Tencent Cloud Mesh

Tencent Cloud Mesh is cloud-native platform for the management and control of application communication networks. It is fully compatible with Istio, integrates with Tencent Cloud infrastructure, and provides fully managed service-oriented support capabilities for mesh lifecycle management. It offers out-of-the-box IaaS networking and monitoring components, which enable consistent discovery, management, and acceleration of cloud-native migration across clusters and heterogeneous applications.

Benefits
High Reliability
High Reliability

Tencent Cloud Mesh provides industry-leading service-oriented mesh support capabilities to flexibly meet the operations controllability and availability of the mesh control plane and guarantee mesh lifecycle management. It supports canary upgrades and provides consistent Istio CRD forwarding management capabilities across clusters, to reduce operations and use costs.

Optimized Performance
Optimized Performance

Long-term in-depth optimization is made on the user state and kernel state to provide high-performance data-plane Envoy versions and support the eBPF traffic-hijacking forwarding mode, thereby reducing CPU overhead by 15% to 20% and P99 latency by 20% to 40%.

Enhanced Capability
Enhanced Capability

Tencent Cloud Mesh offers enhanced data plane Ops and Ingress Gateway capabilities. It supports various management features (such as sidecar status monitoring and hot upgrade), SSL/certificate, and Ingress API. Moreover, it enhances mesh telemetry data computing and output to optimize the resource utilization.

Centralized Management
Centralized Management

Tencent Cloud Mesh can dynamically discover services added to and removed from K8s clusters and support VM load registration to manage multi-cluster heterogeneous applications. It manages dashboard mesh resources, components, and configurations in a unified manner. In addition, its telemetry data aggregation display service enables distributed application traffic scheduling, perception, and analysis.

Service Integration
Service Integration

Tencent Cloud Mesh is seamlessly connected to IaaS services such as VPC, CCN, and CLB, to easily implement cross-cluster/VPC/region networking and traffic access. It is integrated with Cloud Monitor, Prometheus, Cloud Log Service, and other products to provide out-of-the-box observation capabilities.

Perfect Ecosystem
Perfect Ecosystem

Tencent Cloud Mesh is fully compatible with native Istio & Envoy APIs and keeps pace with community version updates. Tencent's internal Service Mesh open-source collaborative support platform collaboratively outputs internal co-construction capabilities to contribute to customers and communities.

Scenarios

Based on north-south and east-west traffic control capabilities of Tencent Cloud Mesh, without the need for awareness of service transformation, you can easily control online and offline publishing at the service and API levels, version definition/canary release, characteristic routing, and load balancing policies, and improve the efficiency and controllability of publishing updates.

Release Publishing

Non-intrusive acquisition of metric, trace, and access log telemetry data for application communication supports construction of multi-level observation capabilities. The capabilities cover real-time monitoring of the application communication performance, full-link call and tracing and link analysis, downstream analysis of traffic access and backtracking of proxy forwarding and access behaviors, and quantification of the application communication performance and quality.

Multi-Level Observation

Tencent Cloud Mesh improves the availability of the application communication and application architecture, uses mechanisms such as retry, timeout, connection pool management, health check, and rate limiting to control and ensure communication fault tolerance between applications. In a distributed application deployment architecture in an intra-city active-active or two-city three-center scenario, through region/fault-aware scheduling capabilities, automatic failover and controllable distributed multi-cluster traffic scheduling are realized, and three-level (that is, DNS, Ingress, and Service) disaster recovery management is flexibly realized.

Distributed High-Available Architecture

With a service-based authentication and authorization mechanism, in a containerized dynamic IP scenario, controllable service authentication and access control management is realized. Tencent Cloud Mesh supports JWT request-based authentication, automatic mTLS for zero trust networking, and access permission restriction based on identities and traffic characteristics.

Secure Isolation
Pricing

Tencent Cloud Mesh is a pay-as-you-go service. For detailed pricing, visit https://www.tencentcloud.com/document/product/1152/47435.