As Azure Kubernetes Service (AKS) continues to experience tremendous growth, so does the need to provide solutions to keep customer workloads secure in an easy fashion. Today, we’re pleased to announce the general availability (GA) of the Open Service Mesh (OSM) integration with AKS. OSM is a lightweight and extensible cloud native service mesh that provides a simple approach for users to uniformly manage and secure their highly dynamic microservices environments. The general availability of OSM will begin first in the East US and West US regions, with other regions to be rolled out by the end of December this year.
A simplified managed service mesh experience
OSM focuses on simplicity in providing the core requirements of a service mesh, without over burdening operators. This balance of functionality and ease of use are the core principles that drive the OSM project. Utilizing the Envoy proxy data plane to build upon, OSM will provide the following core features out-of-the-box:
- Automated service-to-service mTLS traffic encryption
- Fine grain access control policies between applications communicating over HTTP, TCP, and gRPC
- Traffic split for canary and blue/green deployments
- Observability of traffic patterns and metrics
- Detailed traffic control for both ingress and egress traffic
OSM is now available as a managed integration with AKS. Getting OSM is as simple as enabling the AKS add-on feature to experience a simplified installation, scaling, and upgrade experience. OSM allows for a managed experience with the operator in mind, so you can focus on the more critical tasks of operating a service mesh, such as focusing on the access policies needed for your environment.
Community driven approach
OSM is an open-source community project that is governed as part of the Cloud Native Computing Foundation (CNCF), the same foundation that governs the Kubernetes and Envoy Proxy projects. Working closely with the community, the OSM project maintainers can prioritize features that the community deems important to the functionality of the project. Some examples of community feature requests are Contour ingress, Flagger progressive delivery, and Open Policy Agent (OPA) external authorization, with many more integrations and functionality to come. The OSM project values the community as a strong participant voice in the direction of the project.
More to come with OSM
We’re truly excited about today’s announcement. Providing a managed service mesh solution with AKS continues to demonstrate our commitment to making Kubernetes easier. With that, we are even more excited about the future roadmap of activities we’re working on with the community. Multi-cluster operations, Windows workload support, and simplified PKI integrations, along with others, are on the horizon for features you’ll soon see with this project.
To learn more about the OSM project and to get started with the OSM AKS add-on, please visit the Azure AKS documentation for OSM as well as the OSM project site for more documentation and links to the open-source GitHub repo.