.svg){kind=small}
Dec 17, 2024
KubeCon + CloudNativeCon North America 2024 wrapped up a few weeks ago, and what an incredible week it was for the Linkerd community! From deep technical talks and exciting collaborations to impactful community initiatives, this year’s event truly showcased the power of simplicity and innovation. If you couldn’t join us in person or just want to relive the highlights, we’ve got you covered—here’s a full recap and session recordings.
One of the best parts of KubeCon is the opportunity to meet face-to-face with the incredible Linkerd community. At the Linkerd kiosk in the CNCF Project Pavilion, we had amazing conversations with users, contributors, and cloud-native enthusiasts. Whether you were looking to learn more about Linkerd’s capabilities or dive deep into technical questions, we loved hearing your stories and answering your questions. A big thank you to everyone who stopped by and shared their enthusiasm for Linkerd’s mission to bring simplicity, security, and reliability to Kubernetes.
This year brought exciting news as Buoyant and SUSE Rancher teamed up to tackle edge deployments while keeping things simple and secure. At the SUSE Rancher booth, we showcased this collaboration, highlighting how Linkerd and Rancher work together to bring seamless edge infrastructure to life. Stay tuned for more updates as this partnership continues to grow!
With 11 Linkerd-related talks across the week, there was no shortage of service mesh knowledge being shared. Whether you’re looking for hands-on tutorials, deep dives, or discussions on the future of Linkerd, we’ve compiled all the talks for you here. Here are our highlights:
Federated Services is a new feature in Linkerd that allows a single Service to transparently span multiple Kubernetes clusters while remaining resilient to failures in one or more clusters — without needing to change the application. In this lightning talk, we discuss the design considerations and constraints navigated in the process of adding Federated Services to Linkerd. We discuss how this design process took into account prior art (such as work in SIG-Multicluster), explored a variety of designs, and focused on delivering a solution that was tractable, clear, explicit, simple, and valuable to Linkerd users.
The CNCF hosts a wide variety of open source projects, from those backed by trillion-dollar corporations to those supported by small startups with limited resources. Despite these differences, most contributions come from paid maintainers. This raises critical questions: Can startups succeed with CNCF open source projects, or is this model inherently un-monetizable? And should the CNCF prioritize startups' success, or focus on projects backed by established companies with the stability to sustain them long-term? In this panel, startup founders and project maintainers discuss the balance between commercialization, community, and the open source ethos.
As AI and ML become increasingly prevalent, it’s worth looking harder at the operational side of running these applications. We need a lot of compute and access to GPU workloads. We also need to be reliable while providing rock-solid separation between datasets and training processes. And we need great observability in case things go wrong, and must be simple to operate. Let's build our ML applications on top of a service mesh instead of spending resources reimplementing the wheel – or, worse, the flat tire. In this session, we take a look at how a service mesh can solve real-world issues with ML applications while making it simpler and faster to actually get things done in the world of ML.
The pace of feature delivery in Linkerd has never been higher. In this whirlwind project update by Buoyant CEO William Morgan, you'll learn about the latest developments and upcoming features. William discusses new support for egress traffic control and visibility, ingress traffic handling, UX improvements to multicluster, new support for IPv6, and more. Be prepared to learn about the world's fastest, lightest service mesh!
Multi-zone clusters are a great tool for improving application reliability — and also a great way to spend a ton of cash. Why? What really happens when you set these things up? How do you use them effectively without bankrupting your whole organization? In this session, we dig into the nuts and bolts of what goes on under the hood of a multi-zone cluster, including what a zone is, what Kubernetes understands about zones, how zones affect routing, and why multi-zone clusters can drive costs up. We spend some time on Kubernetes' Topology Aware Routing, covering its advantages as well as its very real limitations. Finally, we dive into how you can influence Kubernetes' choices to take advantage of multi-zone clusters' reliability while containing costs.
Gateway API v1.2 is here! We have GA support for service mesh! We have timeouts in HTTPRoutes! We have GRPCRoutes! And we still have precious few real-world walkthroughs of using Gateway API to get real things done… In this hands-on workshop, hosted by Gateway API contributors and GAMMA co-leads, we start with completely unconfigured clusters, walk through installing a demo app with your choice of ingress controller and service mesh (Envoy Gateway + Linkerd, or Istio), then dig into actually using Gateway API for routing, resilience, and progressive delivery with an application using HTTP and gRPC at the same time. Watch the recording to gain practical, real-world knowledge about what Gateway API can do and how to use it, and portable skills you’ll be able to apply to the many projects implementing Gateway API!
A constant presence in our lives for nearly 25 years, TLS is a cornerstone of modern security practice — especially in a zero-trust world. In cloud native, mTLS comes up every time service meshes get mentioned. Even so, both these technologies are still sources of endless questions. How do they work? How are they related? What problems do they solve – and which others do they not solve? How does it relate to end-user auth? What's all this stuff with certificates anyway? And why should you care about these things? Thankfully, answering these questions isn't that complex. This talk covers what TLS and mTLS are, what they do, how they work, why they matter as standards, and what nearly 25 years of attacking them have to say about security. We use Linkerd as an example, but this talk applies to any situation involving mTLS or TLS, no matter the implementation.
Ingress, egress, east-west, north-south… Kubernetes has always had a lot of different ways to talk about network traffic, each with its own concerns. For years, the possibility of unifying these kinds of configurations under a single API was a tantalizing but far-off possibility until Gateway API v0.8 took the first step of combining ingress and mesh configuration. Now Linkerd is stepping up to use Gateway API to handle egress as well. Watch this video for a hot-off-the-presses look into what egress policy covers and what people need from it, how we can make egress functionality work within Gateway API's existing model, and why Linkerd took this approach. We touch on the implementation and finish up with a live demo showing off a real-world example of egress management using Linkerd and Gateway API.
Open source powers the modern world, offering better, more secure code and faster bug fixes. But the landscape has shifted since the early Linux days. Volunteer-led projects are rare, especially in the CNCF, where companies maintaining open source need business justification for their investment. While the community expects open source to remain free, maintainers must find ways to monetize it—through support, enterprise editions, or licensing. Recent changes with projects like Terraform, Flux, and Linkerd underscore the need for a paradigm shift. Watch this panel discussion to hear maintainers discuss the future of open source.
If you couldn’t make it to KubeCon this year, don’t worry—the Linkerd community is always here for you. Join us on the Linkerd Slack to connect with the team, ask questions, and stay up-to-date on the latest developments.
And if you’re inspired to share your Linkerd success story at the next KubeCon, let us know! We’d love to help you take the stage and share your experience with the cloud-native world.
Thanks to everyone who made KubeCon + CloudNativeCon North America 2024 an unforgettable event. From the incredible talks to the community connections, it’s clear that Linkerd continues to lead the way in making Kubernetes simple, secure, and reliable. We can’t wait to see you again soon!
A complete guide to everything the modern enterprise architect needs to know about service meshes, including mutual TLS, zero trust security, eBPF, sidecars, and more.
Download ebook
.svg)