Setting up Kubernetes for the first time presents networking challenges, particularly in safely granting outside clients access to the cluster while maintaining internal communication among pods. To address this, the post explores the use of Kuma, a modern service mesh that integrates with Envoy Proxy, to manage and observe Kubernetes traffic. Kuma enables seamless management of network services, offering capabilities like fine-grained traffic control, rapid metrics analysis, and observability through integration with tools such as Prometheus and Grafana. It supports multi-zone deployments and is compatible with the Container Network Interface (CNI) standard, allowing easy configuration and swapping of network policies. Kuma simplifies the setup of traffic rules using a YAML DSL for defining Traffic Permission policies, which manage service communication and isolate certain microservices from external networks. With its ability to act as a service mesh, observability platform, and network policy manager, Kuma provides a comprehensive solution for secure and efficient network management in Kubernetes, supporting a zero-trust security model and guidelines for defining networking policies.