Buoyant, the company behind the open source service mesh Linkerd, announced plans to add Model Context Protocol (MCP) support to the platform, extending Linkerd’s proven traffic management and observability features to a new class of agentic AI workloads.

The move aims to give enterprises a secure, reliable, and transparent foundation for managing MCP traffic within Kubernetes clusters — helping them deploy AI systems without compromising on governance or operational control.

Taming the New AI Traffic Problem

As enterprises accelerate their use of AI, a new category of network traffic has emerged: agentic communication. Unlike conventional API calls, MCP-based traffic enables large language models (LLMs) to connect with external data sources and tools — often maintaining persistent, stateful sessions and performing multi-step reasoning tasks.

That flexibility also introduces complexity. AI workloads can create unpredictable surges, novel security gaps, and monitoring blind spots that traditional networking tools weren’t designed to handle.

“Enterprises are eager to innovate with AI, but they can’t do so at the expense of their security posture and application reliability,” said William Morgan, CEO of Buoyant. “By extending Linkerd’s capabilities to MCP traffic, we’re not just enabling AI adoption — we’re giving organizations the confidence to scale it safely.”

Observability and Security for Agentic Workloads

With upcoming MCP support, Linkerd will offer the same visibility, access control, and traffic management capabilities it already provides for HTTP, gRPC, and TCP workloads. For platform teams, this means AI traffic can be governed using the same zero-trust framework and policy-driven workflows that already secure production systems.

Key capabilities include:

• Deep observability: Metrics on resource and tool usage, latency, data volume, and failure rates — giving operations teams insight into how AI agents interact with external systems.

• Granular security: Fine-grained authorization for MCP calls based on cryptographic workload identity, allowing organizations to restrict access to sensitive tools or data depending on agent identity.

• Unified traffic control: Integration at the service mesh layer, eliminating the need for separate AI networking tools.

For early adopters, the benefits go beyond simplicity. “Security concerns around MCP were initially a big factor as we started considering rolling out AI more broadly,” said Blake Romano, Senior Engineer at Imagine Learning. “Because we already rely on Linkerd’s zero-trust model and observability, it removes a major barrier to adoption. Clear visibility into MCP communication gives us the confidence to innovate faster and safer.”

Why It Matters

Linkerd’s integration of MCP support comes at a time when enterprises are seeking to operationalize AI without creating new attack surfaces or compliance gaps. By embedding AI observability and policy enforcement into the service mesh itself, Buoyant positions Linkerd as the connective tissue between Kubernetes-native reliability and AI-native flexibility.

Buoyant will demonstrate MCP support at KubeCon North America 2025 (Atlanta, November 10–13, Booth 440). The feature will be available soon in both open source Linkerd and Buoyant Enterprise for Linkerd editions, with early access registration now open.