FEATURES

Webhook Relay Kubernetes Integration

Seamlessly connect your Kubernetes services to external webhooks without exposing them directly to the internet using the Webhook Relay Operator.

Webhook Relay Kubernetes Operator

The Challenge: Exposing Kubernetes Services Securely

Connecting internal Kubernetes services to external webhook providers often requires complex network configurations. You might need to set up Load Balancers, configure Ingress controllers, manage TLS certificates, and potentially open firewall ports, exposing your cluster to the public internet. This increases the attack surface and operational overhead, especially for on-premise clusters or edge deployments lacking stable public IPs.

Keywords: Kubernetes webhooks, ingress controller, load balancer, secure Kubernetes, on-premise Kubernetes, edge Kubernetes, k3s, Jenkins CI, internal services.

The Solution: Webhook Relay Operator

The Webhook Relay Operator simplifies and secures webhook integration for Kubernetes. It runs inside your cluster and establishes a secure, persistent tunnel to the Webhook Relay service. Incoming webhooks are received by Webhook Relay and securely forwarded through this tunnel directly to your target service within the cluster, without requiring any inbound ports to be opened on your firewall.

How it Works:

  1. Install the Webhook Relay Operator in your Kubernetes cluster.
  2. Create the CRD to enable forwarding:
apiVersion: forward.webhookrelay.com/v1
kind: WebhookRelayForward
metadata:
  name: example-forward
spec:
  buckets:
  - name: k8s-operator
    inputs:
    - name: public-endpoint
      description: "Public endpoint, supply this to the webhook producer"
      responseBody: "OK"
      responseStatusCode: 200
    outputs:
    - name: webhook-receiver
      destination: http://my-service:5050/webhooks
  1. Operator creates the desired configuration and starts forwarding the webhooks to your target service

Benefits:

  • Eliminate Complex Setup: No need to create or manage Load Balancers or Ingress controllers just for receiving webhooks. The Operator handles the connection securely.
  • Enhanced Security: Keep your Kubernetes services private. No need to expose services directly to the internet, significantly reducing the attack surface. This makes it the most secure way to integrate services like Jenkins CI running inside Kubernetes with external webhook sources (e.g., GitHub, GitLab).
  • On-Premise & Private Clusters: Perfect for on-premise Kubernetes clusters that reside behind corporate firewalls or lack direct public internet access.
  • Edge Kubernetes Ready: Ideal for edge Kubernetes distributions like k3s or MicroK8s, which often run on devices without stable public IP addresses.
  • Simplified Management: Define your webhook forwarding rules declaratively using Kubernetes custom resources.

By using the Webhook Relay Kubernetes Operator, you gain a secure, simple, and reliable way to integrate your internal Kubernetes applications with the outside world via webhooks, regardless of your network topology.

Ship faster with Webhook Relay