Docker

To install and run Kuma on Docker execute the following steps:

The official Docker images are used by default in the Kubernetes and OpenShift distributions.

1. Download Kuma

Kuma provides the following Docker images for all of its executables:

  • kuma-cp: at docker.io/kumahq/kuma-cp:1.7.2
  • kuma-dp: at docker.io/kumahq/kuma-dp:1.7.2
  • kumactl: at docker.io/kumahq/kumactl:1.7.2
  • kuma-prometheus-sd: at docker.io/kumahq/kuma-prometheus-sd:1.7.2

You can freely docker pull these images to start using Kuma, as we will demonstrate in the following steps.

2. Run Kuma

We can run Kuma:

docker run -p 5681:5681 docker.io/kumahq/kuma-cp:1.7.2 run

This example will run Kuma in standalone mode for a “flat” deployment, but there are more advanced deployment modes like “multi-zone”.

Note: By default this will run Kuma with a memory backend, but you can use a persistent storage like PostgreSQL by updating the conf/kuma-cp.conf file.

2.1 Authentication (optional)

Running administrative tasks (like generating a dataplane token) requires authentication by token or a connection via localhost.

2.1.1 Localhost

For kuma-cp to recognize requests issued to docker published port it needs to run the container in the host network. To do this, add --network="host" parameter to the docker run command from point 2.

2.1.2 Authenticating via token

You can also configure kumactl to access kuma-dp from the container. Get the kuma-cp container id:

  1. docker ps # copy kuma-cp container id
  2. export KUMA_CP_CONTAINER_ID='...'

Configure kumactl:

  1. TOKEN=$(bash -c "docker exec -it $KUMA_CP_CONTAINER_ID wget -q -O - http://localhost:5681/global-secrets/admin-user-token" | jq -r .data | base64 -d)
  2. kumactl config control-planes add \
  3. --name my-control-plane \
  4. --address http://localhost:5681 \
  5. --auth-type=tokens \
  6. --auth-conf token=$TOKEN \
  7. --skip-verify

3. Use Kuma

Kuma (kuma-cp) is now running! Now that Kuma has been installed you can access the control-plane via either the GUI, the HTTP API, or the CLI:

Kuma ships with a read-only GUI that you can use to retrieve Kuma resources. By default the GUI listens on the API port and defaults to :5681/gui.

To access Kuma you can navigate to 127.0.0.1:5681/gui to see the GUI.

Kuma ships with a read and write HTTP API that you can use to perform operations on Kuma resources. By default the HTTP API listens on port 5681.

To access Kuma you can navigate to 127.0.0.1:5681 to see the HTTP API.

You can use the kumactl CLI to perform read and write operations on Kuma resources. The kumactl binary is a client to the Kuma HTTP API. For example:

  1. docker run --net="host" kumahq/kumactl:<version> kumactl get meshes
  2. NAME mTLS METRICS LOGGING TRACING
  3. default off off off off

or you can enable mTLS on the default Mesh with:

  1. echo "type: Mesh
  2. name: default
  3. mtls:
  4. enabledBackend: ca-1
  5. backends:
  6. - name: ca-1
  7. type: builtin" | docker run -i --net="host" \
  8. docker.io/kumahq/kumactl:<version> kumactl apply -f -

Note: we are running kumactl from the Docker container on the same network as the host, but most likely you want to download a compatible version of Kuma for the machine where you will be executing the commands.

You can run the following script to automatically detect the operating system and download Kuma:

  1. curl -L https://kuma.io/installer.sh | VERSION=1.7.2 sh -

or you can download the distribution manually:

and extract the archive with:

  1. tar xvzf kuma-*.tar.gz

You will then find the kumactl executable in the kuma-1.7.2/bin folder.

You will notice that Kuma automatically creates a Mesh entity with name default.

4. Quickstart

Congratulations! You have successfully installed Kuma on Docker 🚀.

In order to start using Kuma, it’s time to check out the quickstart guide for Universal deployments. If you are using Docker you may also be interested in checking out the Kubernetes quickstart as well.