Hi, Linkerd person here. I don't use HN much these days but I was pointed me to your comment. First, thank you for your empathy. The truth is that as much as I would prefer it otherwise, this change is required for Linkerd's survival and future growth. In turn I have empathy for you—we've put you in a tough situation with this, and while with 7 prod clusters it seems fair to ask your company to help fund the project (maybe you disagree), it doesn't seem fair that the onus to push this change through your company falls on you. I know this is a consequence of how we designed this transition but I wish there were a way we could make this part better. FWIW, we do have a team of folks who are very good at working the process, and at your scale we have flexibility on terms and pricing, so I think we can make it easy in your specific situation. Some of the new features are focused on cost reduction so there is an opportunity to appease the budgetary gods.

In terms of the stability guarantees you point out, that has always been the case for edge releases. They contain the latest changes on main, and while we try to keep that as stable as possible, things can break. Everything is well-documented and we try our best to at least have you able to make an informed decision.

Hope that helps, I'm always up for a deeper chat if you want to send me an email. (At the bottom of the blog post.)

Looks more like an attempt to force people to pay for what should be an OSS project and goes against the spirit of CNCF. Guess that's another win for Istio, right? Have you guys consulted with CNCF to try offloading some costs of building and releasing "stable" OSS builds of LinkerD instead of forcing people into this weird arrangement? Something tells me CNCF wouldn't agree to this...

Yup.. CNCF seems to not like this change: https://github.com/cncf/toc/issues/1262

Your Pricing page says $2k monthly PER CLUSTER. It doesn't say PER PRODUCTION CLUSTER.

Thank you!

Exactly. Linkerd is fast and simple in no small part because it doesn't have 20 competing, sharp-elbowed vendors pulling it in 21 different directions. Customer focused is everything.

You have no idea how many Istio companies have turned to Linkerd because of this very complexity. Here's one of my favorite writeups. https://nais.io/blog/posts/changing-service-mesh/

It's malpractice to not seriously consider Linkerd over Istio at this point.

What about trafaek?

traefik? [1]

1. https://traefik.io/

Maybe you're just not talking to the right companies. There are a ton of Linkerd adopters and the list is constantly growing! https://linkerd.io/community/adopters/

IMHO the operational cost of a service mesh only really makes sense in the context of Kubernetes. A service mesh works by deploying lots of proxies everywhere; in Kubernetes you can do that very cheaply but outside of Kubernetes you're going to have to do some work.

So: I would start with installing something like Linkerd in a Kubernetes environment and work outwards from there.

Thanks, I updated the curl command-line args.

Just published this earlier this morning. Would love your comments and corrections. TLS is a huge topic and I'm sure I got something wrong in here.

What about traffic that isn't HTTP? Does Linkerd helps authenticate that, perhaps by setting up a tunnel?

Non-HTTP TCP traffic will be mTLS'd by Linkerd just as well as HTTP traffic is, as long as there's a proxy on both ends of the connection. No tunnel required.

Mesh expansion is on the Linkerd roadmap, which will make it possible to run the data plane outside of Kubernetes.

If all your experience is with Istio and "layers on top of Istio", I'm not surprised you think service meshes need lots of config. Sounds like you need to try Linkerd!