The latest version of Linkerd is now available. Linkerd 2.8 adds a multi-cluster extension to the service mesh. This allows Kubernetes service to be connected across cluster boundaries in a secure way.
Linkerd’s multi-cluster functionality aims to meet four goals:
- Provide a unified trust domain
- Separate failure domains
- Support heterogeneous networks
- Provide a unified model with in-cluster communication
Related Content: Linkerd
According to the Linkerd team, this new multi-cluster functionality allows for a variety of new use cases, such as hybrid cloud, high availability, cluster failover, and inverted multi-tenancy.
Many existing service meshes have this functionality, but it is reliant on highly configured layers that add additional complexity to Kubernetes. Linkerd’s approach has leveraged much of the existing functionality of Kubernetes to limit added complexity, the Linkerd team explained.
“With service mirroring, Linkerd’s multi-cluster operates the same way that the rest of Linkerd does: it’s secure by default, it works out of the box, and it adds the bare minimum to Kubernetes,” said William Morgan, CEO of Buoyant and one of the creators of Linkerd. “The multi-cluster approaches we saw from projects like Istio were disappointing because of their inherent complexity. Making multi-cluster simple wasn’t just a style choice; it was a fundamental part of Linkerd’s approach to connectivity. In a zero-trust, cloud-native world, connectivity requires security, but complexity is anathema to security. If you have a complex solution, you have an insecure solution.”
More information on this new multi-cluster functionality in Linkerd 2.8 is available here.