Follow the Quickstart
Install the Helm chart, supply Cloudflare credentials, and publish your first Ingress-backed route.
Cloudflare Tunnel Ingress Controller
Expose Kubernetes services through Cloudflare Tunnel with native Ingress.
What Is the Controller?
Section titled “What Is the Controller?”The Cloudflare Tunnel Ingress Controller watches Kubernetes Ingress objects and the associated IngressClass. When it sees routes assigned to the cloudflare-tunnel class, it provisions Cloudflare tunnels, starts cloudflared connectors, and publishes DNS records so traffic reaches the target Service securely.
Key capabilities
Section titled “Key capabilities”- Use existing Kubernetes
Ingressresources—no custom API types to learn. - Automate tunnel creation, DNS record management, and
cloudflaredconnector rollout. - Provide credentials through the bundled
cloudflare-apisecret or your own secret reference. - Observe controller activity via Kubernetes events, logs, and metrics endpoints.
Where to Start
Section titled “Where to Start”Review Configuration
Understand ingress class behaviour, secret formats, and Helm values before rolling into production.
Plan Operations
Adopt GitOps workflows, monitor connector health, and manage DNS lifecycles safely.
Join the community
Section titled “Join the community”Issues and pull requests are welcome in the GitHub repository. For ideas and questions, start a discussion or open an issue so we can help you get tunnels online safely.