SUSE and Buoyant: Advancing Enterprise Kubernetes with Zero-Trust Service Mesh

By Steve Hale, Sr. Director, Software & Services Ecosystem at SUSE — Co-written by Gary Myk and Abby Costin at Buoyant

Enterprises everywhere are continuing their move to Kubernetes, but with this transformation comes the challenge of securing, scaling, and simplifying microservices-based architectures.

That’s where the combination of Linkerd from Buoyant and SUSE Rancher Prime delivers a powerful advantage — bringing security, resilience, and operational simplicity together in one integrated solution.

Security and Compliance Without Complexity

Linkerd addresses the specific compliance requirements, operational and security challenges for organizations running Kubernetes at enterprise scale. The enterprise distribution of Linkerd offers out-of-the-box FIPS 140-validated cryptographic modules for all in-transit encryption, a cornerstone of many compliance frameworks like:

• FedRAMP
• CMMC
• HIPAA
• FISMA

This significantly offloads compliance work from development teams, allowing them to meet requirements without code changes. 

Deployed on SUSE Rancher Prime’s enterprise Kubernetes platform, Linkerd brings zero-trust security out of the box, including:

• Mutual TLS on every service-to-service connection
• Identity-aware routing and policy enforcement
• Encrypted communications

Together, this gives platform engineering and DevSecOps teams the security posture they need without the operational complexities of other service meshes. 

Resilience at Scale with Operational Simplicity

Modern enterprises run Kubernetes across multiple clusters, regions, and clouds. SUSE Rancher Prime unifies cluster lifecycle management while Linkerd adds:

• Real-time observability (golden metrics: latency, success rate, request rate)
• Built-in reliability features like retries, failover, and load balancing
• Lightweight operation that won’t overwhelm platform teams

This combination ensures mission-critical workloads stay online and performant — even at massive scale. This becomes especially important as organizations continue to adopt AI solutions, creating traffic that can be large and unpredictable.

Open Source, Enterprise Ready

Both SUSE and Buoyant share a commitment to open innovation and customer choice.

Linkerd and Rancher are fully open source, supported by trusted vendors with enterprise SLAs. Together, they allow organizations to modernize without lock-in, accelerating time-to-value for developers and operators alike.

This partnership enables enterprises to deploy secure, observable, and highly available microservices at scale — faster, with less complexity.

 This joint solution is already helping enterprises succeed in key modernization scenarios:

• Increase Application Resilience: Receive critical CVE patches immediately backported directly to your stable, ensuring continuous security and compliance without impacting your operations.
• Secure Your Supply Chain: Protect against vulnerabilities and tampering across dependencies and build artifacts.
• Unify Across Diverse Environments: Standardize management and policy enforcement across hybrid, multi-cloud, and edge deployments.
• Accelerate Compliance: Simplify adherence to regulatory requirements with built-in security controls and auditability.
• Modernization Enterprise Kubernetes:  Migrate legacy applications to Kubernetes with secure service-to-service traffic and full request-level visibility for SRE teams.
• Adopt Zero-Trust Application Networking: Deliver identity-aware, encrypted communications that meet HIPAA, PCI-DSS, and FedRAMP compliance in highly regulated industries.
• Strengthen Multi-Cluster & Multi-Cloud Resilience: Enable seamless cross-cluster communication and failover routing while improving disaster recovery posture.

Together, SUSE Rancher Prime and Linkerd provide a frictionless experience for platform teams — reducing complexity while increasing resilience and speed.

Choice Backed by Enterprise Support

SUSE Rancher Prime orchestrates these workloads across your infrastructure—whether you deploy them on SUSE Linux Enterprise Server or on Red Hat Enterprise Linux (RHEL)-compatible platforms. Thanks to SUSE Multi-Linux Support (MLS), customers can run Linkerd on either foundation with full confidence, knowing SUSE provides enterprise-grade patches, updates, and lifecycle support while maintaining binary compatibility. Buoyant proudly acknowledges this commitment, assuring customers that their Linkerd-powered workloads remain fully supported and secure — whichever enterprise Linux platform they choose.

The Path Forward

As enterprises seek to modernize application infrastructure, the Buoyant + SUSE solution delivers exactly what’s needed: security, reliability and observability  — without compromise.

Together, we’re helping organizations confidently build and run the next generation of cloud-native applications.

About Buoyant

Buoyant is the company behind Linkerd, an open source service mesh for Kubernetes and a graduated project of the Cloud Native Computing Foundation (CNCF). It is known for addressing the critical operational complexities of microservices like observability, reliability, and security in cloud native environments.

Try Enterprise Linkerd for Free

About SUSE

SUSE is a global leader in innovative, reliable open source solutions, helping enterprises accelerate digital transformation with SUSE Rancher Prime, SUSE Multi-Linux Support, and more.

👉 Learn more about SUSE Rancher Prime

👉 Learn more about SUSE Multi-Linux Support

👉 Explore how Buoyant is helping organizations run the next generation of cloud-native applications