Buoyant Announces Release of Linkerd 2.8, Delivering Simple, Light Approach to Secure Kubernetes Multi-Cluster Communication

Share Article

Linkerd 2.8 adds transparent, fully secured multi-cluster communication to Kubernetes without the complexity or overhead of existing approaches such as Istio

News Image
The 2.8 release further extends the feature set of the widely-adopted Linkerd service mesh, already unique among service meshes for its open governance model and neutral home in the Cloud Native Computing Foundation.

Today, the Linkerd community and sponsor Buoyant announced the availability of Linkerd 2.8. The latest release of the popular open source service mesh adds support for multi-cluster communication, allowing Kubernetes applications to communicate across cluster boundaries in a way that is fully secured, transparent to the application and independent of the underlying network topology.

The 2.8 release further extends the feature set of the widely-adopted Linkerd service mesh, already unique among service meshes for its open governance model and neutral home in the Cloud Native Computing Foundation. Linkerd's rapidly-growing adopter base includes organizations such as Chase Bank, EverQuote, Expedia, GoDaddy, Nordstrom and Walmart.

***Linkerd 2.8 is available today. Read more and download.***

Multi-Cluster Unlocks New Service Mesh Use Cases
Linkerd’s multi-cluster functionality unlocks a tremendous range of use cases, including hybrid cloud, high availability, cluster failover and “inverted multi-tenancy,” in which disparate teams in an organization each manage their own Kubernetes cluster. While each of these use cases comes with its own set of complexities, especially as traffic between clusters may be required to traverse the open internet, Linkerd's secure-by-default strategy simplifies the operational burden and allows Linkerd users to adopt multi-cluster strategies that were previously inaccessible.

“At Projector, we’re focused on building a great experience for our customers. That means choosing best-in-class technology partners like Linkerd to ensure our services are fast, reliable and secure,” said Jeremy Gordon, CTO of Projector, a collaborative creative platform. “Linkerd’s new multi-cluster feature promises to make it significantly easier for us to implement Kubernetes clusters in multiple geographic regions to provide customers with the speed and security they expect from modern software.”

In contrast to other service mesh projects such as Istio, which provide multi-cluster support by way of configuration-heavy layers of additional complexity on top of Kubernetes, the Linkerd “service mirroring” approach instead leverages as much existing Kubernetes functionality as possible.

“With service mirroring, Linkerd’s multi-cluster operates the same way that the rest of Linkerd does: it’s secure by default, it works out of the box, and it adds the bare minimum to Kubernetes,” said William Morgan, CEO of Buoyant and one of the creators of Linkerd. “The multi-cluster approaches we saw from projects like Istio were disappointing because of their inherent complexity. Making multi-cluster simple wasn’t just a style choice; it was a fundamental part of Linkerd’s approach to connectivity. In a zero-trust, cloud-native world, connectivity requires security, but complexity is anathema to security. If you have a complex solution, you have an insecure solution.”

The Linkerd project has long attracted adopters due to its “zero-config mTLS” feature, which automatically encrypts traffic between applications within a cluster and requires no configuration to enable or use. The new multi-cluster feature extends this functionality to communication across clusters, providing the same guarantees of confidentiality and identity that Linkerd already provided for in-cluster communication.

Datawire, maker of the most popular Kubernetes-native API gateway, Ambassador, has already integrated Linkerd 2.8. “Ambassador users can now use Linkerd to build secure, multi-cluster Kubernetes deployments directly on top of Ambassador,” said Richard Li, CEO at Datawire. “Security is a critical requirement for Ambassador users, and this new integration allows Ambassadors users not just to add mTLS-secured connectivity within and between clusters, but to use Ambassador to manage and control this traffic just as it does with ingress traffic today.”

Linkerd Community Resources
Learn more about Linkerd and the new release, and engage with the community by accessing these resources:

About Linkerd
Linkerd is an ultralight, security-first service mesh for Kubernetes. Linkerd is open source and open governance. Created in 2016, Linkerd was the first service mesh project and introduced the term "service mesh" to the industry lexicon. Linkerd is hosted by the Cloud Native Computing Foundation (CNCF). For more information, see linkerd.io.

About Buoyant
Buoyant is the sponsor of Linkerd. Buoyant was founded by William Morgan and Oliver Gould with the mission of making the fundamental tools for reliability and security of software accessible to every engineer in the world. Buoyant pioneered the service mesh category with Linkerd, and today, Buoyant software powers critical production infrastructure for leading organizations around the world. Buoyant investors include GV, Benchmark, #ANGELS, A Capital and SV Angel.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Robert Cathey
Visit website