Linkerd 2.7 adds security features and new dashboard options
The first Linkerd release of the year has arrived—version 2.7 provides Vault and cert-manager integration, dashboard updates, breaking changes, bug fixes and more. Let’s take a closer look at what the latest version of the Kubernetes service mesh has to offer.
Linkerd 2.7 has been released, as was announced in a blog post by William Morgan. Linkerd is a service mesh for Kubernetes that is designed to offer observability, reliability and security. Version 2.7 is referred to as security-themed release, so let’s see what that means.
PKI support & more
In version 2.7, Linkerd has been integrated with external PKI (public key infrastructure) providers, which means external certificate issuers like Vault or cert-manager for TLS certificates are now supported. GitOps users can therefore safely check their Linkerd manifests, which can now be generated without secrets, into version control.
Linkerd’s dashboard has received some updates as well. It can now display CronJob and ReplicaSet resources, for which it offers pre-configured Grafana dashboards. Further Linkerd dashboard updates include
tap headers, first introduced in v2.6, and protection again DNS rebinding attacks.
Take a look at the new dashboard:
Linkerd 2.7 also adds breaking changes for Helm charts, such as the renaming of the
noInitContainer parameter to
cniEnabled. Some bugs have been fixed in v2.7 as well. For example, headless services are now supported and gRPC has received an improved error classification.