Home / Kong Mesh
Edit
Report

Configuring systemd for Kong Mesh

Uses: Kong Mesh
Related Documentation
Mesh Documentation
Tags
#control-plane #data-plane #universal-mode

We recommend using a process manager like systemd when running Kong Mesh on VMs, because it restarts the control plane and data plane proxy processes automatically after failures or reboots.

The following examples show systemd unit files for the control plane (kuma-cp) and the data plane proxy (kuma-dp).

Control plane

The following unit file runs kuma-cp as a long-running service. The [Service] section sets the user and working directory, then starts the control plane with a config file. Restart = always and RestartSec = 1s make systemd restart the process one second after any exit.

[Unit]
Description = Kong Mesh Control Plane
After = network.target
Documentation = https://developer.konghq.com/mesh/

[Service]
User = USER_NAME
WorkingDirectory = MESH_INSTALL_DIRECTORY
ExecStart = ./bin/kuma-cp run --config-file=./cp-config.yaml
LimitNOFILE = 1048576
Restart = always
RestartSec = 1s
StartLimitIntervalSec = 0
StartLimitBurst = 0

[Install]
WantedBy = multi-user.target

In this example:

  • LimitNOFILE is set to 1048576, the same limit that Docker and containerd set by default.
  • StartLimitIntervalSec = 0 and StartLimitBurst = 0 disable rate limiting on start attempts, so systemd keeps trying to restart the control plane regardless of how often it has failed recently.

If your control plane needs to handle a non-trivial number of concurrent connections (a total of both incoming and outgoing connections), set proper resource limits on the kuma-cp process, especially the maximum number of open files. systemd units aren’t affected by the traditional ulimit configuration, so you must set resource limits as part of the systemd unit itself. To check effective resource limits on a running kuma-cp instance, run:

cat /proc/$(pgrep kuma-cp)/limits

Data plane proxy

The following unit file runs kuma-dp as a long-running service.

[Unit]
Description = Kong Mesh Data Plane Proxy
After = network.target
Documentation = https://developer.konghq.com/mesh/

[Service]
User = USER_NAME
WorkingDirectory = MESH_INSTALL_DIRECTORY
ExecStart = ./bin/kuma-dp run \
  --cp-address=https://CP_ADDRESS:5678 \
  --dataplane-token-file=./echo-service-universal.token \
  --dataplane-file=./dataplane-notransparent.yaml \
  --ca-cert-file=./ca.pem
Restart = always
RestartSec = 1s
StartLimitIntervalSec = 0
StartLimitBurst = 0

[Install]
WantedBy = multi-user.target
Something wrong?
Report an Issue | Edit this Page
View all Kong documentation

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help?

Ask in our Slack Community
Contact Support