Azure Arc enabled Open Service Mesh is now Generally Available!
The Azure Arc team is happy to announce the GA of Azure Arc enabled Open Service Mesh. This is an extension for Arc enabled Kubernetes clusters. Open Service Mesh (OSM) is lightweight and extensible. It can be configured with Service Mesh Interface APIs and works by injecting Envoy proxy as a sidecar to each application instance. This service mesh provides some of the core features like:
- mTLS traffic encryption between microservices
- Traffic splitting for canary and blue/green deployments
- Fine grained access control policies for microservices communicating over HTTP, TCP, and gRPC
- Observability for application performance
- Traffic control for ingress with various tools such as Contour
- Progressive delivery with Flagger
OSM was released as a managed add-on for Azure Kubernetes service in Nov 2021 and now with this release, we bring parity for Azure Arc customers. Arc enabled OSM is an Arc extension that provides just the same functionality as offered by the OSM add-on for AKS. The installation is highly simplified and can be done through Azure Portal, Az k8s CLI or REST APIs of Cluster Extensions. These utilize the Arc cluster extension APIs for installation and upgrades.
Onboarding through Azure Portal takes a single click. You can navigate to the Open Service Mesh blade under Settings for an Arc enabled Kubernetes cluster and click on 'Install extension'.
Open Service Mesh blade under Settings
Once the extension is installed and you have access to cluster resources using Cluster Connect feature, you can onboard namespaces from the portal itself by clicking on +Add from the OSM blade. Ensure that any existing workloads in these namespaces are restarted since the Envoy sidecar only gets injected at the time of pod creation.
Click on +Add on Open Service Mesh blade to onboard namespaces
You can also view or change the configuration of Open Service Mesh by clicking on 'Edit configuration' on the Open Service Mesh blade.
At-scale deployment of OSM on multiple Kubernetes clusters can also be enabled using an ARM template or via a built-in Azure Policy. Read the documentation on Azure Arc enabled Open Service Mesh to explore other ways to install, customize and onboard namespaces. Once the service mesh is set up, you can apply SMI traffic policies for security and management through CLI. Another great way to onboard namespaces and apply the traffic policies to an Arc cluster is through manifest files in a Git repository. You can use GitOps with Flux v2 to maintain your cluster remotely.
What next?
This GA comes with a stable version of Open Service Mesh. It is not only very simple to install, but also very easy to maintain because of auto-upgrades. We have a bunch of exciting new functionality to add to this Arc extension over the next 6 months, including items like:
- Circuit breaking
- mTLS encryption across microservices belonging to different clusters
- Retries for failed communication between microservices
- Advanced troubleshooting
- Integration with Azure Key Vault for secret storage
- Support for UDP services
- Integration with OPA Gatekeeper
- Automated root cert rotation and
- Improved observability
To learn more about Open Service Mesh project, go to OSM documentation. Visit the documentation for managed OSM on AKS and Arc extension of Open Service Mesh based on your scenario.
Watch out for MS Build and Hybrid Digital event registrations to learn more!
Published on:
Learn moreRelated posts
Azure Queue Storage vs Azure Service Bus for Integrating Dynamics 365 Business Central with External Systems – Part1
When developing cloud-native integrations for Dynamics 365 Business Central (BC), especially in SaaS environments, choosing the right messagin...
Important Update: Server Name Indication (SNI) Now Mandatory for Azure DevOps Services
Earlier this year, we announced an upgrade to our network infrastructure and the new IP addresses you need to allow list in your firewall R...
Azure Function | Publish | ‘attempt to publish the ZIP file failed’ error
While publishing a C# Azure Function from Visual Studio, I encountered the following error: The attempt to publish the ZIP file through XXXXX ...
Azure SDK Release (March 2025)
Azure SDK releases every month. In this post, you find this month's highlights and release notes. The post Azure SDK Release (March 2025) appe...
MWC 2025 Azure Foundry
New Overlapping Secrets on Azure DevOps OAuth
As you may have read, Azure DevOps OAuth apps are due for deprecation in 2026. All developers are encouraged to migrate their applications to ...
Azure Cosmos DB Conf 2025: Learn, Build, and Connect with the Community
Join us for the 5th annual Azure Cosmos DB Conf, a free virtual developer event co-hosted by Microsoft and the Azure Cosmos DB community. This...