Skip to content
Kong Logo | Kong Docs Logo
search
  • We're Hiring!
  • Docs
    • Kong Gateway
    • Kong Konnect
    • Kong Mesh
    • Plugin Hub
    • decK
    • Kubernetes Ingress Controller
    • Insomnia
    • Kuma

    • Docs contribution guidelines
  • Plugin Hub
  • Support
  • Community
  • Kong Academy
Get a Demo Start Free Trial
  • Kong Gateway
  • Kong Konnect
  • Kong Mesh
  • Plugin Hub
  • decK
  • Kubernetes Ingress Controller
  • Insomnia
  • Kuma

  • Docs contribution guidelines
  • 2.2.x (latest)
  • 2.1.x
  • 2.0.x
  • 1.9.x
  • 1.8.x
  • 1.7.x
  • 1.6.x
  • 1.5.x
  • 1.4.x
  • 1.3.x
  • 1.2.x

github-edit-pageEdit this page

report-issueReport an issue

enterprise-switcher-iconSwitch to OSS

Kong Mesh
2.2.x (latest)
  • Home
  • Kong Mesh
  • Production
  • Cp Deployment
  • Deploy a standalone control plane

Deploy a standalone control plane

In order to deploy Kong Mesh in a standalone deployment, the kuma-cp control plane must be started in standalone mode:

Kubernetes
Universal

This is the standard installation method as described in the installation page.

kumactl install control-plane | kubectl apply -f -

With zone egress:

It’s possible to run ZoneEgress for standalone deployment. In order to deploy Kong Mesh with ZoneEgress run the install command with an additional parameter.

kumactl install control-plane --egress-enabled | kubectl apply -f -

This is the standard installation method as described in the installation page.

kuma-cp run

With zone egress:

ZoneEgress works for Universal deployment as well. In order to deploy ZoneEgress for Universal deployment follow the instruction .

Once Kong Mesh is up and running, data plane proxies can now connect directly to it.

When the mode is not specified, Kong Mesh will always start in standalone mode by default.

Optional: Docker authentication

Running administrative tasks (like generating a dataplane token) requires authentication by token or a connection via localhost.

Localhost authentication

For kuma-cp to recognize requests issued to docker published port it needs to run the container in the host network. To do this, add --network="host" parameter to the docker run command.

Authenticate via token

You can also configure kumactl to access kuma-dp from the container. Get the kuma-cp container id:

docker ps # copy kuma-cp container id

export KUMA_CP_CONTAINER_ID='...'

Configure kumactl:

TOKEN=$(bash -c "docker exec -it $KUMA_CP_CONTAINER_ID wget -q -O - http://localhost:5681/global-secrets/admin-user-token" | jq -r .data | base64 -d)

kumactl config control-planes add \
 --name my-control-plane \
 --address http://localhost:5681 \
 --auth-type=tokens \
 --auth-conf token=$TOKEN \
 --skip-verify
Thank you for your feedback.
Was this page useful?
  • Kong
    THE CLOUD CONNECTIVITY COMPANY

    Kong powers reliable digital connections across APIs, hybrid and multi-cloud environments.

    • Company
    • Customers
    • Events
    • Investors
    • Careers Hiring!
    • Partners
    • Press
    • Contact
  • Products
    • Kong Konnect
    • Kong Gateway
    • Kong Mesh
    • Get Started
    • Pricing
  • Resources
    • eBooks
    • Webinars
    • Briefs
    • Blog
    • API Gateway
    • Microservices
  • Open Source
    • Install Kong Gateway
    • Kong Community
    • Kubernetes Ingress
    • Kuma
    • Insomnia
  • Solutions
    • Decentralize
    • Secure & Govern
    • Create a Dev Platform
    • API Gateway
    • Kubernetes
    • Service Mesh
Star
  • Terms•Privacy
© Kong Inc. 2023