# CRD + RESTful Interface
Built on top of Envoy, Kuma can be fully operated via simple CRDs on Kubernetes or with a RESTful API on other platforms. GUI included.
# L4 + L7 Policies
Connect your Microservices with Kuma, and apply intuitive policies for security, observability, routing, and more in one command.
# Platform Agnostic
Kuma can run anywhere, on Kubernetes and VMs, in the cloud or on-premise, in single or multi-datacenter setups.
Kuma reduces complexity and accelerates service reliability with an Envoy-based Service Mesh
# Focused on simplicity
Getting up and running with Kuma only requires three easy steps. Bundled with Envoy proxy, Kuma delivers out of the box policies that can secure, observe, connect, route, log and enhance your service connectivity for the entire application, databases included.
- Fast, lightweight, highly available
- 10+ bundled policies for L4/L7 traffic
- Bundled with Envoy (no prior expertise required)
# Kubernetes and Universal mode
With Kuma you can build service connectivity and Service Meshes across a large variety of platforms and clouds. Platform agnostic by nature, Kuma supports modern Kubernetes environments and Universal VM workloads in the same cluster, with no effort.
- Kubernetes, VMs and Bare Metal
- Multi K8s-Namespace and Multi-Cloud support
- For both North-South and East-West traffic
# One cluster for the entire organization
Multi-tenant since day one, with Kuma you can create as many independent Service Meshes as you need with one control plane. This reduces the operational costs of supporting the entire organization in a significant way.
- Multi-Tenancy for multiple Meshes
- Ops complexity is O(1), not O(n)
- One Runtime, scalable horizontally