{"id":18424,"date":"2024-04-24T15:49:15","date_gmt":"2024-04-24T08:49:15","guid":{"rendered":"https:\/\/gcloudvn.com\/?p=18424"},"modified":"2024-04-24T15:49:15","modified_gmt":"2024-04-24T08:49:15","slug":"announcing-cloud-service-mesh-the-evolution-of-service-mesh-for-google-cloud","status":"publish","type":"post","link":"https:\/\/gcloudvn.com\/en\/kienthuc\/announcing-cloud-service-mesh-the-evolution-of-service-mesh-for-google-cloud\/","title":{"rendered":"Announcing Cloud Service Mesh - the evolution of service mesh for Google Cloud"},"content":{"rendered":"<section class=\"wpb-content-wrapper\"><div class=\"vc_row wpb_row vc_row-fluid\"><div class=\"wpb_column vc_column_container vc_col-sm-12\"><div class=\"vc_column-inner\"><div class=\"wpb_wrapper\">\n\t<div class=\"wpb_text_column wpb_content_element\" >\n\t\t<div class=\"wpb_wrapper\">\n\t\t\t<p><span style=\"font-weight: 400;\">Network operators are increasingly adopting service mesh architectures, which provide managed, observable, and secure communication between microservices, allowing them to be composed into robust enterprise applications. And as service mesh deployments scale, organizations are asking for fully managed solutions that cover a range of infrastructure and integrate with the rest of the network services, such as global load balancing, centralized health checking, managed rate limiting, traffic driven autoscaling.<\/span><\/p>\n<p><span style=\"font-weight: 400;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-18431 size-full\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2024\/04\/google-cloud-service-mesh.jpg\" alt=\"\" width=\"600\" height=\"375\" srcset=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2024\/04\/google-cloud-service-mesh.jpg 600w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2024\/04\/google-cloud-service-mesh-18x12.jpg 18w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/>H\u00f4m nay, Google r\u1ea5t vui m\u1eebng \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 Cloud Service Mesh, m\u1ed9t service mesh \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd to\u00e0n di\u1ec7n tr\u00ean t\u1ea5t c\u1ea3 c\u00e1c lo\u1ea1i n\u1ec1n t\u1ea3ng Google Cloud. Cloud Service Mesh k\u1ebft h\u1ee3p control plane c\u1ee7a Traffic Director v\u00e0 service mesh d\u1ef1a tr\u00ean Istio m\u00e3 ngu\u1ed3n m\u1edf c\u1ee7a Google, Anthos Service Mesh, th\u00e0nh m\u1ed9t s\u1ea3n ph\u1ea9m duy nh\u1ea5t, mang \u0111\u1ebfn nh\u1eefng t\u00ednh n\u0103ng t\u1ed1t nh\u1ea5t c\u1ee7a c\u1ea3 hai n\u1ec1n t\u1ea3ng.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With Cloud Service Mesh, customers get:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Traffic Director control plane with global scale<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Anthos Service Mesh compatibility<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Istio APIs (the most widely used open-source APIs for mesh in Kubernetes clusters)<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Managed data plane for automatic upgrades of Envoy sidecars<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">GKE Fleet integration<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Hosted certificate authorities for workload identity<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Service Operations dashboard for service metrics<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">GCP APIs from Traffic Director for<\/span>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"2\"><span style=\"font-weight: 400;\">Proxyless gRPC support<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"2\"><span style=\"font-weight: 400;\">VMs<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"2\"><span style=\"font-weight: 400;\">Cloud Run<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"2\"><span style=\"font-weight: 400;\">Gateway API for Service Mesh or GAMMA API<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/announcing-cloud-service-mesh-the-evolution-of-service-mesh-for-google-cloud\/#Loi_ich_cua_Cloud_Service_Mesh\" >Cloud Service Mesh benefits<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/announcing-cloud-service-mesh-the-evolution-of-service-mesh-for-google-cloud\/#Quan_ly_luu_luong\" >Traffic management<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/announcing-cloud-service-mesh-the-evolution-of-service-mesh-for-google-cloud\/#Thong_tin_chuyen_sau_ve_kha_nang_quan_sat_Observability\" >Observability insights<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/announcing-cloud-service-mesh-the-evolution-of-service-mesh-for-google-cloud\/#Loi_ich_Bao_mat\" >Security benefits<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Loi_ich_cua_Cloud_Service_Mesh\"><\/span><b>Cloud Service Mesh benefits<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">A service mesh manages all the common requirements of running a service: traffic management, observability, and security. This allows application developers and operators to focus on their business, creating and managing great applications for their users without having to invest in managing mesh infrastructure. Let\u2019s take a look at the features that Cloud Service Mesh provides.<\/span><\/p>\n<p><b><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-18430 size-full\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2024\/04\/google-cloud-service-mesh-1.jpg\" alt=\"\" width=\"600\" height=\"477\" srcset=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2024\/04\/google-cloud-service-mesh-1.jpg 600w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2024\/04\/google-cloud-service-mesh-1-15x12.jpg 15w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/b><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Quan_ly_luu_luong\"><\/span><b>Traffic management<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Cloud Service Mesh controls the flow of traffic among services in the mesh, into the mesh (ingress), and to outside services (egress), allowing you to configure and deploy resources at the application layer to manage this traffic. With Cloud Service Mesh, you can:<\/span><\/p>\n<ul>\n<li><span style=\"font-weight: 400;\">Use Google\u2019s global load balancing software to offer automatic capacity and proximity aware global load balancing<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Finely control routing for your services<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Configure load balancing among services<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Create canary and blue-green deployments<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Set up retries and circuit breakers<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Controlling how your services communicate, both in normal and failure scenarios, allows you to build much more reliable applications.<\/span><\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Thong_tin_chuyen_sau_ve_kha_nang_quan_sat_Observability\"><\/span><b>Observability insights<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Cloud Service Mesh supports telemetry, logging and tracing. With this data you can track how your service is operating and find the issues when something goes wrong.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The graphical user interface in the Google Cloud console provides insights into your service mesh through this telemetry. These metrics are automatically generated for workloads configured through the Istio APIs.<\/span><\/p>\n<ul>\n<li><span style=\"font-weight: 400;\">Service metrics and logs for HTTP traffic within your mesh's GKE cluster are automatically ingested to Google Cloud.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Preconfigured service dashboards give you the information you need to understand your services.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Telemetry chuy\u00ean s\u00e2u \u2013 \u0111\u01b0\u1ee3c h\u1ed7 tr\u1ee3 b\u1edfi Cloud Monitoring, Cloud Logging v\u00e0 Cloud Trace \u2013 cho ph\u00e9p b\u1ea1n t\u00ecm hi\u1ec3u k\u1ef9 c\u00e1c ch\u1ec9 s\u1ed1 v\u00e0 nh\u1eadt k\u00fd d\u1ecbch v\u1ee5 c\u1ee7a m\u00ecnh. B\u1ea1n c\u00f3 th\u1ec3 l\u1ecdc v\u00e0 ph\u00e2n \u0111o\u1ea1n d\u1eef li\u1ec7u c\u1ee7a m\u00ecnh tr\u00ean nhi\u1ec1u thu\u1ed9c t\u00ednh kh\u00e1c nhau.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Service-to-service relationships are visible at a glance, helping you understand the communication and dependencies between services.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">You can quickly see the communication security posture not only of your service, but its relationships to other services.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Service level objectives (SLOs) give you insight into the health of your services. You can easily define an SLO and alert on your own standards of service health.<\/span><\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Loi_ich_Bao_mat\"><\/span><b>Security benefits<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Service security is the third major component of a service mesh. Each service has its own identity, which is used by mutual TLS (mTLS) to provide strong service-to-service authentication and encryption. Cloud Service Mesh performs the following:<\/span><\/p>\n<ul>\n<li><span style=\"font-weight: 400;\">Mitigates risk of replay or impersonation attacks that use stolen credentials. Cloud Service Mesh relies on mTLS certificates to authenticate peers.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Ensures encryption in transit. Using mTLS for authentication also ensures that all TCP communications are encrypted in transit.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Ensures that only authorized clients can access a service with sensitive data, irrespective of the network location of the client and the application-level credentials.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Mitigates the risk of user data breach within your production network. You can ensure that insiders can only access sensitive data through authorized clients.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Identifies which clients accessed a service with sensitive data. Cloud Service Mesh access logging captures the mTLS identity of the client in addition to the IP address.<\/span><\/li>\n<\/ul>\n<p><b>Supporting existing service mesh customers<\/b><\/p>\n<p><span style=\"font-weight: 400;\">In the short term, we will rebrand Anthos Service Mesh and Traffic Director documentation and SKUs to Cloud Service Mesh, but beyond that, current Anthos Service Mesh and Traffic Director users will see no immediate change to their environment. Your current APIs will continue to work as is, and your mesh will continue to function. Over the coming year, we will work with Anthos Service Mesh and Traffic Director customers to ensure they can leverage all the new capabilities while converging on a common control plane with a choice of APIs.<\/span><\/p>\n\n\t\t<\/div>\n\t<\/div>\n<div class=\"templatera_shortcode\"><div class=\"vc_row wpb_row vc_row-fluid\"><div class=\"wpb_column vc_column_container vc_col-sm-12\"><div class=\"vc_column-inner\"><div class=\"wpb_wrapper\"><div class=\"vc_message_box vc_message_box-standard vc_message_box-rounded vc_color-blue\" ><div class=\"vc_message_box-icon\"><i class=\"vc-mono vc-mono-technorati\"><\/i><\/div><p><a href=\"https:\/\/gcloudvn.com\/en\/main-logo-1\/\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-664\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2021\/06\/main-logo-1.png\" alt=\"\" width=\"221\" height=\"72\" srcset=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2021\/06\/main-logo-1.png 214w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2021\/06\/main-logo-1-18x6.png 18w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2021\/06\/main-logo-1-183x60.png 183w\" sizes=\"auto, (max-width: 221px) 100vw, 221px\" \/><\/a>As a senior partner of Google in Vietnam, Gimasys has more than 10+ years of experience, consulting on implementing digital transformation for 2000+ domestic corporations. Some typical customers Jetstar, Dien Quan Media, Heineken, Jollibee, Vietnam Airline, HSC, SSI...<\/p>\n<p>Gimasys is currently a strategic partner of many major technology companies in the world such as Salesforce, Oracle Netsuite, Tableau, Mulesoft.<\/p>\n<p>Contact Gimasys - Google Cloud Premier Partner for advice on strategic solutions suitable to the specific needs of your business:<\/p>\n<ul>\n<li>Email: gcp@gimasys.com<\/li>\n<li>Hotline: 0974 417 099<\/li>\n<\/ul>\n<\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div>\n<\/section>","protected":false},"excerpt":{"rendered":"C\u00e1c nh\u00e0 khai th\u00e1c m\u1ea1ng \u0111ang d\u1ea7n chuy\u1ec3n d\u1ecbch sang s\u1eed d\u1ee5ng ki\u1ebfn tr\u00fac service mesh, cung c\u1ea5p kh\u1ea3 n\u0103ng giao ti\u1ebfp \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd, \u0111\u01b0\u1ee3c quan s\u00e1t v\u00e0 b\u1ea3o m\u1eadt gi\u1eefa c\u00e1c microservice, cho ph\u00e9p ch\u00fang k\u1ebft h\u1ee3p th\u00e0nh&hellip;","protected":false},"author":2,"featured_media":18431,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-18424","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kienthuc","entry","has-media"],"_links":{"self":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/18424","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/comments?post=18424"}],"version-history":[{"count":0,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/18424\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media\/18431"}],"wp:attachment":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media?parent=18424"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/categories?post=18424"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/tags?post=18424"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}