KubeCon+CloudNativeCon Chicago wrapped a few weeks ago, and as always this was a very exciting event for Team Linkerd!
Buoyant's team of Linkerd maintainers, technical evangelists, and more were in full swing bringing the message of simplicity and security far and wide.
At Kubecon, we announced some very exciting news: our partnership with SUSE/Rancher to build the world's fastest, lightest, and most secure edge computing platform using Linkerd.
Edge computing is an increasingly important part of the cloud native landscape. In an edge compute deployment, data is processed at the "edge" of the network close to where it is generated, without any requirement that it be shipped to a centralized server. The rapid rise of edge computing is driven in no small part by the explosive growth in connected devices, from security cameras to oil rigs to autonomous vehicles.
Kubecon attendees also saw our announcement that Linkerd 2.15 will include mesh expansion and support for SPIFFE and SPIRE. We’ve heard from many Linkerd adopters over the past 6 months who’ve let us know that these features are a priority for them, and we’ve been working hard to deliver them with all the simplicity and security that you’ve come to expect from Linkerd.
We demoed Buoyant Enterprise for Linkerd, which adds zone-aware load balancing, lifecycle automation, zero-trust security policy management, FIPS-140-2 support, SBOMs, and much more to the already great Linkerd service mesh.
As is tradition, KubeCon attendees got a chance to pick up their Chicago-themed limited edition Linky sticker, including our Rust-themed Linky + Ferris stickers catching and crushing memory safety bugs. Get it?
Linky couldn't delivering the Linkerd project update keynote, with some assistance from Buoyant CEO William Morgan.
In the service mesh world, Linkerd is known for its simplicity and low operational cost. In this maintainer talk, Linkerd creator William Morgan discusses the other side of Linkerd: its focus on enterprise use cases. He covers recent work in Linkerd to add support for connecting and securing VMs and non-Kubernetes workloads; to support multi-cluster deployments with flat networks; to adopt the Gateway API for standardized configuration and easy integration with Argo, Flagger, and other CD tools; and some exciting upcoming features for the project.
In 2018, the Linkerd project made a big, risky bet by choosing Rust — at the time, a new and unknown programming language — to implement the next generation of Linkerd proxies. Since then, the bet has paid off, with Linkerd reaping rewards in security, reliability, and performance, and by 2023, Rust has become increasingly popular in the cloud native ecosystem. It's easy to see why: Rust's compile-time memory safety prevents entire classes of CVEs, without sacrificing performance or productivity. In this talk, Linkerd maintainer Alex Leong reflects on the project’s five years of experience with Rust in Kubernetes — how the project has benefited, how things have changed, and what we’ve learnt. In addition, Alex looks at Rust adoption throughout the cloud native ecosystem, including CNCF projects like TiKV, kube-rs, OpenTelemetry and gRPC. Looking back at the last five years of Rust in Kubernetes, attendees will learn how their projects can benefit from adopting Rust, too.
Linkerd has been one of the first implementations of the GAMMA specification, allowing service mesh users to use Gateway API resources to configure east-west traffic. This is a significant departure from earlier Linkerd versions, which used the Linkerd-specific ServiceProfile resource to offer granular control over traffic routing, metrics, and reliability mechanisms like retries and timeouts. In this talk, Tech Evangelist Flynn digs into how a service mesh can approach the GAMMA specification. While he will use Linkerd as a lens to explore GAMMA in Rust- and Go-based controllers, as well as the Linkerd data plane proxy, this talk isn’t just about the code or Linkerd-specific APIs. Far more importantly, Flynn dives into how the team tackled the critical questions and design challenges of switching between two different APIs while maintaining feature parity, backward compatibility, and user experience.
Every project in our community is looking for more contributors. One way to get them is to "make your project welcoming," and to as broad an audience of potential contributors as possible. But what's "being welcoming" really, and how do you open your project to folks very different from you? This session with Buoyant Head of Marketing Catherine Paganinin, will introduce you to perspectives, methods, and ideas to increase your contributor base. We'll share perspectives from TAG Contributor Strategy's Deaf and Hard of Hearing and its Maori initiatives. It will also cover basics like contributor guides and "do and don't" tips around being welcoming. Whether project leaders, contributors, or supporting sponsors, attendees will learn ways to remove barriers to entry and enable contribution.
The Chicago style hot dog is iconic for its balance of spicy and sweet flavors and the Technical Oversight Committee of the CNCF is striking a similar balance by picking up spicy issues and working on some sweet changes to enable success in the coming year. Join some of the amazing CNCF Technical Advisory Group leaders including Buoyant Head of Marketing, Catherine Paganini to hear from technologists that volunteer their time to help the TOC and the CNCF focus on domain specific areas like Security, Runtime and Contributor Strategy to name a few.
Emissary-ingress, a CNCF Incubating project, is a self-service Kubernetes-native open-source API gateway and ingress controller built on the Envoy Proxy. In this session, Emissary-Ingress maintainer and Linkerd Tech Evangelists gives attendees an overview of why ingress controllers are necessary, how self-service developer workflows work for developers and for operations, and how Emissary-ingress can make all of this easier. We'll also look at current best practices around designing, managing, and evolving self-service APIs. We'll continue with a deeper dive into Emissary-ingress' evolution and future, notably around the Kubernetes Gateway API and the future about the emerging standard. You can also learn how to get involved as a contributor or as a user who wants to offer feedback. This is a great opportunity to interact directly with the Emissary-ingress maintainers and make sure your voice is heard!
Until next time, Kubecon! For more great Linkerd content, don't forget to sign up for our Service Mesh Academy.