The next generation of networking. Secure. Reliable. Universal.

Buoyant Enterprise for Linkerd delivers modern, cloud-native network security and reliability to any organization. Built on open source and powered by Rust, the language of the future.

Auditable zero trust

Buoyant Enterprise for Linkerd delivers universal zero-trust capabilities applicable to every application on your environment, without changing any code.


Transparently add encryption and bidirectional authentication to every network connection.

Automatically authenticate connections using cryptographic proof of workload identity, not easily-spoofed IP addresses.

Build human-readable, least-privilege access policies that cover workload identity, HTTP methods, gRPC routes, and more.

Go beyond firewalls and perimeter defense by building per-pod and per-instance security boundaries around every application component.

Learn more

Ultra-high availability

Buoyant Enterprise for Linkerd adds dynamic traffic management and control features designed for the realities of modern software applications.


Automatically redirect traffic to different clusters in the event of service failure, without interrupting application behavior.

Automatically send requests to the fastest available application components, reducing user-facing end-to-end latency.

Transparently retry requests sent to slow or failing endpoints on alternate endpoints, and automatically shed load to overloaded application  components.

Reduce the risk of shipping buggy code to production by “easing” new code into production and automatically falling back to old code if problems are detected.

Learn more

Network optimization and cost savings

Buoyant Enterprise for Linkerd optimizes not just latency but network spend, ensuring your dollars are spent on business priorities first.


Preserve zone locality, reduce latency, and cut unnecessary cloud spend with Buoyant Enterprise for Linkerd's High Availability Zonal Load Balancing (HAZL).

Route HTTP and gRPC traffic based on request properties with Buoyant Enterprise for Linkerd, avoiding costly ALBs.

Automate Buoyant Enterprise for Linkerd from installation to upgrades, freeing teams for more crucial tasks.

Learn more

Auditable zero trust

Buoyant Enterprise for Linkerd delivers universal zero-trust capabilities applicable to every application on your environment, without changing any code.

Secure everything, every time

Encrypt, authorize, and authenticate every network call between every application component in your enviornment.

mtls
Mutual TLS
mTLS is simply “regular TLS” with one extra stipulation: the client is also authenticated. But what does that mean and why would we want that?
Workload Identity
Workload Identity
Automatically authenticate connections using cryptographic proof of workload identity, not easily-spoofed IP addresses.
Authorization policies
Authorization policies
Build human-readable, least-privilege access policies that cover workload identity, HTTP methods, gRPC routes, and more.
Per-pod security
Granular security boundaries
Go beyond firewalls and perimeter defense by building per-pod and per-instance security boundaries around every application component.

Defense in depth, in practice

Learn how Buoyant Enterprise for Linkerd delivers zero trust networking in the real world.

Learn more

Ultra-high availability

Buoyant Enterprise for Linkerd adds dynamic traffic management and control features designed for the realities of modern software applications.

Remove single points of failure

Dynamically redistribute application traffic in response to failure at any level, from individual app instance to complete outage of datacenter or cloud provider.

Automated failover
Automated failover
Automatically redirect traffic to different clusters in the event of service failure, without interrupting application behavior.
Load Balancing
Load Balancing
Automatically send requests to the fastest available application components, reducing user-facing end-to-end latency.
Retries, timeouts, 
& circuit breaking
Retries, timeouts, 
& circuit breaking
Transparently retry requests sent to slow or failing endpoints on alternate endpoints, and automatically shed load to overloaded application  components.
Canary deploys
Canary deploys
Reduce the risk of shipping buggy code to production by “easing” new code into production and automatically falling back to old code if problems are detected.

High availability in the real world

Learn how Buoyant Enterprise for Linkerd allows you to build  mission-critical applications without the downtime.

Learn more

Network optimization and cost savings

Buoyant Enterprise for Linkerd optimizes not just latency but network spend, ensuring your dollars are spent on business priorities first.

Reduce cloud spend

Decommission expensive application load balancers, automatically reduce cross-zone network spend with intelligent load balancing, and more.

Zone aware
Zone-aware routing
Preserve zone locality, reduce latency, and cut unnecessary cloud spend with Buoyant Enterprise for Linkerd's High Availability Zonal Load Balancing (HAZL).
Universal traffic routing
Universal traffic routing
Route HTTP and gRPC traffic based on request properties with Buoyant Enterprise for Linkerd, avoiding costly ALBs.
automated lifecycle
Automated lifecycle management
Automate Buoyant Enterprise for Linkerd from installation to upgrades, freeing teams for more crucial tasks.

Cost savings made concrete

Learn how Buoyant Enterprise for Linkerd provides real-world cost reduction without sacrificing security or availability.

Learn more

Why Rust?

Rust logo

According to the Cybersecurity & Infrastructure Security Agency, an astonishing 70% of serious security bugs are memory vulnerabilities —a problem that is endemic to software written in C and C++. At Buoyant, security is central to everything we do, which is why Linkerd is the only service mesh built in Rust, a language that protects against precisely this type of vulnerability by default while being just as fast (if not faster!) than C and C++. After all, the network of the future can't be built in the language of the past.

Watch: Why the future of the cloud will be built in Rust. Oliver Gould, CTO.

We're committed to open source

Linkerd logo

We created Linkerd in 2015 and coined the term "service mesh", creating an entire industry. We’ve been investing in the open source Linkerd project and the community around it ever since and today continue to be the primary maintainers of the open source project.

Visit linkerd.io
Rust logo

We’ve been leading the charge for introducing Rust to the cloud native space. Linkerd’s innovative microproxy approach is powered by Rust, allowing us to deliver lightning-fast performance without the security vulnerabilities of languages like C++.

Visit rust-lang.org
CNCF logo

We contributed Linkerd to the Cloud Native Computing Foundation in 2016, and in 2019, Linkerd became the first service mesh project to achieve graduated status in the Cloud Native Computing Foundation, the highest level of maturity possible.

Visit cncf.io

We power mission-critical applications around the world

Sr. Software Development Engineer
Chris Voss
Chris Voss
,
Sr. Software Development Engineer
READ CASE STUDY
Read case study

We have 26+ Kubernetes clusters across several Azure regions, each with 50+ microservices and 700 to 1,000 pods ... We were able to secure traffic between 22k pods with zero-config mTLS...[and] thanks to Linkerd...we are saving valuable engineering hours, which translates into more time...to focus on feature work.

Director of Engineering
Justin Turner
Justin Turner
,
Director of Engineering
READ CASE STUDY
Read case study

Linkerd opened the door to introducing canary analysis to our CI/CD pipeline... [With] the Flagger operator, we could progressively increase traffic to new deployments while monitoring live metrics available in Linkerd. This drove our change failure rate to less than 5% while maintaining our on-demand deployments.

Head of Infrastructure at Bink
Mark Swarbrick
Mark Swarbrick
,
Head of Infrastructure at Bink
READ CASE STUDY
Read case study

We had just begun conversations with Barclays and needed to prove we could scale to meet their needs. Linkerd gave us the confidence to adopt a scalable cloud-based infrastructure knowing it would be reliable — any network instability was now handled by Linkerd.

Head of Trading Solutions at Entain
Steve Gray
Steve Gray
,
Head of Trading Solutions at Entain
READ CASE STUDY
Read case study

Because of Linkerd, we’ve been able to easily increase the platform capacity by over 10x, reduce operating costs, and better hit our availability targets—while continuing to iterate on our business differentiators.

Platform Engineer Lead at Salt Security
Eli Goldberg
Eli Goldberg
,
Platform Engineer Lead at Salt Security
READ CASE STUDY
Read case study

We started with Linkerd and it turned out to be so easy to get started that we gave up on evaluating the other two — we loved it from the get-go. Within hours of stumbling over it online, we had deployed it on our dev environment. Three more days and it was up and running on our new service running in production.

Buoyant in the news

all NEWS

Case studies

all case studies

Zero-Cost Linkerd at Adidas: Impossible Is Nothing

All our observability gaps were closed, ...we saw a reduction in failed requests, and experienced cost reduction due to better performance.

Learn more

Service Mesh at Scale: How Xbox Cloud Gaming Secures 22,000 Pods with Linkerd

We have offloaded the time and effort needed to develop and maintain the in-house mTLS solution, saving valuable engineering hours

Learn more