CloudDevelopersNewsOpen Source

Linkerd 2.8 Adds Fully Secured Multi-Cluster Communication To Kubernetes

Kubernetes, Ship
0

The Linkerd community and sponsor Buoyant have announced the availability of the latest release of the popular open source service mesh. Linkerd 2.8 adds support for multi-cluster communication, thus allowing Kubernetes applications to communicate across cluster boundaries in a way that is fully secured, transparent to the application and independent of the underlying network topology.

The latest release is said to further extend the feature set of the widely-adopted Linkerd service mesh, already unique among service meshes for its open governance model and neutral home in the Cloud Native Computing Foundation.

Linkerd’s multi-cluster functionality unlocks a tremendous range of use cases, including hybrid cloud, high availability, cluster failover and “inverted multi-tenancy,” in which disparate teams in an organization each manage their own Kubernetes cluster.

This multi-cluster feature is designed to help meet some critical goals:

  • Providing a unified trust domain: The identity of source and destination workloads must be validated at every step, both in and across cluster boundaries.
  • Separating failure domains: A cluster outage should still allow the remaining clusters to function.
  • Supporting heterogeneous networks: Since clusters can span clouds, VPCs, on-premises data centers, and combinations thereof, Linkerd should not introduce any L3/L4 requirements other than gateway connectivity.
  • Providing a unified model with in-cluster communication: The same observability, reliability, and security features that Linkerd provides for in-cluster communication should extend to this new cross-cluster communication.

In contrast to other service mesh projects such as Istio, which provide multi-cluster support by way of configuration-heavy layers of additional complexity on top of Kubernetes, the Linkerd “service mirroring” approach is said to instead leverage as much existing Kubernetes functionality as possible.

Datawire, maker of the popular Kubernetes-native API gateway, Ambassador, has already integrated Linkerd 2.8.

WP Twitter Auto Publish Powered By : XYZScripts.com