Edit
Report

Kong Mesh guides

Learn how to use Mesh to solve common challenges
Mesh Documentation

Security and enforcing policies

One of the key tenets of a Service Mesh is the ability to encrypt and control service to service communication. With Kong Mesh, your application developers can concentrate on core business logic, while Mesh deals with security.

Service to Service encryption (mTLS)

Learn how to configure service to service encryption, generate certificates, and configure external Certificate Authorities.

Enable mTLS Certificate authority integration

Common enforcment policies

Guide to deploying Kong Mesh in Universal mode using Docker containers. Walks through installing the Control Plane, adding demo services, enabling mTLS, and configuring gateways.

MeshTLS MeshTrafficPermission

Role based access

Configure what rights and access your developers and platform teams have whilst using Kong Mesh

Enable mTLS Certificate authority integration

Deployment modes

Single-zone

Run Kong Mesh in a single zone with a standalone Control Plane and interconnected Data Plane proxies.

Learn more →

Multi-zone

Group equivalent MeshServices across zones and expose a unified, zone-agnostic service with global failover capabilities.

Learn more →

Next steps

Routing within the Mesh

Creating multiple isolated service meshes within the same Kong Mesh cluster.

Learn more →

Multi tenant Mesh

Creating multiple isolated service meshes within the same Kong Mesh cluster.

Learn more →

Configure ingress traffic

Configure ingress (north / south traffic into your Mesh) using built-in or Kong gateway.

Learn more →

Apply network policies

Use policies to control your service to service and network traffic

Learn more →

Observability

Monitor service to service communication

Learn more →

Key references

Kong Mesh changelog

See new Kong Mesh features and bug fixes.

View the changelog →

Policy Hub

Kong Mesh policies are bundled features for your service traffic and network configuration.

See policies →

Enterprise features

Explore the features included with Kong Mesh Enterprise, including mTLS backends, RBAC, FIPS support, and signed container images.

See enterprise features →

Kong Mesh CLI

Reference for the CLI tools included in Kong Mesh, including usage examples and commands for kumactl, kuma-cp, and kuma-dp.

View the reference →

Kong Mesh requirements

See the different requirements to deploy Kong Mesh

View the requirements →

kuma-cp reference

Configuration reference for kuma-cp.

View the reference →

Security and access

Kong Mesh audit logs

Track all user and system actions in Kong Mesh using the AccessAudit resource and configurable backends.

View the reference →

Kong Mesh RBAC

Use AccessRole and AccessRoleBinding resources in Kong Mesh to implement fine-grained, role-based access to policies and actions.

View the reference →

Secure access across services

Learn how secure access is provided across a Kong Mesh deployment.

View the reference →

Support policies

Kong Mesh version support policy

The Kong Mesh version support policy outlines the Kong Mesh versioning scheme and version lifecycle, from release to sunset support.

View the version support policy →

Kong Mesh vulnerability patching process

Understand how Kong addresses and patches vulnerabilities in Kong Mesh binaries, third-party dependencies, and Docker images.

View the vulnerability support policy →

Kong Mesh software bill of materials

See the SBOM for Kong Mesh releases.

View the SBOM →
Something wrong?
Report an Issue | Edit this Page
View all Kong documentation

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help?

Ask in our Slack Community
Contact Support