Bringing SPIFFE to Linkerd for Mesh Expansion - Zahari Dichev, Buoyant

Don't miss out! Join us at our next Flagship Conference: KubeCon + CloudNativeCon North America in Salt Lake City from November 12 - 15, 2024. Connect with our current graduated, incubating, and sandbox projects as the community gathers to further the education and advancement of cloud native computing. Learn more at https://kubecon.io Bringing SPIFFE to Linkerd for Mesh Expansion - Zahari Dichev, Buoyant Identity lies at the core of every service mesh, so changing what “identity” means is always a challenging endeavor that mustn’t be taken lightly. Yet that’s exactly what the Linkerd project had to do to support extending the mesh beyond Kubernetes. Ultimately, communicating beyond the cluster isn’t hard, and identity is where the magic happens. How exactly does the mesh identify foreign workloads? What’s the role of Kubernetes itself in this realm? What mechanisms can we use outside of Kubernetes? Join us for an open and candid look into how the Linkerd project reimagined itself by tackling these and other questions, ultimately landing on SPIFFE/SPIRE as the tool of choice to enable seamless integration of workloads into the mesh.