Kubernetes Operator
Serve apps and APIs in any cluster—even behind NAT—without worrying about networking: you don’t need to configure network interfaces, load balancers, IPs, or VPC routing. No need to maintain environment-specific manifests - the same manifest works for any distribution, any platform, any environment.
Configure the ngrok operator any way you like: Ingress objects, the Gateway API, LoadBalancer Services or its own CRDs. Just helm install the ngrok Kubernetes operator, apply a manifest and you're online.
ngrok’s operator works with the Ingress objects you’re familiar with so you don’t need to learn anything new.
The operator watches your Ingress objects and automatically configures your ngrok endpoints on our global network to route traffic to your services. You can add a few simple annotations and a CRD to customize ngrok’s behavior.
ngrok supports the Kubernetes Gateway API, built for forward-thinking organizations eager to leverage the latest innovations in Kubernetes networking.
ngrok implements the core Filters and Routes defined in the Gateway RFC. It listens for Kubernetes Gateway API objects and automatically configures your ngrok endpoints on our global network to route traffic to your services. ngrok extends the Gateway API with our Traffic Policy via the ExtensionRef filter.
Bring TCP and TLS connectivity into your cluster without exposing or allocating node ports.
Create a Service resource with type=LoadBalancer and loadBalancerClass=ngrok and ngrok’s Load Balancer controller communicate the external IP or hostname back to the service. Define Kubernetes-native resources for seamless integration with third party services like ExternalDNS.
Add custom Traffic Policy actions such as URL rewrite, JWT validation, and rate limiting using Common Expression Language (CEL) to manage traffic to your services.
More Kubernetes Operator capabilities
- ngrok also has its own purpose-build CRDs for creating ingress.
- Use ngrok’s CRDs if you don’t want to leverage the standard Ingress or Gateway objects.
- ngrok integrates with ExternalDNS so you can bring your own domain frictionlessly.
- Run the external-dns operator to automatically create DNS CNAME records in your DNS provider.
- ngrok Kubernetes Operator populates the appropriate
statusproperty used by the external-dns operator for Ingress, Gateway, and Service objects.
- ngrok provisions and renews TLS certificates from ACME-compliant authorities like Let’s Encrypt, enabling HTTPS without third-party tools like Certbot.
- No need to install or manage cert-manager—ngrok handles it all for you.
- Automatically generates private keys for your domain and encrypts them at rest with NaCL.
- Option to bring your own certificate by providing a certificate bundle with an unencrypted private key; ngrok encrypts it securely at rest with NaCL.
