Home / Kong Mesh
Edit
Report

Install Kong Mesh

Uses: Kong Mesh
Incompatible with
konnect
Related Documentation
Mesh Documentation
In This Series
  1. Install Kong Mesh
  2. Set up the Kong Mesh control plane
  3. Set up the Kong Mesh key/value store
  4. Set up a Kong Mesh demo application
  5. Introduce zero-trust security with Kong Mesh
Tags
#get-started #universal-mode #docker
Related Resources
Kong Mesh data plane on Universal
Zone egress
MeshMultiZoneService
Kong Mesh resource sizing guidelines
Kong Mesh version compatibility
Mesh on Amazon ECS
Minimum Version
Kong Mesh - 2.10
TL;DR

Install the Kong Mesh binaries, create a temporary directory for tokens and configuration files, and set up a Docker network for the demo containers.

Prerequisites

Docker

This guide requires Docker installed on your system.

jq

This guide requires jq installed on your system.

This series walks you through running Kong Mesh in Universal mode using Docker containers. You’ll set up and secure a simple demo application to explore how Kong Mesh works. The application consists of two services:

  • demo-app: A web application that lets you increment a numeric counter.
  • kv: A data store that keeps the counter’s value.
 
flowchart LR
browser(browser)

subgraph mesh
edge-gateway
demo-app(demo-app :5050)
kv(kv :5050)
end
edge-gateway --> demo-app
demo-app --> kv
browser --> edge-gateway

Install Kong Mesh

  1. Run the following command to install the Kong Mesh binaries:

    curl -L https://developer.konghq.com/mesh/installer.sh | VERSION=2.13.5 sh -

  2. Add the binaries to your system’s path:

    export PATH="$(pwd)/kong-mesh-2.13.5/bin:$PATH"

  3. Run the following command to confirm that Kong Mesh is installed correctly:

    kumactl version 2>/dev/null

    You should see the following output:

    Client: Kong Mesh 2.13.5

Create a temporary directory

Set up a temporary directory to store resources like data plane tokens, Dataplane templates, and logs. Ensure the path does not end with a trailing /.

If you are using Colima, make sure to adjust the path in the steps of this guide. Colima only allows shared paths from the HOME directory or /tmp/colima/. Instead of /tmp/kong-mesh-demo, you can use /tmp/colima/kong-mesh-demo.

Create the directory if it doesn’t exist:

export KONG_MESH_DEMO_TMP="/tmp/kong-mesh-demo"
mkdir -p "$KONG_MESH_DEMO_TMP"

Create a Dataplane resource template

Create a reusable Dataplane resource template for services:

echo 'type: Dataplane
mesh: default
name: {{ name }}
labels:
  app: {{ name }}
networking:
  address: {{ address }}
  inbound:
    - port: {{ port }}
      tags:
        kuma.io/service: {{ name }}
        kuma.io/protocol: http
  transparentProxying:
    redirectPortInbound: 15006
    redirectPortOutbound: 15001' > "$KONG_MESH_DEMO_TMP/dataplane.yaml"

This template simplifies creating Dataplane configurations for different services by replacing dynamic values during deployment.

Create a transparent proxy configuration file

Create a configuration file that identifies the data plane proxy user and enables DNS traffic redirection through the mesh:

echo 'kumaDPUser: kong-mesh-data-plane-proxy
redirect:
  dns:
    enabled: true
verbose: true' > "$KONG_MESH_DEMO_TMP/config-transparent-proxy.yaml"

Create a Docker network

Set up a separate Docker network for the containers. In this example we’ll use IP addresses in the 172.18.78.0/24 range:

docker network create \
  --subnet 172.18.0.0/16 \
  --ip-range 172.18.78.0/24 \
  --gateway 172.18.78.254 \
  kong-mesh-demo
Next → 2. Set up the Kong Mesh control plane
Something wrong?
Report an Issue | Edit this Page
View all Kong documentation

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help?

Ask in our Slack Community
Contact Support