logo
ArticlesConferencesPresentations
Dates
Author
Conferences
Tags

Sort by:  

Overview and State of Linkerd

Conference:  KubeCon + CloudNativeCon Europe 2023
Authors: Matei David
2023-04-20

tldr - powered by Generative AI

Linkerd is a service mesh for cloud-native microservices that provides failure resiliency, observability, and security.
  • The Gateway API standardizes some of the Ingress stuff and is mostly for North-South traffic.
  • Linkerd is working on adapting the HTTP route resources to make sense for East-West traffic.
  • If all pods start returning 500 errors all at once, they will all be taken out of circulation and apply the back-off penalty.
  • Linkerd does not yet support IPv6, but it is in the books.
  • EBPF is a cool technology, but it cannot do any State Management inside of it, making it difficult to handle circuit breaking, retries, and timeouts.
  • Linkerd supports EBPF, but when it comes to doing service mesh things, there is no substitute for the sidecar proxy.
Tags:
CNCF
Linkerd
service meshes
circuit breaking
header-based routing

What We Learned From the Gateway API: Designing Linkerd’s New Policy CRD

Conference:  KubeCon + CloudNativeCon North America 2022
Authors: Matei David
2022-10-28

tldr - powered by Generative AI

The presentation discusses the adoption of the Gateway API for service mesh management and administration, highlighting the importance of distinguishing between traffic frontends and backends and leveraging existing API frameworks.
  • The Gateway API is a well-designed API with extensibility points that make it intuitive to work with
  • Adopting the Gateway API now makes sense for the project despite its newness and potential for API churn
  • The Gateway API's policy attachment framework is useful for both gateways and meshes
  • Distinguishing between traffic frontends and backends is crucial for effective service mesh management
  • Leveraging existing API frameworks, such as the Gateway API, is preferable to reinventing the wheel
Tags:
gateway APIs
policy attachment
Linkerd
SIG Network
Kubernetes

Emissary + Linkerd Resilience Patterns: Rate Limits, Retries & Timeouts

Conference:  KubeCon + CloudNativeCon North America 2022
Authors: Flynn, Daniel Bryant
2022-10-28

tldr - powered by Generative AI

The presentation discusses how to deliver reliable software to users by using API Gateway and service mesh to mitigate the effects of badly behaving code.
  • Users want reliable software, but they don't necessarily care about the internal details.
  • API Gateway and service mesh can be used to mitigate the effects of badly behaving code and give users a better experience.
  • Retry, timeout, and rate limit are simple yet effective tools to use in the API Gateway and service mesh.
  • Developers, QA, and platform engineers need to think about the end-to-end solution, but they should ideally start with the services and communications.
  • Observability and debugging tools can be helpful in identifying and fixing issues.
  • Documentation and contribution to open-source projects are important for developer-focused and self-service solutions.
Tags:
CNCF
Emissary
Linkerd
Kubernetes
Envoy

Overview And State Of Linkerd

Conference:  KubeCon + CloudNativeCon North America 2022
Authors: Alex Leong
2022-10-27

tldr - powered by Generative AI

Overview and State of Linkerd - A service mesh for transparent mtls between all services on by default
  • Linkerd is a service mesh that intercepts all network traffic for a pod and adds functionality like observability, reliability features, and transparent mtls between all services on by default
  • Philosophy behind Linkerd is to make it easy to use and install without requiring extensive configuration
  • Linkerd integrates with startmanager for automatic certificate rotation
  • Linkerd uses HTTP back pressure mechanism for back pressure
  • Linkerd is focused on workload identity rather than user identity
  • Linkerd provides East West traffic for service to service within the cluster
Tags:
Linkerd
CNCF
Gateway API
service meshes
upcoming releases

Flagger, Linkerd, And Gateway API: Oh My!

Conference:  KubeCon + CloudNativeCon North America 2022
Authors: Jason Morgan, Sanskar Jaiswal
2022-10-26
In this session, you’ll learn about Flagger, Linkerd, and the Gateway API specification. You’ll also learn how to use Flagger and Linkerd to enable automated progressive delivery. The Gateway API specification is gaining momentum in the Kubernetes space as it attempts to change how users manage traffic. Both Flagger and Linkerd were able to standardize on the Gateway API to enable their users to simplify how they define traffic management within, and between, their clusters. Join Jason and Sanskar to discuss how each project independently implemented the Gateway API, how those implementations benefitted their respective projects, and how this allowed them to work together without any explicit configuration.
Tags:
Flagger
Linkerd
Gateway API
Progressive Delivery
Kubernetes

Linkerd End User Panel: Case Studies from Production

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: Fredrik Klingenberg, Kasper Borg Nissen, Christian Hüning, Catherine Paganini, Eli Goldberg
2022-05-20
In this panel, you'll hear from end users across a variety of industries on how they use the Linkerd service mesh in real-world production scenarios. Use cases range from applying mutual TLS to encrypt and secure all service-to-service communication, load balancing gRPC requests, and troubleshooting services before they're pushed to production. Panelists represent a variety of companies with very different environments, goals, and priorities, and discussion will be focused on real-world outcomes.Click here to view captioning/translation in the MeetingPlay platform!
Tags:
Linkerd
Service Mesh
Microservices
Container Orchestration
Cloud Native

Overview and State of Linkerd

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: Matei David
2022-05-20

tldr - powered by Generative AI

Overview of Linkerd project and its features
  • Linkerd is a service mesh for Kubernetes that provides observability, reliability, and security
  • It has a growing set of features including policy, circuit breaking, and header-based routing
  • The project has a large and active community
  • Linguity is a new extension that manages or installs the SMI CRDs and other SMI functionality
  • Linkerd is working on supporting FIPS 140-2 compliance systems
  • The project has graduated from the CNCF
  • Linkerd is a popular choice for those who want to improve their observability, reliability, and security in their Kubernetes clusters
Tags:
Linkerd
CNCF
Service Mesh
policy
circuit breaking

Building an Agile Platform in a Highly Regulated Industry

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: Fredrik Klingenberg, Jonas Samuelsson
2022-05-20

tldr - powered by Generative AI

The presentation discusses the challenges of building a new platform on new technology with limited experience in the company, while balancing the need for control and the ability to move fast. The solution involves questioning traditional approaches and finding new ways to solve issues with modern security approaches and layering.
  • The company faces competition from pure tech companies and changing customer expectations, while also dealing with regulatory requirements and the need to maintain customer trust.
  • The balancing act involves implementing the right level of security while finding common ground and allowing for both control and the ability to move fast.
  • Traditional concerns like networking and web application firewalls still apply, but modern capabilities like Kubernetes and layering can help solve issues in new ways.
  • The starting point involved interviewing teams and systematically gathering data to manage Kubernetes, which takes a lot of work.
  • The solution involves questioning traditional approaches and finding new ways to solve issues with modern security approaches and layering.
Tags:
Kubernetes
GitOps
If-Insurance
Linkerd
Aurum AS

Service Mesh at Scale: How Xbox Cloud Gaming Secures 22k Pods with Linkerd

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: Christopher Voss
2022-05-19

tldr - powered by Generative AI

The presentation discusses the benefits of using Linkerd in Xbox Cloud Gaming's Kubernetes clusters, including zero config MTLS and code-free visibility. The speaker also shares their plans for future improvements, such as multi-cluster communication and fault injection testing.
  • Linkerd has been a valuable tool for securing over 50 microservices and 22,000 pods in Xbox Cloud Gaming's Kubernetes clusters
  • Zero config MTLS and code-free visibility have saved the company thousands of dollars per month
  • Canary deployments have been integrated into Azure DevOps release pipelines to enable auto rollbacks
  • Future plans include implementing service-to-service off, multi-cluster communication, and fault injection testing
Tags:
XboxCloudGaming
Kubernetes
Linkerd
mutualTLS
observability

Emissary + Linkerd: A Guide to End-to-end Encryption for your Cluster

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: Flynn, Jason Morgan
2022-05-19

tldr - powered by Generative AI

The presentation discusses the installation and use of Emissary, a service mesh for Kubernetes, and its ability to achieve zero trust networking.
  • Emissary is a service mesh for Kubernetes that can achieve zero trust networking
  • Emissary uses envoy for data wrangling and can consume ebpf modules for networking efficiency
  • Emissary can generate unique certificates for each connection and recommends using cert manager for certificate rotation
  • Emissary 2.11 introduced the ability to use policy for zero trust networking and 2.12 will have a more granular and easier to use policy system
  • Installation of Emissary involves adding the helm repo, installing the Emissary CRDs, and using helm to install Emissary into a namespace
Tags:
Emissary
Linkerd
Kubernetes
Envoy
CNCF