Skip to content
Kupe Cloud Kupe Cloud Kupe Cloud Docs

Overview

Networking on Kupe Cloud uses Gateway API. Your team creates HTTPRoute resources inside managed clusters, and Kupe operates the shared public gateway, DNS entrypoint, and TLS lifecycle around them.

The model is intentionally simple:

  • platform hostnames under *.kupe.cloud work with the shared gateway
  • custom domains use the same HTTPRoute model
  • you manage routes and services
  • Kupe manages the gateway, public entrypoint, and certificate flow

How networking works

Section titled “How networking works”
  1. Create an HTTPRoute in the same namespace as your workload.
  2. Reference external-gateway in kube-system.
  3. Point the route at a backend Service.
  4. Choose either a platform hostname or a custom hostname.
  5. Let Kupe handle the shared ingress and TLS flow.

You do not create or operate a dedicated public gateway for each application.

Two common paths

Section titled “Two common paths”
PathWhat you doWhat Kupe does
Platform domainsCreate an HTTPRoute with a *.kupe.cloud hostnameServes traffic through the shared gateway and platform-managed TLS
Custom domainsCreate the same route with your own hostname, then add the DNS records shown in the consoleIssues the certificate, adds the HTTPS listener, and serves traffic on your domain

Core components

Section titled “Core components”
ComponentWhat it does
HTTPRouteDefines hostname, path matching, and backend service targets
external-gatewayThe shared public gateway for tenant HTTP traffic
Platform DNSProvides the stable public entrypoint behind Kupe-hosted traffic
TLS automationHandles platform wildcard certs and per-domain certificate issuance

What Kupe manages

Section titled “What Kupe manages”

Kupe provides the shared networking layer:

  • the public gateway infrastructure
  • the stable public DNS entrypoint behind that gateway
  • platform-managed TLS for *.kupe.cloud
  • certificate issuance and renewal for custom domains
  • the supporting automation behind gateway DNS and custom-domain lifecycle

What your team manages

Section titled “What your team manages”

Your team still controls application traffic behavior:

  • HTTPRoute resources
  • route hostnames and path rules
  • backend Service targets
  • custom domain records in your DNS provider when you use your own domain
Section titled “What to read next”