RHCL Demo — Use Cases

Gateway API + Kuadrant (Connectivity Link): Auth, rate-limit, TLS, traffic shaping, OIDC, and external API proxying.
Gateway API (openshift-default) Kuadrant policies Same-origin UI
Module
Policies playground — AuthPolicy + RateLimitPolicy
Use API keys to demonstrate identity + rate limiting (429). The live log is your “audience screen”.

Try endpoints Ready

Last status
Latency (ms)
Active API key
alice
Latest burst results
200 401 / 403 429

Live log same-origin

Tip: the UI is public (explicit allow override) and the `/hello` API requires a valid API key (AuthPolicy).
Module
Role separation — infra owner vs platform vs developer
One click prints checks that map outcomes to responsibilities. Great to explain “who owns what” in policy lifecycle.

Role separation (high-level)

This module illustrates how responsibilities split across Infrastructure Owner, Platform Engineer, and Developer. Click "Run checks" to validate the current state and see which layer is responsible.
Module
Traffic shaping — A/B testing and canary rollout
The UI samples a route and visualizes observed split vs expected weights, with a progress bar and per-request log.

Traffic shaping: A/B + canary Idle

The UI sends N requests to a route and counts which backend responds. A/B uses /ab (expected 50/50). Canary uses /canary (expected 90/10).
expected: A/B 50/50 · canary 90/10
Run
Observed split
Avg latency (ms)
Latest samples (fixed width)
primary secondary
What you see: each bar is one request. Green = primary, blue = secondary. The log prints progress and a few sample lines.
Module
External API — same-origin proxy to ESPN JSON
Visually explain what happens: browser calls /external/<preset>, cluster proxies to ESPN, UI renders a scoreboard with official team logos.

External API (ESPN) via in-cluster proxy

The UI calls /external/<preset> on the same host. The in-cluster proxy fetches ESPN JSON and returns it same-origin. Endpoints are the public ESPN JSON URLs commonly referenced by espnapi.com.
browser /external/<preset> proxy (cluster) ESPN JSON (site.api.espn.com)
Request
Upstream
Status / latency
Events
team logos come from ESPN JSON
Scoreboard (top events)
Module
OIDC — Keycloak + protected route
Get an access token from Keycloak (/auth) and call a JWT-protected endpoint (/secure).

OIDC: Keycloak + protected route

Get an access token from Keycloak (/auth) and call a JWT-protected endpoint (/secure).