OSM runs an Envoy based control plane on Kubernetes, can be configured with SMI APIs, and works by injecting an Envoy proxy as a sidecar container next to each instance of your application. The proxy contains and executes rules around access control policies, implements routing configuration, and captures metrics. The control plane continually configures proxies to ensure policies and routing rules are up to date and ensures proxies are healthy.
- Simple to understand and contribute to
- Effortless to install, maintain, and operate
- Painless to troubleshoot
- Easy to configure via Service Mesh Interface (SMI)
- Easily and transparently configure traffic shifting for deployments
- Secure service to service communication by enabling mTLS
- Define and execute fine grained access control policies for services
- Observability and insights into application metrics for debugging and monitoring services
- Integrate with external certificate management services/solutions with a pluggable interface
- Onboard applications onto the mesh by enabling automatic sidecar injection of Envoy proxy
OSM is under active development and is NOT ready for production workloads.
OSM is an open source project that is not covered by the Microsoft Azure support policy. Please search open issues here, and if your issue isn’t already represented please open a new one. The OSM project maintainers will respond to the best of their abilities.
SMI Specification Support
|Specification Component||Supported Release||Comments|
|Traffic Access Control||v1alpha3|
|Traffic Metrics||v1alpha1||🚧 In Progress #379 🚧|
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.