The Cloud Native Computing Foundation (CNCF) has announced that Kuadrant has been accepted as a CNCF sandbox project as of June 19, 2024. Kuadrant is an open source project that enables platform engineers and application developers to easily connect, secure, and protect their services and infrastructure across multiple clusters.
Kuadrant's powerful solutions for TLS, DNS, application authentication and authorization, and rate limiting have enabled it to reach this significant milestone, marking its entry into the CNCF ecosystem and setting the stage for its continued growth and development within the cloud-native community. Read on to learn more about the project and what's in store for the future.
Kuadrant: From concept to CNCF
The Kuadrant project began in early 2020 as an experiment to bring API management capabilities to Kubernetes. One of its first capabilities was a rate-limiting component called Limitador, that set the foundation for its future capabilities. Soon after, Authorino, an authentication and authorization component, was introduced, that enhanced Kuadrant’s focus on security.
As the project matured, Kuadrant introduced the Policy Attachment mechanism from the Gateway API project, leading to the creation of its RateLimitPolicy and AuthPolicy APIs. In 2022, the Kuadrant team expanded its focus to include application connectivity and multi-cluster topologies, resulting in the development of TLSPolicy and DNSPolicy APIs. These innovations now form the core capabilities of Kuadrant, which the team has been hardening and unifying in preparation for a v1 release slated for late 2024.
How does Kuadrant work?
Central to its cloud-native capabilities, Kuadrant integrates Gateway API and envoy proxy-based gateway providers to streamline application connectivity, offering a comprehensive suite of tools designed to simplify and enhance how services interact within complex cloud environments. Its advanced features enable and empower platform engineers and application developers to work collaboratively to connect, secure, protect and observe their service endpoints. Key capabilities include:
Automatic TLS integration
Automated DNS and load balancing
Flexible authentication policies
Advanced rate limiting
Automatic TLS integration
Kuadrant simplifies securing traffic with automated TLS, leveraging ACME-based certificates to provide robust encryption and support for major ACME providers like Let’s Encrypt. This feature ensures that data transmitted between services is always protected without manual intervention.
Automated DNS and load balancing
Kuadrant integrates with different DNS providers like AWS Route 53 and GCP to provide automated DNS for your APIs via DNS policies. These policies allow you to scale beyond single location deployments with strategies such as a geographic and weighted resolution.
Flexible authentication policies
Central to Kuadrant’s authentication and authorization features is Authorino, a component that centralizes and enforces secure access controls. Authorino integrates seamlessly with various methods such as JWT, API keys, mTLS, and more, allowing developers to implement flexible and powerful authentication policies. These policies can be applied at both the gateway and HTTPRoute levels, ensuring that access to services is tightly controlled and adaptable to different security needs.
Advanced rate limiting
Kuadrant’s Limitador component powers its rate limiting policy, allowing developers to define and enforce rate limits to manage traffic and protect services from abuse or overload. Limitador provides fine-grained control over request rates, which helps maintain service reliability and performance, ensuring that resources are used efficiently and services remain responsive under varying loads.
By offering robust capabilities like these, Kuadrant ensures a secure and efficient API management environment that enhances connectivity, enforces security policies, and simplifies the management of application traffic across multiple clusters.
Red Hat’s open source mission
Red Hat has long been a champion of open source innovation and community collaboration, which aligns perfectly with CNCF’s mission to foster cloud-native technologies. By contributing to CNCF projects like Kuadrant, Red Hat supports the development of open source solutions that enhance scalability, flexibility, and resilience in modern cloud environments. This collaboration underscores Red Hat’s commitment to driving the evolution of cloud-native technologies through collective expertise and shared innovation.
Where do we go from here?
Being classified as a Sandbox project means that Kuadrant is in the early stages of its journey within the CNCF. This level provides a platform for innovation and community building, allowing Kuadrant to further develop its technology and expand its user base. The next steps involve progressing through the Incubating stage, where Kuadrant will focus on enhancing its community and project sustainability while demonstrating its potential for broader adoption and impact.
For more info on Kuadrant, visit kuadrant.io.
