Bird
Raised Fist0
Microservicessystem_design~12 mins

Linkerd overview in Microservices - Architecture Diagram

Choose your learning style10 modes available
LearnWhyDeepArchPracticeChallengeDesignRecallScale

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
System Overview - Linkerd overview

Linkerd is a service mesh that helps microservices communicate securely and reliably. It manages traffic between services, adds observability, and handles failures without changing application code.

Architecture Diagram
User
  |
  v
Load Balancer
  |
  v
+-------------------+       +-------------------+
|  Service A Pod    |<----->|  Service B Pod    |
|  (Linkerd Proxy)  |       |  (Linkerd Proxy)  |
+-------------------+       +-------------------+
          |                          |
          v                          v
      Linkerd Control Plane (Service Discovery, Policy, Telemetry)
          |
          v
      Kubernetes API Server
Components
User
client
Initiates requests to microservices
Load Balancer
load_balancer
Distributes incoming traffic to service pods
Service A Pod
service
Runs microservice A with Linkerd proxy sidecar
Service B Pod
service
Runs microservice B with Linkerd proxy sidecar
Linkerd Proxy
sidecar_proxy
Intercepts and manages service-to-service communication
Linkerd Control Plane
control_plane
Manages service discovery, policy enforcement, and telemetry
Kubernetes API Server
orchestration
Provides cluster state and configuration to Linkerd
Request Flow - 8 Hops
UserLoad Balancer
Load BalancerService A Pod (Linkerd Proxy)
Service A Pod (Linkerd Proxy)Service B Pod (Linkerd Proxy)
Service B Pod (Linkerd Proxy)Service B Pod (application)
Service B Pod (application)Service B Pod (Linkerd Proxy)
Service B Pod (Linkerd Proxy)Service A Pod (Linkerd Proxy)
Service A Pod (Linkerd Proxy)Load Balancer
Load BalancerUser
Failure Scenario
Component Fails:Linkerd Proxy
Impact:Service-to-service communication fails or is delayed; retries and observability data are affected
Mitigation:Linkerd retries requests automatically; fallback to direct communication possible; control plane alerts operators
Architecture Quiz - 3 Questions
Test your understanding
What is the main role of the Linkerd proxy sidecar in each service pod?
ATo manage service-to-service communication securely and reliably
BTo store user data persistently
CTo balance load between different clusters
DTo replace the Kubernetes API server
Design Principle
Linkerd uses a sidecar proxy pattern to transparently manage communication between microservices, adding security, reliability, and observability without changing application code. The control plane manages configuration and telemetry, while the proxies handle data plane traffic.

Practice

(1/5)
1. What is the primary purpose of Linkerd in a microservices architecture?
easy
A. To write business logic for microservices
B. To replace the database layer in microservices
C. To help microservices communicate securely and reliably
D. To serve as a frontend framework for microservices

Solution

  1. Step 1: Understand Linkerd's role

    Linkerd is a service mesh designed to manage communication between microservices.

  2. Step 2: Identify its main function

    It ensures secure and reliable communication without changing service code.

  3. Final Answer:

    To help microservices communicate securely and reliably -> Option C

  4. Quick Check:

    Linkerd = Secure, reliable microservice communication [OK]
Hint: Linkerd manages communication, not business logic or UI [OK]
Common Mistakes:
  • Confusing Linkerd with database or frontend tools
  • Thinking Linkerd writes application code
  • Assuming Linkerd replaces microservices
2. Which of the following commands is used to check the health of Linkerd after installation?
easy
A. linkerd check
B. linkerd install
C. linkerd monitor
D. linkerd deploy

Solution

  1. Step 1: Recall Linkerd CLI commands

    Linkerd provides commands like install, check, and monitor for managing the service mesh.

  2. Step 2: Identify the health check command

    The linkerd check command verifies if Linkerd is installed and running correctly.

  3. Final Answer:

    linkerd check -> Option A

  4. Quick Check:

    Health check = linkerd check [OK]
Hint: Use 'linkerd check' to verify installation health [OK]
Common Mistakes:
  • Using 'linkerd install' to check health
  • Confusing 'linkerd monitor' with health check
  • Assuming 'linkerd deploy' is a valid command
3. Given the following snippet, what will linkerd check report if Linkerd proxies are not injected into the services? 
kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
service-a-12345           1/1     Running   0          10m
service-b-67890           1/1     Running   0          10m
medium
A. Info: Services are running but no Linkerd installed
B. All checks pass, Linkerd is fully operational
C. Error: Kubernetes cluster not reachable
D. Warning: No proxies detected, Linkerd not fully enabled

Solution

  1. Step 1: Understand proxy injection role

    Linkerd requires proxies injected into pods to manage traffic and security.

  2. Step 2: Analyze pod readiness and proxy presence

    Pods show 1/1 ready, but no proxy sidecar means Linkerd features are not active.

  3. Final Answer:

    Warning: No proxies detected, Linkerd not fully enabled -> Option D

  4. Quick Check:

    No proxies = Warning from linkerd check [OK]
Hint: No proxies means Linkerd features inactive, expect warnings [OK]
Common Mistakes:
  • Assuming pods ready means Linkerd is fully working
  • Confusing cluster reachability errors with proxy injection
  • Thinking Linkerd works without proxies
4. You deployed Linkerd but notice that traffic is not being routed through the proxies. Which of the following is the most likely cause?
medium
A. Proxies were not injected into the service pods
B. The services are not exposing any ports
C. The Kubernetes cluster is down
D. The Linkerd control plane is not installed

Solution

  1. Step 1: Check Linkerd traffic routing requirements

    Traffic routing requires proxies injected into pods to intercept and manage requests.

  2. Step 2: Identify common deployment mistakes

    If proxies are missing, traffic bypasses Linkerd, causing routing issues.

  3. Final Answer:

    Proxies were not injected into the service pods -> Option A

  4. Quick Check:

    Missing proxies = traffic not routed [OK]
Hint: Missing proxies cause traffic routing failure [OK]
Common Mistakes:
  • Assuming control plane absence causes routing issues
  • Blaming Kubernetes cluster status without checking proxies
  • Ignoring service port exposure as a cause
5. You want to add observability to your microservices using Linkerd. Which combination of features does Linkerd provide to achieve this without changing your service code?
hard
A. Database management, caching, and load balancing
B. Traffic routing, security, and built-in monitoring dashboards
C. Frontend UI components, API gateways, and authentication
D. Code instrumentation, manual tracing, and custom logging

Solution

  1. Step 1: Identify Linkerd's observability features

    Linkerd provides traffic routing, security, and monitoring dashboards automatically via proxies.

  2. Step 2: Exclude unrelated features

    Database, frontend UI, and manual code changes are outside Linkerd's scope.

  3. Final Answer:

    Traffic routing, security, and built-in monitoring dashboards -> Option B

  4. Quick Check:

    Linkerd = routing + security + monitoring [OK]
Hint: Linkerd adds observability without code changes [OK]
Common Mistakes:
  • Confusing Linkerd with database or frontend tools
  • Thinking manual code changes are needed for observability
  • Mixing Linkerd with unrelated infrastructure components