namespace, or workload. | All regions | |
Dashboards for scenarios such as gateway monitoring and global mesh status monitoring | Dashboards can be added to monitor items such as gateways or global mesh status. On the details page of a mesh, choose in the left-side navigation pane. Then, you can add the dashboards on the Prometheus Monitoring page. Note Only Istio 1.10 and later support this feature. | All regions | None |
Support for Istio 1.10.5 | Istio 1.10.5 is supported. | All regions | None |
November 2021
Feature | Description | Region | References |
Multi-Buffer for TLS acceleration | Intel Multi-Buffer can be used to optimize the performance of TLS encryption and decryption. This way, encrypted communication between services can be accelerated. | All regions | |
Selective service discovery | Mesh administrators are allowed to modify global mesh configurations to optimize service discovery. This way, the control plane needs to only discover and process the services in a specific namespace. | All regions | Use service discovery selectors to improve the efficiency of pushing ASM configurations |
Improved gateway updates | In the ASM console, the versions of ASM gateways can be viewed and ASM gateways can be manually updated on the gateway update page. This improves gateway stability during updates. | All regions | None |
Detailed gateway and data plane logs | The log center feature is integrated into the observability management page of the ASM console. This allows you to view detailed gateway and data plane logs. | All regions | None |
Check item for Envoy filters that are not provided by ASM on the control plane | A check item is provided by the mesh diagnostics feature. This check item allows you to check whether the control plane contains Envoy filters that are not provided by ASM. | All regions | None |
October 2021
Feature | Description | Region | References |
Rollback of Istio resources to previous versions | When you update fields in the | All regions | |
Support for the Kubernetes API of clusters on the data plane to access Istio resources | The Kubernetes API of clusters on the data plane is allowed to access ASM-managed Istio resources. You can use the kubeconfig file to install, update, and uninstall Helm packages, such as Istio resources. | All regions | Use the Kubernetes API of clusters on the data plane to access Istio resources |
Cross-region failover and load balancing | The cross-region traffic distribution feature is supported to implement cross-region load balancing by routing traffic to multiple clusters based on their weights. The cross-region failover feature is also supported to implement cross-region disaster recovery by transferring traffic from a faulty region to another region. | All regions | Implement cross-region disaster recovery and load balancing by using multiple clusters |
Control-plane log collection and alerting | The control-plane log collection and alerting features are supported. For example, if the control plane pushes configurations to the sidecar proxies on the data plane, you can query the logs of the ASM instance for information about the operation. | All regions | |
Prometheus monitoring | ASM is integrated with Managed Service for Prometheus to allow you to view the statistics of data-plane services and workloads in the ASM console. | All regions | None |
Optimized ASM gateways |
| All regions | None |
Optimized access log collection feature | The access log collection feature is optimized. You can create new projects and use existing projects. | All regions | None |
September 2021
Feature | Description | Region | References |
asmctl command line tool available for use | The asmctl diagnostics tool is provided to detect configuration problems in ASM. | All regions | |
OPA policy | OPA policies can be configured in the ASM console. | All regions | |
RBAC permissions | RAM users are allowed to grant each other RBAC permissions. | All regions | None |
Custom access logs | The access logging feature can be configured and customized. ASM allows you to enable or disable the feature and customize the content of access logs on the data plane. | All regions | |
Cross-origin resource sharing (CORS) | CORS is supported. You can set the | All regions | |
GUI for destination rules and gateways | Destination rules and gateways can be created by using a GUI. | All regions | None |
August 2021
Feature | Description | Region | References |
Zero-trust security capabilities | Multiple zero-trust security capabilities are supported, such as peer authentication, request authentication, Istio authorization policies, and OPA-based fine-grained permission control. You can use these capabilities to strengthen the security of applications. | All regions | None |
Optimized ASM gateways | ASM gateways are optimized in the following ways:
| All regions | |
Optimized ASM console | The ASM console is optimized. For example, security policies and virtual services can be created by using a GUI, custom resources can be created by using YAML templates, and the page for configuring automatic sidecar proxy injection is optimized. | All regions | |
Optimized ASM observability |
| All regions |
July 2021
Feature | Description | Region | References |
Connection to one or more Consul service registries | ASM can be connected to one or more Consul service registries. | All regions | |
Dynamic update of OPA policies | The authorization mechanism of Service Mesh is improved to support the dynamic update of OPA policies. | All regions |
June 2021
Feature | Description | Region | References |
Governance of applications deployed on edge Kubernetes clusters in ASM instances | Edge Kubernetes clusters that are provided by ACK can be added to Service Mesh instances. This allows you to manage ASM instances in edge computing scenarios that are powered by 5G networks. After this feature update, ASM provides unified governance for services that are deployed on all types of cloud-native heterogeneous computing infrastructure. | All regions | None |
Five check items added to the mesh diagnostics feature of ASM | The following five check items are added to the mesh diagnostics feature of ASM:
| All regions |
May 2021
Feature | Description | Region | References |
Canary releases based on routing rules | Canary releases can be implemented based on routing rules. Scope configurations are extended CRDs. ASM Professional Edition instances allow you to use scope configurations to implement canary releases for pods by using virtual services or Envoy filters. You can use a scope configuration to configure a canary release in one of the following modes:
You can use scope configurations to control the risks that are brought by changes in routing rules. You can also use scope configurations and Microservices Engine (MSE) to implement canary releases. | All regions | This feature is discontinued. |
April 2021
Feature | Description | Region | References |
Delegate capabilities to configure virtual services in an ASM instance | Delegates are introduced to manage routing rules in a finer-grained manner. This reduces risks brought by changes in routing rules. | All regions | Use delegates to configure virtual services in an ASM instance |
Gzip-based data compression | Gzip-based data compression is supported. After you enable data compression for the ingress gateway service of an ASM instance, the server compresses the response content for HTTP requests. This reduces response time and your traffic usage. | All regions | Enable data compression for the ingress gateway service of an ASM instance |
WebAssembly (Wasm)-based Service Mesh instance extension | Wasm allows you to extend the data plane of an ASM instance with new features. Wasm-based Service Mesh instance extension can be enabled in the ASM console. | All regions | Use ORAS to simplify the Wasm-based Service Mesh instance extension |
March 2021
Feature | Description | Region | References |
DNS proxy feature | The DNS proxy feature is supported. ASM uses Kubernetes services and defined service entries to configure hostname-to-IP-address mappings for all services that an application may access. When a Service Mesh instance with the DNS proxy feature enabled receives DNS queries from applications, the specified sidecar proxy transparently intercepts the queries and resolves the DNS information in these queries. The DNS proxy feature improves the performance and availability of Service Mesh instances. You can enable or disable the feature in the ASM console or by using Alibaba Cloud CLI. | All regions | |
Modification of kernel parameters | The kernel parameters of ingress gateway services can be modified. This improves the flexibility in optimizing the performance of ingress gateway services. | All regions | |
Read-only configurations | By default, the read-only mode is enabled for the configurations of the API servers and CLB instances that are created in Service Mesh. This prevents accidental operations, such as modification and deletion, on API servers or CLB instances, and improves the availability of Service Mesh. | All regions | None |
Unified settings of automatic sidecar proxy injection | The automatic sidecar proxy injection settings for the namespaces of the control plane can be automatically unified with those for the namespaces of the data plane. This improves the usability of namespaces. If you add a Kubernetes cluster to an ASM instance, the automatic sidecar proxy injection settings for the namespace of the ASM instance are automatically unified with those for the namespace of the Kubernetes cluster. You can also manually unify the settings of automatic sidecar proxy injection in the ASM console. | All regions | None |
February 2021
Feature | Description | Region | References |
Availability in 12 regions, Istio 1.8.3, ACK Serverless clusters, and applications in Elastic Container Instance pods that run on the Kubernetes clusters that are deployed on elastic container instances |
| All regions | |
Custom ingress gateways and better lifecycle management of ingress gateways |
| All regions | Create and manage an ingress gateway by using the Kubernetes API |
Connection to multiple service registries |
| All regions | |
Simplified Wasm-based ASM instance extension | OCI Registry as Storage (ORAS) is supported. You can use ORAS to simplify Wasm-based ASM instance extension. | All regions | Use ORAS to simplify the Wasm-based Service Mesh instance extension |
January 2021
Feature | Description | Region | References |
New region | ASM is available in the China (Chengdu) region on the China site (aliyun.com) and the US (Virginia) region on the international site (alibabacloud.com). | All regions | None |
Access log collection, Managed Service for Prometheus, and Mesh Topology | Access log collection, Managed Service for Prometheus, and Mesh Topology can be enabled with a few clicks. This improves the observability of ASM. | All regions | |
HTTP/1.0 | HTTP/1.0 is supported. By default, Envoy requires that upstream services use HTTP/1.1 or HTTP/2.0. In this version, ASM allows you to enable HTTP/1.0 in just a few simple steps so that you can ensure compatibility with legacy systems that use HTTP/1.0. | All regions | None |
Improved definition of ingress gateways and optimized configuration and version updates |
| All regions | None |
November 2020
Feature | Description | Region | References |
Istio 1.7.5 and availability on the international site (alibabacloud.com) | Istio 1.7.5 is supported. ASM is available on the international site (alibabacloud.com). | All regions | None |
Istio CNI plug-in | The Istio CNI plug-in is supported for ASM instances whose Istio version is 1.7 or later. The Istio CNI plug-in replaces the istio-init container and does not require you to enable elevated privileges. This improves security. | All regions | Due to conflicts with other CNI plug-ins, this feature is phased out and needs to be re-evaluated. |
Mesh Topology | Mesh Topology is supported. This feature provides a GUI that allows you to observe the status of Service Mesh instances. | All regions | None |
Hot update of data planes (Beta) | Hot updates of data planes are supported. You can update the data plane of an ASM instance without interrupting services or affecting applications. | All regions | None |
October 2020
Feature | Description | Region | References |
Multiple methods of enabling automatic sidecar proxy injection | The following methods are supported for enabling automatic sidecar proxy injection: Note The Istio version of ASM instances must be 1.6.8.19 or later.
| All regions | |
Support for Kubernetes 1.18 | Kubernetes 1.18 is supported on the data planes of ASM instances. This feature is applicable to all supported versions of Kubernetes clusters. Note The Istio version of ASM instances must be 1.6.8.19 or later. | All regions | None |
September 2020
Feature | Description | Region | References |
Support for Istio 1.6.8 | Istio 1.6.8 is supported. In addition to dedicated Kubernetes clusters, managed Kubernetes clusters, registered external clusters, elastic container instances, and Elastic Compute Service (ECS) instances, ASM also supports ACK Serverless clusters and ACK clusters that are deployed on elastic container instances. | All regions | None |
Enhanced Telemetry V2 Mixerless | Telemetry V2 Mixerless is enhanced to collect telemetry data without the need to use Mixer. ASM automatically adjusts the traffic to the workloads based on the collected telemetry data. | All regions | |
Mesh diagnostics | Mesh diagnostics is supported. You can diagnose ASM instances based on the following items: the versions of data planes, service ports, applications in ASM instances, labels of applications and versions, destination addresses, and virtual service conflicts. This helps you use and manage your Service Mesh instances. | All regions |
August 2020
Feature | Description | Region | References |
Cluster domain | A cluster domain can be specified when you create an ASM instance. The default cluster domain is cluster.local. Only Kubernetes clusters that share the same cluster domain can be added to the ASM instance. | All regions | None |
ACK Serverless clusters on elastic container instances | ACK Serverless clusters that are deployed on elastic container instances are supported. You can use Service Mesh to throttle traffic for the workloads of elastic container instances in a centralized manner. | All regions | None |
July 2020
Feature | Description | Region | References |
Service Mesh available for commercial use | Service Mesh is available for commercial use. Service Mesh is a fully managed platform for service meshes and is compatible with the open source Istio service mesh. Service Mesh allows you to manage services in a simplified manner and helps reduce your development and O&M costs. For example, you can use ASM to route and split inter-service traffic, secure inter-service communication based on authentication, and observe the behavior of services in meshes. ASM builds managed and unified service mesh capabilities in core scenarios, such as hybrid cloud, multi-cloud, multi-cluster, and non-containerized application migration. Service Mesh provides you with the following benefits:
| China (Beijing), China (Hangzhou), China (Zhangjiakou), China (Shanghai), China (Shenzhen), Indonesia (Jakarta), and Germany (Frankfurt) | None |
Tracing data export from ASM to user-created systems | Tracing data can be exported. After you enable tracing for an ASM instance, you can export the tracing data to Managed Service for OpenTelemetry or a user-created system that is compatible with Zipkin. | All regions | |
Registered external clusters | Registered external clusters are supported. You can use Service Mesh to manage applications in external Kubernetes clusters that are registered in the ACK console. | All regions | Manage applications in a registered Kubernetes cluster by using ASM |