Skip to content


Kuadrant brings together Gateway API and Open Cluster Management to help you scale, load-balance and secure your Ingress Gateways as a key part of your application connectivity, in the single or multi-cluster environment.

Getting Started

To quickly get started with Kuadrant locally, see our Getting Started guides for the Single Cluster or Multi Cluster use cases.


Kuadrant can be used to protect ingress gateways based on Gateway API1 with policy enforcement (rate limit and auth) in a Kuberentes cluster.

Topology Single cluster architecture


In the multi-cluster environment2, you can utilize Kuadrant to manage DNS-based north-south connectivity, which can provide global load balancing underpinned by your cluster topology. Kuadrant's multi-cluster functionality also ensures gateway and policy consistency across clusters, focusing on critical aspects like TLS and application health.

Topology Multi cluster architecture

Component Documentation

  • Kuadrant Operator
    Install and manage the lifecycle of the Kuadrant deployments and core Kuadrant policies for the data plane.
  • Authorino
    Flexible, cloud-native, and lightweight external authorization server to implement identity verification (Kubernetes TokenReview, OIDC, OAuth2, API key, mTLS) and authorization policy rules (Kuberentes SubjectAccessReview, JWT claims, OPA, request pattern-matching, resource metadata, RBAC, ReBAC, ABAC, etc).
  • Limitador
    Fast rate-limiter implemented in Rust, that can be used as a library, or as a service plugged in to the API gateway.
  • Multicluster Gateway Controller
    Manage multi-cluster gateways, integrate with DNS providers, TLS providers and OCM (Open Cluster Management).

  1. Supported implementations: Istio, OpenShift Service Mesh

  2. Based on Open Cluster Management