Alauda Service Mesh v2 Docs

Alauda Service Mesh v2.1

Alauda Service Mesh v2.1 is built on the Istio project and is installed using a new Istio Operator derived from the Sail Operator (hosted in the istio-ecosystem GitHub organization). The Operator provides an expanded set of custom resource definitions (CRDs) to manage Istio components.

TOC

Alauda Service Mesh v2.1.2Supported component versionsIstio FeaturesKiali FeaturesAlauda Service Mesh v2.1.1Supported component versionsIstio FeaturesKiali FeaturesAlauda Service Mesh v2.1.0Supported component versionsIstio FeaturesKiali Features

Alauda Service Mesh v2.1.2

Supported component versions

  • Istio version: v1.26.3, v1.28.1 , v1.28.3 and v1.28.6
  • Kiali operator version: v2.22.2

Istio Features

  • Updated Istio to version 1.28.6.
  • Fixed Istio ambient mode incompatibility on FIPS-enabled clusters, allowing ambient mode to be deployed in FIPS-compliant environments.
  • Fixed multi-cluster global.remotePilotAddress rendering failure when configured with an IPv6 address, restoring IPv6 load balancer support for primary/remote deployments.
  • Fixed Common Vulnerabilities and Exposures (CVEs).

Kiali Features

  • Fixed Common Vulnerabilities and Exposures (CVEs).
  • Updated Kiali to version 2.22.
    • AI integration: AI Chatbot Widget and MCP integration delivered as a developer preview, introducing AI-assisted operations alongside community AI and Agent contribution guidelines.
    • Performance: Pre-computed health status with a configurable cache (5 minutes by default) for faster Overview and List pages; background traffic-graph refresh and caching for quicker re-renders, plus improved client-side rendering for graphs with many service nodes.
    • Authentication & SSO: Explicit OIDC configuration when .well-known/openid-configuration endpoints are restricted, OpenID Authorization Code Flow with PKCE support, and SPIRE integration in the UI.
    • TLS & certificates: Auto-rotated certificates for external service connectivity (Prometheus, tracing).
    • UI modernization: Upgraded to TypeScript 5, migrated to PatternFly 6 (including Wizard and date-picker components), and replaced the legacy message center with a modern notification center.
    • Mesh page: Improved topology visualization for environments with many control planes, refined data-plane side-panel validations, and enhanced masthead status with better multi-mesh handling.
    • Gateway API: Added support for Kubernetes Gateway API v1.4.0.
    • Tracing & observability: Added a use_waypoint_name configuration option under external_services.tracing to correct service names in Jaeger links for ambient mode.
    • Operator & deployment: Custom initContainers in the Kiali CR, Helm chart support for cluster_wide_access=false, operator sidecar usage extension, and NetworkPolicies for OLM-installed operators.
  • References

Alauda Service Mesh v2.1.1

Supported component versions

  • Istio version: v1.26.3, v1.28.1 and v1.28.3
  • Kiali operator version: v2.17.1

Istio Features

  • Updated Istio to version 1.28.3.
  • Fixed Common Vulnerabilities and Exposures (CVEs).

Kiali Features

  • Fixed Common Vulnerabilities and Exposures (CVEs).

Alauda Service Mesh v2.1.0

Supported component versions

Istio Features

  • Updated Istio to version 1.28.
    • Inference extension: Gateway inference support and InferencePool for managing AI inference endpoints.
    • Ambient multicluster: Ambient mode support for multicluster and Waypoint cross-network routing.
    • nftables support: Native nftables support extended across deployment modes.
    • Dual-stack networking: IPv4/IPv6 dual-stack support reached Beta.
    • Security enhancements: CRL support, stronger JWT options, istiod NetworkPolicy, container seccomp settings, etc.
    • Gateway API & traffic: ListenerSets, BackendTLSPolicy support, and selective wildcard host scenarios.
    • Install & ops: Persona-based installs (resourceScope) and improved deployment/rollback controls.
    • Observability improvements: Dual B3/W3C header propagation, improved consistent-hash cookie options, better tracing interop.
    • istioctl & debugging: Automatic revision detection and enhanced debugging tools for troubleshooting.
  • References

Kiali Features

  • Updated Kiali to version 2.17.
    • Inference extension: Support for Gateway API Inference Extension (for AI inference integrations).
    • Auth enhancements: Support multiple audiences in OIDC configuration.
    • Ambient capabilities: Improved Ambient workload validation, namespace UI actions, and Waypoint / cross-network scenarios.
    • Gateway API support: Upgraded/compatible Gateway API and support for clusters that only have Gateway API gateways (no Istio gateways).
    • Multiple control planes: Support for multiple Istio control planes in different namespaces on the same cluster, with discovery/CRD adjustments.
    • Mesh / UI improvements: Show Kiali in Local mode, unified config formats and consistent Istio metrics presentation.
    • Performance: Graph “Show Virtual Services” option controls extra detail appenders; optimizations for istio_detail appender.
    • Deployment / CRD: Introduced Kiali CRD schema, autodetect RootNamespace, and more deployment modes (local/external).
    • Operator improvements: Ways to verify operator permissions and greater Helm/operator flexibility (e.g., skip creating some resources).
    • Visualization & panels: Perses Dashboard support and OpenShift-specific tracing URL format.
    • Networking & security: Configurable NetworkPolicy to restrict Kiali ingress.
    • Tracing & diagnostics: Tracing tool improvements (changeable trace limits, x-request-id forwarding) and easier diagnostics export/configuration.
  • References