kumahq / kuma

🐻 The multi-zone service mesh for containers, Kubernetes and VMs. Built with Envoy. CNCF Sandbox Project.
https://kuma.io/install
Apache License 2.0
3.67k stars 333 forks source link
apis cloud-native cncf connectivity control-plane controlplane envoy envoyproxy golang kong kubernetes kuma mesh microservices networking service-mesh servicemesh sidecar-proxy

Builds

GitHub Actions master

Code quality

Go Report Card OpenSSF Best Practices OpenSSF Scorecard License CLOMonitor

Releases

Docker hub Artifact HUB Package Hosting By: Cloudsmith

Social

Slack Twitter

Kuma is a modern Envoy-based service mesh that can run on every cloud, in a single or multi-zone capacity, across both Kubernetes and VMs. Thanks to its broad universal workload support, combined with native support for Envoy as its data plane proxy technology (but with no Envoy expertise required), Kuma provides modern L4-L7 service connectivity, discovery, security, observability, routing and more across any service on any platform, databases included.

Easy to use, with built-in service mesh policies for security, traffic control, discovery, observability and more, Kuma ships with an advanced multi-zone and multi-mesh support that automatically enables cross-zone communication across different clusters and clouds, and automatically propagates service mesh policies across the infrastructure. Kuma is currently being adopted by enterprise organizations around the world to support distributed service meshes across the application teams, on both Kubernetes and VMs.

Originally created and donated by Kong, Kuma is today CNCF (Cloud Native Computing Foundation) Sandbox project and therefore available with the same openness and neutrality as every other CNCF project. Kuma has been engineered to be both powerful yet simple to use, reducing the complexity of running a service mesh across every organization with very unique capabilities like multi-zone support, multi-mesh support, and a gradual and intuitive learning curve.

Users that require enterprise-level support for Kuma can explore the enterprise offerings available.

Built by Envoy contributors at Kong 🦍.

Get Started

Get Involved

Need help? In your journey with Kuma you can get in touch with the broader community via the official community channels.

Summary

Why Kuma?

Built with enterprise use-cases in mind, Kuma is a universal service mesh that supports both Kubernetes and VMs deployments across single and multi-zone setups, with turnkey service mesh policies to get up and running easily while supporting multi-tenancy and multi-mesh on the same control plane. Kuma is a CNCF Sandbox project.

Unlike other service mesh solutions, Kuma innovates the service mesh ecosystem by providing ease of use, native support for both Kubernetes and VMs on both the control plane and the data plane, multi-mesh support that can cross every boundary including Kubernetes namespaces, out of the box multi-zone and multi-cluster support with automatic policy synchronization and connectivity, zero-trust, observability and compliance in one-click, support for custom workload attributes that can be leveraged to accelerate PCI and GDPR compliance, and much more.

Below is an example of using Kuma's attributes to route all traffic generated by any PCI-compliant service in Switzerland, to only be routed within the Swiss region:

apiVersion: kuma.io/v1alpha1
kind: TrafficRoute
mesh: default
metadata:
  name: ch-pci-compliance
spec:
  sources:
    - match:
        kuma.io/service: '*'
        kuma.io/zone: 'CH'
        PCI: true
  destinations:
    - match:
        kuma.io/service: '*'
  conf:
    loadBalancer:
      roundRobin: {}
    split:
      - weight: 100
        destination:
          kuma.io/service: '*'
          kuma.io/zone: 'CH'

The above example can also be applied on virtual machines via the built-in kumactl CLI.

With Kuma, our application teams can stop building connectivity management code in every service and every application, and they can rely on modern service mesh infrastructure instead to improve their efficiency and the overall agility of the organization:

Features

Distributions

Kuma is a platform-agnostic product that ships in different distributions. You can explore the available installation options at the official website.

You can use Kuma for modern greenfield applications built on containers as well as existing applications running on more traditional infrastructure. Kuma can be fully configured via CRDs (Custom Resource Definitions) on Kubernetes and via a RESTful HTTP API in other environments that can be easily integrated with CI/CD workflows.

Kuma also provides an easy to use kumactl CLI client for every environment, and an official GUI that can be accessed by the browser.

Roadmap

Kuma releases a minor version on a 10-week release cycle. The roadmap is tracked using milestones: https://github.com/kumahq/kuma/milestones

Development

Kuma is under active development and production-ready.

See Developer Guide for further details.

Enterprise Support

If you are implementing Kuma in a mission-critical environment and require enterprise support and features, please visit Enterprise to explore the available offerings.

Package Hosting

Package repository hosting is graciously provided by Cloudsmith. Cloudsmith is the only fully hosted, cloud-native, universal package management solution, that enables your organization to create, store and share packages in any format, to any place, with total confidence.