Leveraging the emerging ingress standard Gateway API , Kuadrant's features enable and empower cluster operators and application developers to work together to securely connect users with their services. Kuadrant empowers cluster administrators to deploy, manage, observe and protect services exposed via their gateways at scale giving them the confidence to allow application developers to self-service knowing that endpoints exposed via these gateways are compliant, secure, visible and resilient.
Connect users to and balance traffic across your gateway instances using the kuadrant DNSPolicy API that supports advanced strategies such as GEO and Weighted without needing to manage the individual records and integrates with multiple DNS Providers.
Secure your Gateways with automatic ACME based TLS integration. Protect your Gateways and HTTPRoutes with Kuadrant's powerful policy based APIs for rate limiting and auth that integrate directly with the Gateway.
Leverage and integrate existing East-West connectivity providers with your multi-cluster gateways to provide a full application connectivity solution.
Gain valuable insights into application performance with Kuadrant's extensive observability tooling, including metrics, monitoring, and OpenTelemetry support.
- Multi-cluster Ingress: Streamline multi-cluster ingress by using the multi-cluster control plane to define which clusters a gateway should be deployed to. Then using the Gateway API Gateway spec, specify from the the multi-cluster control plane which listeners and which namespaces within those clusters can use the gateway to provide access to their services.
- Advanced DNS Based Load Balancing: Express complex traffic load balancing requirements such as GEO based and Weighted DNS responses without the complexity of managing and maintaining the individual record sets. The DNSPolicy API powers direct integration with existing DNS Providers including (AWS Route53, Azure, Google DNS).
- Health Checks: Define a health check policy that is applied to each listener defined within a gateway that specifies an endpoint that must be present and return a healthy response and if it is not define what action to take.
- Integrated Multi-Cluster TLS: Secure your Gateways with automatic ACME based TLS integration that are distributed with your gateways and managed at the control plane level. Use a TLSPolicy (coming soon) to decide which provider and what renewal policy to use with a given gateway
- In-depth Observability: Achieve improved network oversight with in-depth observability, including detailed logs and metrics. With our integrations with systems such as Thanos (coming soon)
Data Plane API Gateway
- Rate Limiting: Control traffic flow and prevent system overloading with customizable rate limiting rules. Express your policy and requirement and have them enforced at the gateway or HTTPRoute level
- Authentication and Authorization: Secure access with robust and flexible auth policies that can be used to target both Gateways and HTTPRoutes.
- High Performance: Maintain high levels of performance and reliability across your distributed systems.
- Learn More
Kuadrant has several components - that work with Istio provided Gateways and Open Cluster Management (OCM) multi-cluster control plane
Multi-cluster Gateway Controller, manages multi-cluster gateways, integrates with DNS providers, TLS providers and OCM (open cluster management)
Operator to install and manage the lifecycle of the Kuadrant components deployments. Provides the core Kuadrant policy APIs
Authorino is lightweight Envoy external authorization server fully manageable via Kubernetes Custom Resources. JWT authentication, API key, mTLS, pattern-matching authz, OPA, K8s SA tokens, K8s RBAC, external metadata fetching, and more, with minimum to no coding at all, no rebuilding of your applications.
Limitador is a generic rate-limiter written in Rust. It can be used as a library, or as a service. The service exposes HTTP endpoints to apply and observe limits. Limitador can be used with Envoy because it also exposes a grpc service, on a different port, that implements the Envoy Rate Limit protocol (v3).
Ready to simplify your API management and boost your application's security and observability? Dive into Kuadrant's comprehensive documentation, installation guides, and tutorials to get started today. Experience the benefits of streamlined API gateway management right away!
Frequently Asked Questions
What is Kuadrant and why should I use it?
Kuadrant is an open-source project designed to provide a unified and simplified interface for managing multiple API gateways. It offers a wide range of features such as multi-cluster ingress, robust access management, advanced security controls, and in-depth observability, making it an excellent choice for application developers and gateway administrators alike.
How does Kuadrant handle security?
Kuadrant offers several features that are aimed at providing a secure API management environment. It includes authentication, authorization, rate limiting, and quota management, among others. Its design adheres to best security practices, ensuring that your APIs are protected.
How do I get started with Kuadrant?
Getting started with Kuadrant is straightforward. You can find all the necessary information on the Kuadrant GitHub page, including detailed documentation and setup guides. For further assistance, you can also join the Kuadrant community where you'll find helpful resources and support.
Can I integrate Kuadrant with my existing applications and infrastructure?
Yes, Kuadrant is designed to be flexible and can be integrated into your existing application stack. It supports a range of popular infrastructure and platforms, making it a versatile choice for API management.
Is Kuadrant suitable for large-scale applications?
Absolutely. Kuadrant is designed to handle the demands of both small and large-scale applications. Its features such as multi-cluster ingress management, scalability, and advanced observability make it a suitable choice for managing APIs at any scale.