Kuma 0.5 Released With Advanced TLS, Fault Injection, New GUI and More

We are happy to announce the release of Kuma 0.5! We are particularly proud for this release since it introduces about 30 new features and many improvements and – as usual – every Kuma improvement is always available on both Kubernetes and Universal (VMs) modes. This version of Kuma also ships with a new logo for the project!

The new logo for Kuma signifies a new era for the project, driven by more feature maturity as well as more adoption within the community. Today Kuma is being utilized to power mission-critical connectivity in technology, financial and telecommunication companies around the world and our users and their production requirements are a main driver to the overall roadmap.

Also, the new logo is better suited to be displayed in different sizes on different mediums and – as you can imagine – it resembles a bear face since Kuma means “bear” in Japanese クマ.

Notable Features

• Support for multiple mTLS backends with automatic certificate rotation.
• A new Fault Injection policy.
• Significant improvements in the GUI including more scalable tables and wizards.
• Updated support to latest Kubernetes (v1.18) and Envoy (v1.14.1) versions.
• Official OpenShift 3.x and 4.x (via CNI) and Amazon Linux distributions.

And much more. For a complete list of features and updates, take a look at the full changelog.

Mutual TLS with Auto-Rotation

While Mutual TLS has been available since the first version of Kuma, with this release Kuma now supports multiple mTLS backends interface with automatic mTLS certificate rotation, and support for a standardized “Secret” resource that can be used across Universal and Kubernetes installations (on Kubernetes, the resource leverages the native K8s “Secret” object) to provide your own CA root certificates and keys.

These updates substantially improve mTLS support in Kuma, while at the same time they provide an interface that can be implemented to add more mTLS backends. Below an example of the new Mutual TLS policy configuration in Kubernetes:

Kuma will also automatically rotate the mTLS certificates issued to every data plane proxy with configurable expiration times.

GUI

We have revamped the GUI to support pagination, more scalable visualizations of the tables and individual resources, as well as introducing the first wizards with the goal of simplifying using Kuma: in this release we have shipped for Mesh and Dataplane resources, but more will be added in the next releases.

Homebrew Support

We have released Homebrew support for Kuma. Here is an example on how to use to install Kuma on Kubernetes:

Community Calls

Join us on our community channels to learn more about Kuma, to get up and running on using Kuma, to learn how to contribute and discuss the project roadmap. Kuma is an open governance project, and we welcome everybody to be part of our journey.

Upgrading

Be sure to carefully read the Upgrade Guide, as this new version introduces a few important changes.

Community Highlight

Contributors are the core of open-source, and we would like to give a special shoutout to all of them! There is one we would like to feature first because of his impact on this release. If you look at the changelog, you will see one name pop up consistently: Tharun.

To quote the man himself, “Open source for me means making things easier for the next person, who is trying to solve the same problem I just had. And it is also about the community where it connects people around the world sharing their knowledge and learning from others.” Kuma is very grateful to have him contributing to our community. We would also like to feature the following contributors for their contributions:

• @Lynskylate
• @sudeeptoroy
• @pgrimaud
• @tommy-sho
• @ryysud

You all rock! We are finalizing your limited edition contributor shirts, so be on the lookout for those 🙂 And for folks looking to join the Kuma rockstar list, check out Kuma's open issues on GitHub, and let us help you get started.