Linkerd, created by Buoyant, is releasing Linkerd 2.17, a new version of Linkerd that introduces several major new features to the project: egress traffic visibility and control; rate limiting; and federated services, a powerful new multicluster primitive that combines services running in multiple clusters into a single logical service. This release also updates Linkerd to support OpenTelemetry for distributed tracing.
Linkerd 2.17 is its first major release since it announced Linkerd’s sustainability in October. This is also one of the first Linkerd releases in years to introduce multiple significant features at once, the vendor said.
This updated release introduces visibility and control for egress traffic leaving the Kubernetes cluster from meshed pods. Kubernetes itself provides no mechanisms for understanding egress traffic, and only rudimentary ones for restricting it, limited to IP ranges and ports. With the 2.17 release,
Linkerd now gives users full L7 (i.e., application-layer) visibility and control of all egress traffic: users can view the source, destination, and traffic levels of all traffic leaving your cluster, including the hostnames, and, with configuration, the full HTTP paths or gRPC methods.
Linkerd’s egress functionality does not require changes from the application and only minimal configuration to get started.
For more advanced usage, egress configuration is built on Gateway API resources, allowing you to configure egress visibility and policies with the same extensible and Kubernetes-native configuration primitives used for almost every other aspect of Linkerd, including dynamic traffic routing, zero trust authorization policies, and more.
Rate limiting is a reliability mechanism that protects services from being overloaded. In contrast to Linkerd’s circuit breaking feature, which is client-side behavior designed to protect clients from failing services, rate limiting is server-side behavior: it is enforced by the service receiving the traffic and designed to protect it from misbehaving clients.
Just as with egress, Linkerd’s rate limiting feature is designed to require minimal configuration, while still being flexible and configurable to a wide variety of scenarios.
Linkerd’s rate limiting feature also provides per-client rate limit policies that allow you to ensure rate limits are distributed “fairly” across multiple clients. Combined with retries, timeouts, circuit breaking, latency-aware load balancing, and dynamic traffic routing, rate limiting extends Linkerd’s already wide arsenal of in-cluster distributed system reliability features.
Linkerd 2.17 also offers a new multicluster feature: federated services. A federated service is a logical union of the replicas of the same service across multiple clusters. Meshed clients talking to a federated service will automatically load balance across all endpoints in all clusters, taking full advantage of Linkerd’s best-in-class latency-aware load balancing.
Federated services were designed to capture a recent trend we see in multicluster Kubernetes adoption: planned large-scale multicluster Kubernetes
The edge-24.11.8 release is the corresponding edge release for Linkerd 2.17. See the Linkerd releases page for more.
Buoyant, the creators of Linkerd, has additionally released Buoyant Enterprise for Linkerd 2.17.0 and published a Linkerd 2.17 changelog with additional guidance and content.
Linkerd is a graduated project of the Cloud Native Computing Foundation. Linkerd is committed to open governance.
For more information about this news, visit https://linkerd.io.