Debian

Don't forget! The Official Documentation of Kuma is a great place to learn about both basic and more advanced topics.

To install and run Kuma on Debian execute the following steps:

1. Download and run Kuma

You can download Kuma from hereDebian - 图1 or by running:

  1. $ wget https://kong.bintray.com/kuma/kuma-0.1.0-debian.tar.gz

You can extract the archive and check the contents of the bin folder by running:

  1. $ tar xvzf kuma-0.1.0-debian.tar.gz
  2. $ cd bin/ && ls
  3. envoy   kuma-cp   kuma-dp   kuma-tcp-echo kumactl

As you can see Kuma already ships with an envoyDebian - 图2 executable ready to use.

To run Kuma execute:

  1. $ kuma-cp run

Kuma automatically creates a Mesh entity with name default.

By default this will run Kuma with a memory backend, but you can change this to use PostgreSQL by updating the conf/kuma-cp.conf file.

2. Start the Data-Plane

Before starting the sidecar proxy data-plane, the service should already be running. For demo purposes, we can start a sample TCP server that comes bundled with Kuma and that echoes back the requests we are sending to it:

  1. $ kuma-tcp-echo -port 9000

You can then consume the service by making requests to 127.0.0.1:9000, like: curl http://127.0.0.1:9000/ or nc 127.0.0.1 9000

We now have our control-plane and services running. For each service we can now provision a Dataplane Entity that configures the inbound and outbound networking configuration:

  1. $ echo "type: Dataplane
  2. mesh: default
  3. name: dp-echo-1
  4. networking:
  5.   inbound:
  6.   - interface: 127.0.0.1:10000:9000
  7.     tags:
  8.       service: echo" | kumactl apply -f -

And run the actual data-plane process with:

  1. $ KUMA_CONTROL_PLANE_BOOTSTRAP_SERVER_URL=http://127.0.0.1:5682 \
  2.   KUMA_DATAPLANE_MESH=default \
  3.   KUMA_DATAPLANE_NAME=dp-echo-1 \
  4.   kuma-dp run

You can now consume the service on port 10000, which will be internally redirected to the service on port 9000:

  1. $ curl http://127.0.0.1:10000
  2. GET / HTTP/1.1
  3. Host: 127.0.0.1:10000
  4. User-Agent: curl/7.54.0
  5. Accept: */*

3. Apply Policies

Now you can start applying Policies to your default Service Mesh, like Mutual TLS:

  1. $ echo "type: Mesh
  2. name: default
  3. mtls:
  4.   enabled: true 
  5.   ca:
  6.     builtin: {}" | kumactl apply -f -

4. Done!

You can configure kumactl to point to any remote kuma-cp instance by running:

  1. $ kumactl config control-planes add --name=XYZ --address=http://address.to.kuma:5681

If you consume the service again on port 10000, you will now notice that the communication requires now a TLS connection.

You can now review the entities created by Kuma by using the kumactl CLI. For example you can list the Meshes:

  1. $ kumactl get meshes
  2. NAME
  3. default

and you can list the data-planes that have been registered, and their status:

  1. $ kumactl get dataplanes
  2. MESH      NAME        TAGS
  3. default   dp-echo-1   service=echo
  5. $ kumactl inspect dataplanes
  6. MESH      NAME        TAGS              STATUS   LAST CONNECTED AGO   LAST UPDATED AGO   TOTAL UPDATES   TOTAL ERRORS
  7. default   dp-echo-1   service=echo      Online   19s                  18s                2               0