Linkerd has made version 2.17 of its service mesh available. The new version brings a lot of new functionality to the applications. This is the first release in a series that will merge several new features at once over the next few years.
Service mesh is an infrastructure layer that ties together all communication between (container-based) microservices within applications. This gives applications features such as zero-trust security, observability, and advanced traffic management without requiring developers to modify the underlying code.
Recently, the specialist has been releasing sustained releases that should bring out several new features at once in a single update. These updates come without sacrificing the simplicity of use that Linkerd has.
New features v2.17
Among the new features added in version 2.17 is new visibility and control functionality for egress data traffic, leaving a Kubernetes cluster from meshed pods. Kubernetes itself has no mechanisms for “understanding” egress traffic. Limiting this traffic is only possible to a limited extent and only for IP ranges and ports.
Linkerd now makes it possible to see and control this egress traffic across the entire application layer. This gives the possibility to see the source, destination, and traffic levels of all traffic leaving a Kubernetes cluster. It also allows them to roll out egress security policies for whether or not to allow traffic at a very detailed level.
Another new feature is rate limiting. This is a reliability mechanism that protects (micro)services from overload. This technology targets the server and is strictly implemented by the service receiving the traffic. This protects this service from misbehaving clients.
Federated services
The last major new feature of Linkerd 2.17 is the arrival of federated services, a new multicluster feature. A federated service is the aggregation of replicas of the same service across multiple clusters.
Meshed clients with a federated service “load balance” automatically on all endpoints in all clusters. All based on the load balancing technology of the service mesh provider.