Aug 24, 2022
SAN FRANCISCO, Aug. 24, 2022 — Buoyant, creator of the widely-used open source Linkerd service mesh, today announced the release of Linkerd 2.12, which introduces route-based authorization policies, support for the Kubernetes Gateway API, access logging, and much more. As part of this release, Buoyant also announced the availability of automated upgrades to Linkerd 2.12 as part of their managed Linkerd service, Buoyant Cloud.
Linkerd's new authorization policies allow for an advanced "zero trust" approach to Kubernetes network security. Extending the port-based policies introduced in earlier releases, these new per-route policies provide even finer-grained control over how microservices are allowed to communicate with each other by controlling access to individual paths or routes for each microservice. Unlike network policies implemented by CNI projects such as Cilium or Calico, Linkerd's authorization policies are based on strong cryptographic workload identity, are enforced at the most granular level—the pod—and are built on industry standards such as mutual TLS.
"Linkerd 2.12 makes it easy for anyone to achieve zero trust network security on their Kubernetes cluster, from encryption to authentication to authorization," said William Morgan, Buoyant CEO and creator of Linkerd. "In zero trust you can't trust the network; you can't trust the CNI layer; you can't trust IP addresses; and all access to sensitive resources must be explicitly authorized. The new per-route policies in Linkerd 2.12 achieve those goals while staying true to Linkerd's core tenets of simplicity and performance, meaning that Linkerd is—by far—the simplest, most secure way to achieve true zero-trust network security in Kubernetes."
Linkerd 2.12 also introduces access logging, a long-awaited feature that optionally allows Linkerd to produce Apache-style request logs, as well as a host of other improvements and performance enhancements.
Alongside this release, Buoyant Cloud, the company's managed Linkerd service, now supports automatic upgrades to Linkerd 2.12 for customers running Linkerd 2.10 or later. This upgrade process covers both the control plane and the data plane, allowing organizations to seamlessly manage their Linkerd deployment across any number of clusters.
To learn more about Linkerd 2.12 or to register for Buoyant's free Upgrading to Linkerd 2.12 workshop, please see full announcement blog post. To schedule a demo and a detailed walk-through of the new release, please visit Buoyant's website.