Inlets documentation¶
Inlets brings secure tunnels to Cloud Native workloads.
You can visit the inlets homepage at https://inlets.dev/
With inlets you are in control of your data, unlike with a SaaS tunnel where shared servers mean your data may be at risk. You can use inlets for local development and in your production environment. It works just as well on bare-metal as in VMs, containers and Kubernetes clusters.
inlets is not just compatible with tricky networks and Cloud Native architecture, it was purpose-built for them.
Common use-cases include:
- Exposing local HTTPS, TCP, or websocket endpoints on the Internet
- Replacing SaaS tunnels that are too restrictive
- Self-hosting from a homelab or on-premises datacenter
- Deploying and monitoring apps across multiple locations
- Receiving webhooks and testing OAuth integrations
- Remote customer support
Do you want to connect to hundreds of remote services without exposing them on the Internet? You may be looking for inlets uplink
How does it work?¶
Inlets tunnels connect to each other over a secure websocket with TLS encryption. Over that private connection, you can then tunnel HTTPS or TCP traffic to computers in another network or to the Internet.
One of the most common use-cases is to expose a local HTTP endpoint on the Internet via a HTTPS tunnel. You may be working with webhooks, integrating with OAuth, sharing a draft of a blog post or integrating with a partner's API.
After deploying an inlets HTTPS server on a public cloud VM, you can then connect the client and access it.
There is more that inlets can do for you than exposing local endpoints. inlets also supports local forwarding and can be used to replace more cumbersome services like SSH, complex VPNs or expensive direct connect uplinks.
Read more in the: the inlets FAQ.
Getting started¶
These guides walk you through a specific use-case with inlets. If you have questions or cannot find what you need, there are options for connecting with the community at the end of this page.
Inlets can tunnel either HTTP or TCP traffic:
- HTTP (L7) tunnels can be used to connect one or more HTTP endpoints from one network to another. A single tunnel can expose multiple websites or hosts, including LoadBalancing and multiple clients to one server.
- TCP (L4) tunnels can be used to connect TCP services such as a database, a reverse proxy, RDP, Kubernetes or SSH to the Internet. A single tunnel can expose multiple ports on an exit-server and load balance between clients
Downloading inlets¶
inlets is available for Windows, MacOS (including M1) and Linux (including ARM):
You can also use the container image from ghcr.io: ghcr.io/inlets/inlets-pro:latest
Your first HTTPS tunnel with an automated tunnel server (Intermediate)¶
Expose one or more HTTPS domains from your local machine.
Running a HTTP tunnel server manually (Advanced)¶
If you don't want to use automation tools to create a server for the inlets-pro server, then you can follow this manual guide to generate and install a systemd service instead.
Tunnelling TCP services¶
inlets is not limited to HTTP connections, you can also tunnel TCP protocols like RDP, VNC, SSH, TLS and databases.
- Tutorial: Expose a private SSH server over a TCP tunnel
- Tutorial: Tunnel a private Postgresql database
- Tutorial: Tunnel ports 80 and 443 over TCP for a reverse proxy
Running multiple tunnel servers on the same host (Advanced)¶
If you want to mix HTTP and TCP tunnels on the same tunnel server, you could either only use TCP ports, or enable both.
If you're looking to scale inlets to host many tunnels, then Kubernetes is probably a better option.
Local port forwarding (Intermediate)¶
Connecting with Kubernetes¶
You may have an on-premises Kubernetes cluster that needs ingress. Perhaps you have a homelab, or Raspberry Pi cluster, that you want to self host services on.
- Tutorial: Expose a local IngressController with the inlets-operator
- Tutorial: Expose Kubernetes services in short-lived clusters with helm
Some teams want to have dev work like production, with tools Istio working locally just like in the cloud.
See also: helm charts
Becoming a tunnel provider or operating a hosting service¶
The Inlets Uplink distribution is a Kubernetes operator that makes it quick and easy to onboard hundreds or thousands of customers, each with their own dedicated tunnel. It can also be used for remote management and command and control of IT systems and IoT devices.
Learn more: Inlets Uplink
Monitoring and metrics¶
Inlets offers you multiple options to monitor your tunnels and get insight in their performance. Find out tunnel statistics, uptime and connected clients with the inlets-pro status command or collect the Prometheus metrics from the monitoring endpoint.
Reference documentation¶
inletsctl¶
Learn how to use inletsctl to provision tunnel servers on various public clouds.
inlets-operator¶
Learn how to set up the inlets-operator for Kubernetes, which provisions public cloud VMs and gives IP addresses to your public LoadBalancers.
Other resources¶
For news, use-cases and guides check out the blog:
Watch a video, or read a blog post from the community:
Open Source tools for managing inlets tunnels:
- Inlets Operator for Kubernetes LoadBalancers
- inletsctl to provision tunnel servers
- inlets helm charts for clients and servers
Connecting with the inlets community¶
Who built inlets? Inlets ® is a commercial solution developed and supported by OpenFaaS Ltd.
You can also contact the team via the contact page.
The code for this website is open source and available on GitHub
inlets is proud to be featured on the Cloud Native Landscape in the Service Proxy category.
