Configure a Mesh Global Control Plane with the Kubernetes demo app

Using Mesh Manager, you can create global control planes to manage your Kong Mesh meshes. This guide explains how to configure a global control plane with Kong Mesh, and then install the Kubernetes demo app so you can test out the Kong Mesh interface in Kong Konnect.

Prerequisites

• A Kubernetes cluster with load balancer service capabilities
• kubectl installed and configured to communicate with your Kubernetes cluster
• The latest version of Kong Mesh

Create a global control plane in Konnect

Before you can add your services to the mesh or any configuration, you must create a global control plane in Konnect. This global control plane is hosted by Konnect. The global control plane allows you to configure the data plane proxies for handling mesh traffic.

1. From the left navigation menu in Konnect, open Mesh Manager.
2. Click New Global Control Plane.
3. Enter example-cp in the Name field and click Save.

You now have a global control plane. This control plane won’t have any functionality until you connect a zone to it.

Create a zone in the global control plane

After creating the global control plane, you must add a zone to that control plane. Adding a zone allows you to manage services added to that zone and send and receive configuration changes to the zone.

1. Select the example-cp control plane you just created and then click Create Zone.
   Mesh Manager automatically creates a managed service account that is only used to issue a token during the zone creation process.

2. Enter zone-1 in the Name field for the new zone, and then click Create Zone & generate token.

   Note: The zone name must consist of lower case alphanumeric characters or -. It must also start and end with an alphanumeric character.

3. Follow the instructions to set up Helm and a secret token. Konnect will automatically start looking for the zone. Once Konnect finds the zone, it will display it.

You now have a very basic Kong Mesh service mesh added to Konnect. This service mesh can only create meshes and policies at the moment, so you need to add services and additional configurations to it.

Add services to your mesh

Now that you’ve added a global control plane and a zone to your service mesh in Konnect, you can add services to your mesh.

In this tutorial, we will use the services from the demo app as an easy way to see how Kong Mesh services can be managed with Mesh Manager. The Kong Mesh Kubernetes demo app sets up two services so you can see how Kong Mesh can be used to control services, monitor traffic, and track resource status:

• demo-app: A web application that lets you increment a numeric counter. It listens on port 5000.
• redis: A data store for the counter.

To add the services to your mesh using the demo app, run the following command:

kubectl apply -f https://raw.githubusercontent.com/kumahq/kuma-counter-demo/master/demo.yaml
kubectl wait -n kuma-demo --for=condition=ready pod --selector=app=demo-app --timeout=90s

You can see the services the Kubernetes demo app added by navigating to Mesh Manager in the sidebar of Konnect, selecting the example-cp and clicking Meshes in the sidebar. You can view the services associated with that mesh by clicking Default and the Services tab.

For more information about the Kubernetes demo app, see Explore Kong Mesh with the Kubernetes demo app.

Configure kumactl to connect to your global control plane

Since we are deploying Kong Mesh zone in Kubernetes mode for this tutorial, kumactl is read-only. Instead, kubectl is used to apply changes to Kong Mesh zone directly. Although, we don’t use kumactl in this tutorial because we are using Kubernetes, it’s still best practice to configure it to connect to your global control plane.

kumactl is a CLI tool that you can use to access Kong Mesh. It can create, read, update, and delete resources in Kong Mesh in Universal/Konnect mode.

1. From the left navigation menu in Konnect, open Mesh Manager and select the example-cp control plane.
2. From the Actions dropdown menu, select Configure kumactl and follow the steps in the wizard to connect kumactl to the control plane.
3. Verify that the services you added from the previous section with the Kubernetes demo app are running correctly:

     kumactl get dataplanes
   

   If your data planes were configured correctly with the demo app, the output should return two data planes: demo-app and redis.

You can now issue commands to your global control plane using kumactl. You can see the kumactl command reference for more information about the commands you can use.

Conclusion

By following the instructions in this guide, you’ve created a global control plane for Kong Mesh, added a zone to it, configured kumactl to connect to your global control plane, and added services to the mesh.

Next steps

Now that you’ve configured a global control plane, you can continue to configure your service mesh in Konnect by enabling traffic permissions on your demo app services.