Kuma Star
← Back to Blog

Kuma 2.10 release with Simplified Policy Management...

/ 4 min read
Featured image for a blog article titled Kuma 2.10 release with Simplified Policy Management....

We’re excited to announce the release of Kuma 2.10! The latest version of Kuma brings an improved provisioning experience and streamlined management of policies — plus user interface enhancements to elevate your experience deploying and managing your Mesh.

Notable features

In Kuma 2.10.x we’ve focused on 3 main areas:

  • Dataplane kind as a top-level targetRef.
  • Rules support for inbound policies.
  • Improved service discovery with HostName Generators support in Mesh UI.

Feel free to check our release notes for the full list of changes.

Dataplane kind as a top-level targetRef

Top-level targetRef enables you to identify and select a specific set of proxies whose configurations will be impacted. It’s a great way to slowly and progressively roll out (or roll back) a policy without breaking anything.

As a refresher, we introduced MeshService in the previous release, which is a new resource that represents a service that allows you to define a subset of services and apply policies to it much more easily. It allowed users to define their services explicitly instead of relying on Kubernetes services. This capability helped remove some scalability bottlenecks and made the user experience of managing Mesh easier.

In this release, we’re announcing a targetRef kind for data planes as part of an ongoing effort to tie policies to resources present in your Mesh to help streamline and simplify your experience managing your Mesh policies. Now, you can set the data plane as a top-level targetRef, enabling you to define policies that target a specific data plane. You can even specify which inbound of a data plane you’d like the policy to target.

targetRef:
  kind: Dataplane
  name: demo-app
  namespace: kuma-demo
  sectionName: http-port

Rules support for inbound policies

In our ongoing effort to make policies easier and better to use, we’re introducing rules to support inbound policies. If you recall, in the previous release, we introduced outbound policies and producer/consumer policies that enable you to create a policy and apply it to all clients of a service.

This release extends that effort by introducing rules support for inbound policies, enabling you to match the traffic coming into your dataplanes with a port. Before this update, if you had multiple listeners on a data plane, it would be very challenging to apply policies to individual listeners as the matching process was more complicated.

Introducing rules makes it much easier to identify and match policies to an individual or a specific group of listeners. When you use it in combination with dataplanes, you can identify up to a single dataplane, port, or a group of dataplanes with specific labels, etc.

Also, if you have multiple policies that merge at different levels — say, one at the Service level and another at the namespace level, the policy that handles the merging becomes much more straightforward.

The snippet below shows how you can use the rules support for inbound policies with the Dataplane kind to define a MeshTimeout policy in the kuma-demo namespace:

apiVersion: kuma.io/v1alpha1
kind: MeshTimeout
metadata:
  name: mtimeout
  namespace: kuma-demo
  labels:
    kuma.io/mesh: default
    kuma.io/origin: zone
spec:
  targetRef:
    kind: Dataplane
    labels: 
      app: demo-app
  rules:
    - default:
        http:
          requestTimeout: 1s

Checkout the rule’s guide to discover this feature.

Improved service discovery with HostName Generators support in Mesh UI

Hostname Generator templates enable scoped customization of services hostnames using the properties of other Mesh entities. This release introduces Mesh UI support for HostName Generators for improved service discovery and easier debuggability.

Upgrading

We strongly suggest upgrading to Kuma 2.10.0. Upgrading is easy through kumactl or Helm.

Be sure to carefully read the upgrade guide and the version specific upgrade notes before upgrading Kuma.

Join the community

Join us on our community channels, including official Slack chat, to learn more about Kuma. The community channels are useful for getting up and running with Kuma, as well as for learning how to contribute to and discuss the project roadmap. Kuma is a CNCF Sandbox project: neutral, open and inclusive.

The community call is hosted on the second Wednesday of every Month at 8:30 AM PDT. And don’t forget to follow Kuma on Twitter and star it on GitHub!

Get Community Updates

Sign up for our Kuma community newsletter to get the most recent updates and product announcements.