Buoyant, the creator of Linkerd and pioneer of the service mesh category, has announced the general availability of Buoyant Enterprise for Linkerd (BEL) 2.20. The latest release introduces major enhancements focused on security automation, cross-platform infrastructure support, and intelligent traffic management, strengthening Linkerd’s role as a production-grade service mesh for enterprise-scale cloud environments.
The update arrives as organizations increasingly rely on service mesh technologies to manage complex microservices architectures while maintaining strict security, reliability, and performance requirements.
Modern enterprise platforms often struggle to balance security enforcement with system stability, especially when managing large-scale microservices deployments across hybrid environments. Manual certificate management and trust updates in service mesh architectures can introduce operational risks, including downtime and service disruption.
Buoyant Enterprise for Linkerd 2.20 addresses these challenges by embedding automated security processes directly into the service mesh architecture, reducing the need for manual intervention and improving operational resilience.
The release continues Buoyant’s long-term focus on delivering lightweight, production-ready infrastructure designed to operate reliably under demanding enterprise workloads.
A key feature of Linkerd 2.20 is automated trust anchor rotation, designed to eliminate one of the most common sources of operational risk in mutual TLS (mTLS) environments.
Traditionally, rotating cryptographic trust anchors across production clusters requires careful manual coordination. Errors during this process can lead to service interruptions or communication failures across distributed systems.
With the new built-in automation, Linkerd manages trust rotation internally, applying safeguards that reduce the risk of misconfiguration while ensuring continuous encrypted communication across services.
Another major enhancement in this release is expanded infrastructure compatibility through native support for Windows Virtual Machines operating outside Kubernetes clusters.
This capability enables organizations to extend service mesh benefits to legacy systems and hybrid environments that include both containerized and non-containerized workloads. Using Linkerd’s Rust-based data plane microproxies, Windows workloads can now participate in the mesh and inherit capabilities such as mTLS encryption, retries, timeouts, circuit breaking, and multi-cluster routing.
This expansion significantly broadens the applicability of service mesh architectures in enterprise environments with mixed infrastructure stacks.
Linkerd 2.20 also introduces rate-limit-aware load balancing, improving how traffic is distributed across upstream services under high load conditions.
Instead of relying solely on latency-based routing, the system now dynamically adjusts traffic flow when upstream services approach capacity or encounter rate limiting. This helps maintain system stability and prevents cascading performance issues across distributed applications.
The update also includes optimizations to the internal destination controller, reducing control plane memory usage by up to 85% during periods of rapid workload scaling or pod churn.
Additionally, Kubernetes sidecar orchestration has reached general availability and is now the default configuration, improving deployment consistency and eliminating initialization race conditions in batch workloads.
According to William Morgan, Founder and CEO of Buoyant, the release reflects ongoing efforts to simplify and stabilize large-scale Kubernetes and cloud-native environments.
"Linkerd is mission-critical infrastructure for companies and systems that people around the world rely on every day," said William Morgan, Founder & CEO of Buoyant. "Our goal for the 2.20 release was to eliminate the operational complexities that crop up when Kubernetes platforms are truly pushed to their limits, and we worked hand-in-hand with our customers to ensure Linkerd allows them to deliver even the most complex of capabilities seamlessly and reliably at scale."
As organizations continue modernizing infrastructure and adopting cloud-native architectures, service mesh platforms are playing an increasingly important role in ensuring secure, observable, and resilient communication between services.
Buoyant Enterprise for Linkerd 2.20 aims to reduce operational overhead while expanding deployment flexibility across hybrid environments. By combining automation, performance optimization, and extended infrastructure support, the platform is positioned to help enterprises scale microservices architectures with greater confidence and reduced operational complexity.
Buoyant was founded by senior infrastructure engineers to redefine cloud-native application security and reliability. As the original creator and primary maintainer of Linkerd, the world's lightest and fastest service mesh, Buoyant delivers enterprise-grade software and operational expertise to organizations scaling critical cloud infrastructure globally. Buoyant Enterprise for Linkerd (BEL) is free to implement across non-production environments and remains permanently free for production operations at companies maintaining fewer than 50 total employees.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.