Kubernetes

Don't forget! The Official Documentation of Kuma is a great place to learn about both basic and more advanced topics.

To install and run Kuma on Kubernetes execute the following steps:

1. Download and run Kuma

To run Kuma on Kubernetes, you need to download a compatible version of Kuma for the machine where you will be executing the commands.

Once downloaded, we can extract the content of the archive with:

$ tar xvzf [FILE]
$ cd bin && ls
envoy   kuma-cp   kuma-dp   kuma-tcp-echo kumactl
1
2
3

Note: On Kubernetes - of all the Kuma binaries in the bin folder - we only need kumactl.

To install and run Kuma execute:

$ kumactl install control-plane | kubectl apply -f -
1

By executing this operation, a new kuma-system namespace will be created.

2. Start services

On Kubernetes, we can start a simple service by executing the following command:

kubectl apply -f https://raw.githubusercontent.com/Kong/kuma/master/examples/kubernetes/sample-service.yaml
1

Note that two things are happening in the YAML file:

  • We are including a kuma.io/sidecar-injection: enabled label in the Namespace to automatically inject Kuma sidecars into every Pod belonging to the namespace.
  • We are adding a kuma.io/mesh: default annotation to determine on what Mesh the service belongs.

3. Apply Policies

Now you can start applying Policies to your default Service Mesh, like Mutual TLS:

$ echo "apiVersion: kuma.io/v1alpha1
kind: Mesh
metadata:
  namespace: kuma-system
  name: default
spec:
  mtls:
    enabled: true
    ca:
      builtin: {}" | kubectl apply -f -
1
2
3
4
5
6
7
8
9
10

4. Done!

You can configure kumactl to point to any remote kuma-cp instance by running:

$ kumactl config control-planes add --name=XYZ --address=http://address.to.kuma:5681
1

You can now review the entities created by Kuma by using the kumactl CLI. For example you can list the Meshes:

$ kumactl get meshes
NAME
default
1
2
3

and you can list the data-planes that have been registered, and their status:

$ kumactl get dataplanes
MESH      NAME        TAGS
default   dp-echo-1   service=echo

$ kumactl inspect dataplanes
MESH      NAME        TAGS              STATUS   LAST CONNECTED AGO   LAST UPDATED AGO   TOTAL UPDATES   TOTAL ERRORS
default   dp-echo-1   service=echo      Online   19s                  18s                2               0
1
2
3
4
5
6
7