Docker
To install and run Kuma on Docker execute the following steps:
The official Docker images are used by default in the Kubernetes and OpenShift distributions.
1. Download Kuma
Kuma provides the following Docker images for all of its executables:
- kuma-cp: at
docker.io/kumahq/kuma-cp:1.7.2
- kuma-dp: at
docker.io/kumahq/kuma-dp:1.7.2
- kumactl: at
docker.io/kumahq/kumactl:1.7.2
- kuma-prometheus-sd: at
docker.io/kumahq/kuma-prometheus-sd:1.7.2
You can freely docker pull
these images to start using Kuma, as we will demonstrate in the following steps.
2. Run Kuma
We can run Kuma:
docker run -p 5681:5681 docker.io/kumahq/kuma-cp:1.7.2 run
This example will run Kuma in standalone
mode for a “flat” deployment, but there are more advanced deployment modes like “multi-zone”.
Note: By default this will run Kuma with a memory
backend, but you can use a persistent storage like PostgreSQL by updating the conf/kuma-cp.conf
file.
2.1 Authentication (optional)
Running administrative tasks (like generating a dataplane token) requires authentication by token or a connection via localhost.
2.1.1 Localhost
For kuma-cp
to recognize requests issued to docker published port it needs to run the container in the host network. To do this, add --network="host"
parameter to the docker run
command from point 2.
2.1.2 Authenticating via token
You can also configure kumactl
to access kuma-dp
from the container. Get the kuma-cp
container id:
docker ps # copy kuma-cp container id
export KUMA_CP_CONTAINER_ID='...'
Configure kumactl
:
TOKEN=$(bash -c "docker exec -it $KUMA_CP_CONTAINER_ID wget -q -O - http://localhost:5681/global-secrets/admin-user-token" | jq -r .data | base64 -d)
kumactl config control-planes add \
--name my-control-plane \
--address http://localhost:5681 \
--auth-type=tokens \
--auth-conf token=$TOKEN \
--skip-verify
3. Use Kuma
Kuma (kuma-cp
) is now running! Now that Kuma has been installed you can access the control-plane via either the GUI, the HTTP API, or the CLI:
Kuma ships with a read-only GUI that you can use to retrieve Kuma resources. By default the GUI listens on the API port and defaults to :5681/gui
.
To access Kuma you can navigate to 127.0.0.1:5681/gui to see the GUI.
Kuma ships with a read and write HTTP API that you can use to perform operations on Kuma resources. By default the HTTP API listens on port 5681
.
To access Kuma you can navigate to 127.0.0.1:5681 to see the HTTP API.
You can use the kumactl
CLI to perform read and write operations on Kuma resources. The kumactl
binary is a client to the Kuma HTTP API. For example:
docker run --net="host" kumahq/kumactl:<version> kumactl get meshes
NAME mTLS METRICS LOGGING TRACING
default off off off off
or you can enable mTLS on the default
Mesh with:
echo "type: Mesh
name: default
mtls:
enabledBackend: ca-1
backends:
- name: ca-1
type: builtin" | docker run -i --net="host" \
docker.io/kumahq/kumactl:<version> kumactl apply -f -
Note: we are running kumactl
from the Docker container on the same network as the host
, but most likely you want to download a compatible version of Kuma for the machine where you will be executing the commands.
You can run the following script to automatically detect the operating system and download Kuma:
curl -L https://kuma.io/installer.sh | VERSION=1.7.2 sh -
or you can download the distribution manually:
and extract the archive with:
tar xvzf kuma-*.tar.gz
You will then find the kumactl
executable in the kuma-1.7.2/bin
folder.
You will notice that Kuma automatically creates a Mesh entity with name default
.
4. Quickstart
Congratulations! You have successfully installed Kuma on Docker 🚀.
In order to start using Kuma, it’s time to check out the quickstart guide for Universal deployments. If you are using Docker you may also be interested in checking out the Kubernetes quickstart as well.