Overview
Kuadrant brings together Gateway API and Open Cluster Management to help you scale, load-balance and secure your Ingress Gateways as a key part of your application connectivity, in the single or multi-cluster environment.
Getting Started
To quickly get started with Kuadrant locally, see our Getting Started guide.
Single-cluster
Kuadrant can be used to protect ingress gateways based on Gateway API1 with policy enforcement (rate limit and auth) in a Kuberentes cluster.
Topology

Multi-cluster
In the multi-cluster environment2, you can utilize Kuadrant to manage DNS-based north-south connectivity, which can provide global load balancing underpinned by your cluster topology. Kuadrant's multi-cluster functionality also ensures gateway and policy consistency across clusters, focusing on critical aspects like TLS and application health.
Topology

Component Documentation
- Kuadrant Operator
Install and manage the lifecycle of the Kuadrant deployments and core Kuadrant policies for the data plane. - Authorino
Flexible, cloud-native, and lightweight external authorization server to implement identity verification (Kubernetes TokenReview, OIDC, OAuth2, API key, mTLS) and authorization policy rules (Kuberentes SubjectAccessReview, JWT claims, OPA, request pattern-matching, resource metadata, RBAC, ReBAC, ABAC, etc). - Limitador
Fast rate-limiter implemented in Rust, that can be used as a library, or as a service plugged in to the API gateway. - Multicluster Gateway Controller
Manage multi-cluster gateways, integrate with DNS providers, TLS providers and OCM (Open Cluster Management).
-
Supported implementations: Istio, OpenShift Service Mesh. ↩
-
Based on Open Cluster Management. ↩