Cluster Connect Gateway helps solve the challenge of accessing Kubernetes API and Services on edge clusters that are behind NAT or firewalls. By establishing a secure tunnel between a gateway in the management cluster and agents on edge clusters, users can seamlessly access these services without exposing the edge clusters to the external network.
Key features include:
- Secure Tunnel: Establishes a websocket connection between the management cluster and edge clusters.
- Agent-Initiated Connection: The connection is initiated by the Connect Agent on the edge, working seamlessly with edge clusters behind NAT or firewalls.
- Service Access: Allows users to access Kubernetes API and Services running on multiple edge clusters through a centralized gateway.
- OIDC integration: Supports OIDC integration, ensuring only authenticated users can access Kubernetes APIs and Services on the edges.
- Cluster API integration: Seamlessly work with Cluster API.
- Intel Open Edge Platform integration: Seamlessly work with Intel® Open Edge Platform.
Read more about Cluster Connect Gateway in the Edge Cluster Orchestrator Developer Guide for internals and software architecture.
The recommended way to try out the Cluster Connect Gateway is by using the Edge Orchestrator. Refer to the Getting Started Guide to get started with the Edge Orchestrator.
If you are interested in contributing to the development of Cluster Connect Gateway, you will need an environment where you can use it to create and delete clusters.
The cluster-tests repo provides a lightweight environment for integration testing of Cluster Connect Gateway as well as other Edge Orchestrator components related to cluster management. Clone that repo, change into the cluster-tests directory, and run:
make test
This command creates a KinD cluster and deploys cert-manager, Cluster API operator, CAPI Provider for Intel, Cluster Manager, and Cluster Connect Gateway. It then creates and deletes a cluster inside a Kubernetes pod. Consult the cluster-tests README for details on how to test your code in this environment.
We welcome contributions from the community! To contribute, please open a pull request to have your changes reviewed and merged into the main. To learn how to contribute to the project, see the contributor's guide. We encourage you to add appropriate unit tests and e2e tests if your contribution introduces a new feature.
Additionally, ensure the following commands are successful:
make test
make lint
make license
To learn more about the project, its community, and governance, visit the Edge Orchestrator Community. For support, start with Troubleshooting or contact us.
Cluster Connect Gateway is licensed under Apache 2.0 License
Last Updated Date: April 16, 2025