The NGINX Ingress Controller is a Kubernetes-native traffic manager that handles external requests and routes them to internal services. It translates Kubernetes API objects and annotations into proxy configurations to manage incoming HTTP, TCP, and UDP traffic. The controller distinguishes itself through advanced traffic steering and security integration. It supports blue-green and canary traffic splitting, as well as content-based and regex path routing. Security is handled at the edge via a web application firewall, denial-of-service protection, and a variety of authentication methods incl
This project is a Kubernetes ingress controller that functions as an API gateway and traffic manager for containerized environments. It operates by monitoring cluster events and translating native ingress resource definitions into active routing configurations, ensuring that external traffic is directed to internal services according to declarative specifications. The controller distinguishes itself through its ability to act as a specialized gateway for artificial intelligence models, providing a secure entry point that enforces rate limits, content moderation, and prompt guardrails. It supp
Emissary is a Kubernetes API gateway that manages incoming external traffic and routes it to internal microservices. It utilizes an Envoy proxy as the underlying data plane to handle high-performance traffic routing and protocol translation, with a control plane that translates Kubernetes custom resources and annotations into proxy configurations. The project provides specialized support for gRPC infrastructure, including HTTP/2 routing and gRPC-Web protocol bridging for browser-based clients. It enables zero-trust security through mutual TLS encryption and delegates identity verification to
This project is a Kubernetes deployment guide and infrastructure provisioner designed for hobbyist and home lab environments. It provides a framework for setting up multi-node clusters across various cloud providers and physical or virtual nodes, acting as a self-hosted cluster orchestrator. The project focuses on security hardening and infrastructure stability through specific implementation guides. This includes a framework for network security that covers host firewalls and encrypted network overlays, as well as detailed instructions for configuring ingress routing to manage external publi