🌐 NETWORKING
eBPF at the Core
eBPF-powered networking, Gateway API ingress, service mesh, and DNS resolution.
Traffic Flow
Every HTTP request follows the same path — DNS to Gateway to HTTPRoute to Service.
graph TD CLIENT["Client"]:::client DNS["CoreDNS *.exitthecloud.eu → 192.168.0.200"]:::dns GW["Cilium Gateway HTTP:80 → HTTPS:443 TLS: Let's Encrypt"]:::gateway ROUTE["HTTPRoute Host-based matching Path routing"]:::route SVC["ClusterIP Service eBPF load balancing kube-proxy replaced"]:::service POD["Pod"]:::pod CLIENT --> DNS --> GW --> ROUTE --> SVC --> POD classDef client fill:#1e3a5f,stroke:#60a5fa,color:#93c5fd,stroke-width:2px classDef dns fill:#14332a,stroke:#4ade80,color:#86efac,stroke-width:2px classDef gateway fill:#2e1a47,stroke:#a78bfa,color:#c4b5fd,stroke-width:2px classDef route fill:#2e1a0e,stroke:#f97316,color:#fdba74,stroke-width:2px classDef service fill:#0e3a3a,stroke:#06b6d4,color:#67e8f9,stroke-width:2px classDef pod fill:#1e293b,stroke:#e2e8f0,color:#e2e8f0,stroke-width:2px
Exposed Services (28)
All accessible through the shared gateway at *.exitthecloud.eu with TLS.
ArgoCD
argo.exitthecloud.eu
Vault
vault.exitthecloud.eu
Grafana
grafana.exitthecloud.eu
Harbor
harbor.exitthecloud.eu
Keycloak
keycloak.exitthecloud.eu
Homepage
homepage.exitthecloud.eu
Supabase
supabase.exitthecloud.eu
Longhorn
longhorn.exitthecloud.eu
Hubble UI
hubble-ui.exitthecloud.eu
OneDev
onedev.exitthecloud.eu
Matomo
matomo.exitthecloud.eu
n8n
n8n.exitthecloud.eu
SurrealDB
surrealdb.exitthecloud.eu
Qdrant
qdrant.exitthecloud.eu
Garage
garage.exitthecloud.eu
RustFS
rustfs.apps.edgeprime.io
OpenCost
opencost.exitthecloud.eu
AI Platform
ai.exitthecloud.eu
Policy Reporter
policy-reporter.exitthecloud.eu
Firecrawl
firecrawl.exitthecloud.eu
IT-Tools
it-tools.exitthecloud.eu
Paperless-ngx
paperless.exitthecloud.eu
Stirling-PDF
stirling-pdf.exitthecloud.eu
Devtron
devtron.exitthecloud.eu
Honcho
honcho.exitthecloud.eu
Hindsight
hindsight.apps.edgeprime.io
Rclone
rclone.exitthecloud.eu
Mailpit
mailpit.exitthecloud.eu
All Components
Cilium
productioneBPF-based networking, observability, and security. Replaces kube-proxy with high-performance service load balancing.
Role: CNI plugin, network policy enforcement, L2 ARP announcement, Gateway API implementation
Hubble
productionNetwork observability platform built on Cilium eBPF data plane for deep visibility into communication and behavior.
Role: Network flow observability, service dependency mapping
Gateway API
productionNext-generation Kubernetes ingress API with expressive routing, TLS termination, and traffic splitting.
Role: Single shared gateway handling all HTTP/HTTPS traffic at 192.168.0.200
APISIX
productionHigh-performance, cloud-native API gateway with rich traffic management features.
Role: Advanced API gateway for complex routing scenarios
CoreDNS
productionFlexible, extensible DNS server for Kubernetes service discovery.
Role: Cluster DNS with wildcard resolution for *.exitthecloud.eu