Microsoft has launched Azure Kubernetes Application Network (in preview), a fully managed ambient-based service mesh for AKS built on Istio's ambient mode. Unlike traditional sidecar-based meshes, it uses per-node proxies (ztunnel) so pods join the mesh without modification, reducing operational overhead. The service manages control and data planes, automates certificate management via Azure Key Vault, and supports the Kubernetes Gateway API as a migration path away from deprecated ingress-nginx. Getting started requires the Azure CLI and AppNet CLI extension. Policies can enforce traffic rules and OpenID Connect authorization at the mesh level. Current preview limitations include no support for private clusters or Windows node pools, and only availability in Azure's largest regions.
Sort: