diff --git a/.github/styles/base/Dictionary.txt b/.github/styles/base/Dictionary.txt index 62d8bc6458..2cbd8bbe1b 100644 --- a/.github/styles/base/Dictionary.txt +++ b/.github/styles/base/Dictionary.txt @@ -287,8 +287,9 @@ Gluu gojira Golang googleSearch +goroutine Goroutine -Goroutine +goroutines GPUs gbps grafana diff --git a/app/_data/kuma_to_mesh/config.yaml b/app/_data/kuma_to_mesh/config.yaml index 4a63485f4a..1fe21d1dc6 100644 --- a/app/_data/kuma_to_mesh/config.yaml +++ b/app/_data/kuma_to_mesh/config.yaml @@ -74,8 +74,10 @@ pages: related_resources: - text: MeshTLS policy url: /mesh/policies/meshtls/ - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' min_version: mesh: '2.9' - @@ -108,18 +110,6 @@ pages: url: /mesh/#install-kong-mesh min_version: mesh: '2.7' - - - path: app/_src/introduction/kuma-requirements.md - title: 'Requirements' - description: 'Learn about the requirements for running {{site.mesh_product_name}}, including supported platforms, sizing guidelines, and Kubernetes setup.' - url: '/mesh/requirements/' - related_resources: - - text: Kong Mesh GUI and ports reference - url: /mesh/use-kuma/ - - text: Version support policy - url: '/mesh/support-policy/' - - text: Mesh concepts - url: /mesh/concepts/ - path: app/_src/networking/dns.md title: 'DNS' @@ -158,8 +148,10 @@ pages: url: /mesh/policies/ - text: Mesh DNS url: '/mesh/dns/' - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' min_version: mesh: '2.8' - @@ -172,8 +164,10 @@ pages: url: /mesh/policies/ - text: Mesh DNS url: '/mesh/dns/' - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' min_version: mesh: '2.9' - @@ -186,8 +180,10 @@ pages: url: '/mesh/mesh-multizone-service-deployment/' - text: Mesh DNS url: '/mesh/dns/' - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' min_version: mesh: '2.8' - @@ -206,8 +202,10 @@ pages: related_resources: - text: Mesh DNS url: '/mesh/dns/' - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' - text: Install Kong Mesh url: /mesh/#install-kong-mesh - text: Multi-zone authentication @@ -278,8 +276,10 @@ pages: url: /mesh/zone-egress/ - text: MeshMultiZoneService url: /mesh/meshmultizoneservice/ - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' - text: 'Secure access across services' url: '/mesh/secure-access/' - text: Configure zone proxy authentication @@ -337,8 +337,10 @@ pages: url: /mesh/zone-egress/ - text: MeshMultiZoneService url: /mesh/meshmultizoneservice/ - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' - text: Mesh on Amazon ECS url: '/mesh/ecs/' @@ -358,8 +360,10 @@ pages: url: /mesh/meshmultizoneservice/ - text: Deploy Kong Mesh on Universal url: '/mesh/universal/' - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' - path: app/_src/reference/kuma-cp.md title: 'kuma-cp configuration reference' @@ -374,8 +378,10 @@ pages: url: '/mesh/universal/' - text: 'Deploy Kong Mesh on Kubernetes' url: '/mesh/kubernetes/' - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' - path: app/_src/using-mesh/managing-ingress-traffic/builtin-k8s.md title: 'Running built-in gateway pods on Kubernetes' @@ -517,8 +523,10 @@ pages: related_resources: - text: Audit logs url: /mesh/access-audit/ - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' - text: Policy Hub url: /mesh/policies/ - text: Mesh CLI @@ -703,16 +711,20 @@ pages: related_resources: - text: Mesh GUI url: '/mesh/kuma-user-interface-gui/' - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' - path: app/_src/reference/data-collection.md title: 'Kong Mesh data collection' description: 'Enable or disable data collection in {{site.mesh_product_name}}. Understand what telemetry is collected and how to configure reporting.' url: '/mesh/data-collection/' related_resources: - - text: Mesh requirements - url: '/mesh/requirements/' + - text: '{{site.mesh_product_name}} resource sizing guidelines' + url: '/mesh/resource-sizing-guidelines/' + - text: '{{site.mesh_product_name}} version compatibility' + url: '/mesh/version-compatibility/' - text: Audit logs url: /mesh/access-audit/ tags: diff --git a/app/_redirects b/app/_redirects index 42fba66563..ac501a241b 100644 --- a/app/_redirects +++ b/app/_redirects @@ -14,6 +14,7 @@ /gateway-manager/konnect-logs/ /dedicated-cloud-gateways/konnect-logs/ /gateway-manager/ /gateway/ /ai-manager/ /ai-gateway/ +/mesh/requirements/ /mesh/version-compatibility/ # API spec links (delete when fixed) /gateway/latest/plan-and-deploy/security/secrets-management/getting-started /gateway/entities/vault/ diff --git a/app/mesh/resource-sizing-guidelines.md b/app/mesh/resource-sizing-guidelines.md new file mode 100644 index 0000000000..a82461165f --- /dev/null +++ b/app/mesh/resource-sizing-guidelines.md @@ -0,0 +1,95 @@ +--- +title: "{{site.mesh_product_name}} resource sizing guidelines" +description: "Learn about control plane and sidecar container sizing guidelines for {{site.mesh_product_name}}." +content_type: reference +layout: reference +products: + - mesh +breadcrumbs: + - /mesh/ + +tags: + - performance + +works_on: + - on-prem + +related_resources: + - text: "{{site.mesh_product_name}} version support policy" + url: /mesh/support-policy/ + - text: Mesh concepts + url: /mesh/concepts/ +--- + +## Sizing your control plane + +Generally, a {{site.mesh_product_name}} control plane with 4vCPU and 2GB of memory will be able to accommodate more than 1000 data planes. + +A good rule of thumb is to assign about 1MB of memory per data plane. +When it comes to CPUs, {{site.mesh_product_name}} handles parallelism extremely well since its architecture uses a lot of shared-nothing goroutines, so more CPUs usually enable quicker propagation of changes. + +However, we highly recommend that you to run your own load tests prior to going to production. +There are many ways to run workloads and deploy applications, and while we test some of them, you are in the best position to build a realistic benchmark of what you do. + +To see if you may need to increase your control plane's spec, there are two main metrics to pay attention to: + +- Propagation time (`xds_delivery`): This is the time it takes between a change in the mesh and the data plane receiving its updated configuration. Think about it as the reactivity of your mesh. +- Configuration generation time (`xds_generation`): This is the time it takes for the configuration to be generated. + +For any large mesh using a transparent proxy, we recommend using [reachable services](/mesh/performance-tuning/#reachable-services). + +You can also find tuning configuration in the [performance fine-tuning](/mesh/performance-tuning/) documentation. + +## Sizing your sidecar container on Kubernetes + +When deploying {{site.mesh_product_name}} on Kubernetes, the sidecar is deployed as a separate container, `kuma-sidecar`, in your pods. By default it has the following resource requests and limits: + +```yaml +resources: + requests: + cpu: 50m + memory: 64Mi + limits: + cpu: 1000m + memory: 512Mi +``` + +This configuration should be enough for most use cases. In some cases (for example, when you can't scale horizontally or your service handles lots of concurrent traffic), you may need to change these values. You can do this using the [`ContainerPatch` resource](/mesh/data-plane-kubernetes/#custom-container-configuration). + +For example, you can modify individual parameters under `resources`: + +```yaml +apiVersion: kuma.io/v1alpha1 +kind: ContainerPatch +metadata: + name: container-patch-1 + namespace: {{site.mesh_namespace}} +spec: + sidecarPatch: + - op: add + path: /resources/requests/cpu + value: '"1"' +``` + +Or you can modify the entire `limits`, `request` or `resources` sections: + +```yaml +apiVersion: kuma.io/v1alpha1 +kind: ContainerPatch +metadata: + name: container-patch-1 + namespace: {{site.mesh_namespace}} +spec: + sidecarPatch: + - op: add + path: /resources/limits + value: '{ + "cpu": "1", + "memory": "1G" + }' +``` + +Check the [`ContainerPatch` documentation](/mesh/data-plane-kubernetes/#workload-matching) to learn how to apply these resources to specific pods. + +{:.info} +> **Note**: When changing these resources, remember that they must be described using [Kubernetes resource units](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-units-in-kubernetes). diff --git a/app/mesh/version-compatibility.md b/app/mesh/version-compatibility.md new file mode 100644 index 0000000000..acccb06053 --- /dev/null +++ b/app/mesh/version-compatibility.md @@ -0,0 +1,83 @@ +--- +title: "{{site.mesh_product_name}} version compatibility" +description: "Learn about the versions of {{site.mesh_product_name}} compatible with specific versions of Kubernetes and Envoy." +content_type: policy +layout: reference +products: + - mesh +breadcrumbs: + - /mesh/ + +tags: + - compatibility +works_on: + - on-prem + +related_resources: + - text: "{{site.mesh_product_name}} version support policy" + url: /mesh/support-policy/ + - text: "{{site.mesh_product_name}} resource sizing guidelines" + url: /mesh/resource-sizing-guidelines/ +--- + +{{site.mesh_product_name}} is compatible with different versions of Kubernetes and Envoy. + +## Kubernetes + +The following table presents the general compatibility of {{site.mesh_product_name}} with specific Kubernetes versions. + +{% version_compatibility_table %} +product: "{{site.mesh_product_name}}" +versions: + - 2.7 + - 2.8 + - 2.9 + - 2.10 + - 2.11 + - 2.12 + - 2.13 +compatible_product: Kubernetes +compatible_versions: + "1.34": [2.13] + "1.33": [2.13] + "1.32": [2.11, 2.12, 2.13] + "1.31": [2.7, 2.9, 2.10, 2.11, 2.12, 2.13] + "1.30": [2.7, 2.8, 2.9, 2.10, 2.11, 2.12] + "1.29": [2.7, 2.8, 2.9, 2.10, 2.11, 2.12] + "1.28": [2.7, 2.8, 2.9, 2.10, 2.11, 2.12] + "1.27": [2.7, 2.8, 2.9, 2.10, 2.11, 2.12] + "1.26": [2.7, 2.8, 2.9, 2.10] + "1.25": [2.7, 2.8, 2.9, 2.10] + "1.24": [2.7, 2.8] + "1.23": [2.7, 2.8] +{% endversion_compatibility_table %} + +## Envoy + +The following table presents the general compatibility of {{site.mesh_product_name}} with specific Envoy versions. +By default, each version of {{site.mesh_product_name}} uses the latest compatible Envoy version, and supports +Envoy versions used in the two previous minor versions of {{site.mesh_product_name}}. + +{% version_compatibility_table %} +product: "{{site.mesh_product_name}}" +versions: + - 2.7 + - 2.8 + - 2.9 + - 2.10 + - 2.11 + - 2.12 + - 2.13 +compatible_product: Envoy +compatible_versions: + "1.36": [2.13] + "1.35": [2.13, 2.12] + "1.34": [2.13, 2.12, 2.11] + "1.33": [2.12, 2.11, 2.10, 2.9, 2.8, 2.7] + "1.31": [2.10, 2.9, 2.8] + "1.29": [2.9, 2.8, 2.7] +{% endversion_compatibility_table %} + +## Architecture + +{{site.mesh_product_name}} supports machines with `x86_64` and `arm64` architecture. \ No newline at end of file