Buoyant,
creator of Linkerd,
announced Linkerd Enterprise, the first-ever commercial
distribution of Linkerd designed to meet the unique demands of today's
enterprise adopters. Linkerd Enterprise extends the popular open source Linkerd
project with additional enterprise-only capabilities, including zero trust and
FIPS 140-2 compliance, a powerful new cost-aware load balancer, lifecycle
automation, and more.
"Over the past 18 months,
adoption of Linkerd in enterprise environments has skyrocketed, with companies
like Adidas,
Microsoft,
Plaid, and DB
Schenker all publishing case studies and talks about how they
delivered security and reliability with Linkerd," said William Morgan, Buoyant
CEO and one of the creators of Linkerd. "We built Linkerd Enterprise in
response to that surge in demand, to give the enterprise adopters the best of
both worlds: all the features and capabilities of the world's most advanced
service mesh combined with the packaging, support, expertise, and unique
features that are critical for running Linkerd in enterprise environments."
Linkerd Enterprise is
already being leveraged at Mezmo, TrueLayer, and many other organizations tasked
with delivering reliable and secure products to their customers. "Linkerd is a
big part of the mission-critical security and reliability we deliver to our
customers today," said Rich Prillinger, Senior Director, Platform Engineering
at Mezmo. "Linkerd Enterprise adds additional capabilities and guarantees that
give us the confidence we need to deliver world-class security and reliability
at scale."
For existing Linkerd
adopters, Linkerd Enterprise is a drop-in upgrade for Linkerd. New capabilities
and features of Enterprise Linkerd include:
Cloud spend reduction
through advanced load balancing
One of Linkerd Enterprise's
most powerful new features is a sophisticated zone-aware load balancer that can
dramatically reduce cloud spend in multi-zone environments. Cross-zone traffic
costs can be a significant component of cloud spend-for some customers in the
millions of dollars.
The load balancer in
Linkerd Enterprise dynamically routes traffic to the lowest-cost region during
normal conditions and only sends traffic to higher-cost regions if the system
goes under stress. In contrast to Kubernetes's native topology-aware routing,
Linkerd's request-balancing approach provides both high availability and cost
reduction, and supports both single-cluster and cross-cluster traffic, allowing
even enterprises with complex application topologies to reduce cloud spend.
Lifecycle automation
Linkerd's unique Rust-based
"micro-proxy" approach delivers not just lightning-fast performance without the
security vulnerabilities of common C++ proxies, it provides a fundamentally
simpler operational model without the complexity found in other service meshes
such as Istio.
Linkerd Enterprise further
improves this simplicity with powerful lifecycle automation capabilities that
allow Linkerd to be installed, upgraded (including across both control and data
planes), and rolled back in a fully automated fashion, further reducing total
cost of ownership and allowing devops and platform teams to focus on business
priorities rather than system maintenance tasks.
Zero trust security
policy management
Linkerd provides an
extremely powerful and flexible set of network security policies that extend
far beyond Kubernetes's native capabilities and allow any organization to adopt
a true zero trust approach to network security, including encryption of all
communication by default; authorization based on workload identity rather than
insecure network identity; ultra-granular, per-pod security boundaries;
and adherence to the zero trust principles of "authorize everywhere, every
time".
On top of these secure
foundations, Linkerd Enterprise adds a robust layer of management capabilities
that allow enterprises to adopt and manage these policies at scale and in a way
that suits the complexities of enterprise engineering organizations.
FIPS-140-2 support,
software bills-of-material (SBOMs), hardened images, and more
Linkerd Enterprise also
includes FIPS-140-2 compliance; software bills-of-material (SBOMs);
continually-scanned, enterprise-hardened images that are tested in
customer-specific environments; SLAs around vulnerability remediations; and
much more.