🌐 NETWORKING
eBPF at the Core
eBPF-powered networking, Gateway API ingress, service mesh, and DNS resolution.
Traffic Flow
Every HTTP request follows the same path — DNS to Gateway to HTTPRoute to Service.
graph TD CLIENT["Client"]:::client DNS["CoreDNS *.apps.edgeprime.io → 192.168.0.200"]:::dns GW["Cilium Gateway HTTP:80 → HTTPS:443 TLS: Let's Encrypt"]:::gateway ROUTE["HTTPRoute Host-based matching Path routing"]:::route SVC["ClusterIP Service eBPF load balancing kube-proxy replaced"]:::service POD["Pod"]:::pod CLIENT --> DNS --> GW --> ROUTE --> SVC --> POD classDef client fill:#1e3a5f,stroke:#60a5fa,color:#93c5fd,stroke-width:2px classDef dns fill:#14332a,stroke:#4ade80,color:#86efac,stroke-width:2px classDef gateway fill:#2e1a47,stroke:#a78bfa,color:#c4b5fd,stroke-width:2px classDef route fill:#2e1a0e,stroke:#f97316,color:#fdba74,stroke-width:2px classDef service fill:#0e3a3a,stroke:#06b6d4,color:#67e8f9,stroke-width:2px classDef pod fill:#1e293b,stroke:#e2e8f0,color:#e2e8f0,stroke-width:2px
Exposed Services (20)
All accessible through the shared gateway at *.apps.edgeprime.io with TLS.
Backstage Portal
backstage.apps.edgeprime.io
ArgoCD
argo.apps.edgeprime.io
Vault
vault.apps.edgeprime.io
Grafana
grafana.apps.edgeprime.io
Harbor
harbor.apps.edgeprime.io
Keycloak
keycloak.apps.edgeprime.io
Homepage
homepage.apps.edgeprime.io
Supabase
supabase.apps.edgeprime.io
Longhorn
longhorn.apps.edgeprime.io
Hubble UI
hubble-ui.apps.edgeprime.io
OneDev
onedev.apps.edgeprime.io
Matomo
matomo.apps.edgeprime.io
n8n
n8n.apps.edgeprime.io
SurrealDB
surrealdb.apps.edgeprime.io
Qdrant
qdrant.apps.edgeprime.io
Garage
garage.apps.edgeprime.io
OpenCost
opencost.apps.edgeprime.io
AI Platform
ai.apps.edgeprime.io
AFFiNE
affine.apps.edgeprime.io
Policy Reporter
policy-reporter.apps.edgeprime.io
All Components
Cilium
productioneBPF-based networking, observability, and security. Replaces kube-proxy with high-performance service load balancing.
Role: CNI plugin, network policy enforcement, L2 ARP announcement, Gateway API implementation
Hubble
productionNetwork observability platform built on Cilium eBPF data plane for deep visibility into communication and behavior.
Role: Network flow observability, service dependency mapping
Gateway API
productionNext-generation Kubernetes ingress API with expressive routing, TLS termination, and traffic splitting.
Role: Single shared gateway handling all HTTP/HTTPS traffic at 192.168.0.200
APISIX
productionHigh-performance, cloud-native API gateway with rich traffic management features.
Role: Advanced API gateway for complex routing scenarios
CoreDNS
productionFlexible, extensible DNS server for Kubernetes service discovery.
Role: Cluster DNS with wildcard resolution for *.apps.edgeprime.io
Linkerd
deployedUltralight service mesh providing mTLS, observability, and reliability features.
Role: Service mesh for zero-trust networking with automatic mTLS