Skip to content

Overview

Kuadrant brings together Gateway API and Open Cluster Management to help you scale, load-balance and secure your Ingress Gateways as a key part of your application connectivity, in the single or multi-cluster environment.

Getting Started

To quickly get started with Kuadrant locally, see our Getting Started guide.

Single-cluster

Kuadrant can be used to protect ingress gateways based on Gateway API1 with policy enforcement (rate limit and auth) in a Kuberentes cluster.

Topology Single cluster architecture

Multi-cluster

In the multi-cluster environment2, you can utilize Kuadrant to manage DNS-based north-south connectivity, which can provide global load balancing underpinned by your cluster topology. Kuadrant's multi-cluster functionality also ensures gateway and policy consistency across clusters, focusing on critical aspects like TLS and application health.

Topology Multi cluster architecture

Component Documentation

  • Kuadrant Operator
    Install and manage the lifecycle of the Kuadrant deployments and core Kuadrant policies for the data plane.
  • Authorino
    Flexible, cloud-native, and lightweight external authorization server to implement identity verification (Kubernetes TokenReview, OIDC, OAuth2, API key, mTLS) and authorization policy rules (Kuberentes SubjectAccessReview, JWT claims, OPA, request pattern-matching, resource metadata, RBAC, ReBAC, ABAC, etc).
  • Limitador
    Fast rate-limiter implemented in Rust, that can be used as a library, or as a service plugged in to the API gateway.
  • Multicluster Gateway Controller
    Manage multi-cluster gateways, integrate with DNS providers, TLS providers and OCM (Open Cluster Management).

  1. Supported implementations: Istio, OpenShift Service Mesh

  2. Based on Open Cluster Management