Installing BEL

Installing BEL on any Kubernetes cluster is easy. In this guide, we’ll show you how to do just that.

This guide contains quick start instructions intended for demo, experimental, and other non-production use. For installations that handle production traffic, please see our production-grade BEL installation guide.

BEL requires a valid license key to run, which is available through the Buoyant portal. Following the instructions there, you should end up with an environment variable like this:


The commands below assume that you have this environment variable set.

The first step is to download and install the BEL CLI:

curl --proto '=https' --tlsv1.2 -sSfL | sh

Follow the instructions to add the linkerd CLI to your system path.

Verify that the CLI is installed and running the expected version with:

linkerd version --client

You should see:

Client version: enterprise-2.15.4

Finally, validate that your cluster is ready for installation:

linkerd check --pre

At this point, we’re ready to install BEL. You can do this directly with the CLI, or by using the Helm.

The CLI installation is quick and easy, but note that the TLS certificates generated by this installation will expire in a year.

linkerd install --crds | kubectl apply -f -
linkerd install        | kubectl apply -f -

Using Helm to install BEL requires that you generate TLS credentials ahead of time. To do this, please follow the Linkerd Trust Root CA & Identity Certificates & Keys docs. You will need the resulting ca.crt, issuer.crt, and issuer.key files.

Then, run these commands:

helm repo add linkerd-buoyant
helm repo update

helm install linkerd-crds \
  --create-namespace \
  --namespace linkerd \

helm install linkerd-control-plane \
  --namespace linkerd \
  --set license=$BUOYANT_LICENSE \
  --set-file linkerd-control-plane.identityTrustAnchorsPEM=ca.crt \
  --set-file linkerd-control-plane.identity.issuer.tls.crtPEM=issuer.crt \
  --set-file linkerd-control-plane.identity.issuer.tls.keyPEM=issuer.key \

After the installation is complete, you can verify the health and configuration of Linkerd by running the linkerd check command:

linkerd check

Congratulations! You have successfully installed BEL onto your cluster. Note that this installation is optimized for non-production traffic such as demos and experiments. For production installs, please see our production-grade BEL installation guide.

Happy meshing!