Alibaba Cloud Service Mesh (ASM) is the first fully-managed and Istio-compatible service mesh platform in the industry. It centrally manages the traffic of service applications that run on various computing infrastructures, including Alibaba Cloud Container Service for Kubernetes (ACK) managed and dedicated clusters, Alibaba Cloud Serverless Kubernetes (ASK) clusters, Elastic Compute Service (ECS), and Elastic Container Instance (ECI). ASM is compatible with the open-source Istio Service Mesh of the Istio community. It simplifies service management, including traffic routing and splitting for service calls, authentication security for inter-service communication, and mesh observability, all of which greatly reduces the development and O&M workload. This is the first edition in the ASM Public Preview Series and it explains what ASM is, and gives a brief overview of its architecture and features. Find below the links to other articles in this series:
In ASM, all components on the Istio control plane are managed to reduce the usage complexity, so that users only focus on application development and deployment. In addition, ASM is compatible with the Istio community, supports the declarative definition of routing rules, and centrally manages traffic between services in the service mesh.
An ASM instance with the managed control plane supports application services from multiple Kubernetes clusters or application services that run on ECI pods. In addition, it also supports the integration of some non-Kubernetes services (such as services that run on VMs or bare metal hosts) into the same service mesh.
The following figure shows the ASM product architecture.
ASM builds the managed and unified service mesh capabilities in core scenarios, such as hybrid cloud, multi-cloud, multi-cluster, and non-container application migration. It provides Alibaba Cloud users with the following benefits:
- Consistent Management Mode: ASM uses a consistent mode to manage application services that run on ACK managed and dedicated Kubernetes clusters, serverless Kubernetes clusters, and access clusters in hybrid cloud and multi-cloud. This provides unified observability and throttling.
- Centralized Traffic Management: ASM centrally manages traffic in a container or VM hybrid environment.
- Managed Core Components of the Control Plane: Managed core components of the control plane helps to minimize users’ resource overhead and O&M costs.
- Data Plane with Extendable Plug-in: Data plane capabilities, such as monitoring, tracing, and throttling, are integrated by using the Envoy plug-in. In addition, WebAssembly technology is used to facilitate data plane extension.