kgateway

Kgateway is an open-source, Envoy-powered, Kubernetes-native API gateway and ingress controller that implements the Kubernetes Gateway API with its own control plane, letting teams manage north-south and east-west traffic with modern routing, resiliency, authn/z, and policy extensions—plus emerging “AI gateway” use cases. Originally created by Solo.io as Gloo Gateway, it was donated to the Cloud Native Computing Foundation and accepted as a Sandbox project on March 4, 2025, with ongoing docs, labs, and a GitHub org under the new name.

License: Apache 2.0

Tags: Gateway, Ingress, Kubernetes

Properties: Envoy-based Layer-7 gateway, Kubernetes Gateway API implementation, HTTP and gRPC routing, function-level routing, request/response transformations, header manipulation, external authentication/authorization, local rate limiting, global rate limiting, CORS/CSRF and access logging, TLS termination and SNI, TLS passthrough, mTLS with Istio ambient mesh, retries, timeouts, outlier detection, traffic mirroring, observability and gateway proxy metrics, integrations with Cert-Manager and ExternalDNS, integrations with Istio and Argo Rollouts, AWS ELB integration, support for legacy apps/microservices/serverless, AI gateway features (model traffic management with A/B/canary and failover, prompt enrichment/guarding, API key management, data-loss prevention).

Website: https://kgateway.dev/