Part of the Cloud Native Computing Foundation, Linkerd is a network proxy that deploys as a service mesh. According to their overview, its creators built it for solving complex problems while operating large production systems. Linkerd fixes communication issues between services.
The newest stable release, v2.4.0 arrived, adding a new traffic splitting feature, support for the Kubernetes Service Mesh Interface, performance enhancements, and more.
Stable version 2.4.0
According to the documentation, some of the notable features added to version 2.4.0 include:
- Traffic splitting functionality: New API allows users to control the amount of traffic destined for services via TrafficSplit custom resources.
- Kubernetes Service Mesh Interface support: SMI provides a standardized interface for service meshes on Kubernetes. This makes ecosystem tools easier to work with when using Linkerd.
- New install and upgrade stages:
linkerd install configandlinkerd install control-plane;linkerd upgrade configandlinkerd upgrade control-plane - Debugging assistance: New
linkerd edgescommand adds observability into the TLS-based identity system;--enable-debug-sidecarflag helps with debugging. - Prometheus metrics: Added to Kubernetes watchers in the destination service
- Two-phase installation process added
- Automate canary deployments: Flagger now supported
- Experimental status: Graduated to high-availability support
- Font Awesome stylesheets added locally
- Disabled spinner: When running without TTY,
linkerd checkspinner is disabled - Edges table: Improved UI
- Various performance and usability upgrades
- Breaking changes: Removed the
--proxy-auto-injectflag; replaced the--linkerd-versionflag with the--proxy-versionflag in thelinkerd installandlinkerd upgradecommands. - Improved documentation
- Bug fixes and closed issues: Including potential memory leaks in HTTP/2 requests, stuck load balancers, failing
linkerd inject, proxy injector fixes, pod creation failures, long DNS queries, and more.
SEE ALSO: Developers are learning hard lessons in app security
Check out the full release notes on GitHub to see all the latest changes. Information on how to install the release available here. Version stable-2.4.0 supports Kubernetes 1.12+.
Linkerd security
In April, the last update (v2.3) focused on security, by turning on authenticated, confidential communication between meshed services by default.
In June 2019, Linkerd passed a CNCF-sponsored security audit. Testing lasted a total of eighteen days and consisted of a variety of approaches. The testing team found as the report claims, “no real vulnerabilities”, ensuring its safety and high-security.
SEE ALSO: LazyDocker – simple terminal UI aims to make Docker easier
The conclusions of the testing state:
Judging by the lack of discovered relevant vulnerabilities and only a few miscellaneous issues, Cure53 has gained a rarely observed and very good impression of the examined Linkers software complex and its surroundings. This June 2019 Cure53 project clearly demonstrates that the Linkerd product is fully capable of preventing major attacks and should be considered strong against the majority of malicious attempts at a compromise.
…
The overall state of the Linkerd project – from a technical perspective and the in-house team’s great awareness of security-relevant practices and aspect, solidly places the Linkerd complex on a very good level.
The post Linkerd v2.4.0 improves performance & adds traffic splitting functionality appeared first on JAXenter.
Source : JAXenter
