Networking

Networking without a control-plane maze.

Overlay mesh, DNS, and gateway — configured at deploy time. No separate networking layer to manage.

Overlay mesh

Every service in an environment joins a private overlay network at deploy time. Services reach each other by name — no IP management, no port forwarding between containers.

Zero-config discoveryPrivate by defaultEncrypted transit

Overlay mesh

Example configuration

Zero-config discovery

Private by default

Encrypted transit

Gateway and ingress

Expose a service to the internet by enabling a public port. The gateway handles TLS termination, routing, and domain assignment automatically.

Automatic TLSCustom domainsPort routing

Gateway and ingress

Example configuration

Automatic TLS

Custom domains

Port routing

DNS and service discovery

Internal DNS resolves service names within the environment. api.production.internal, worker.production.internal — consistent, predictable, no sidecars.

Internal DNSPredictable namesEnvironment-scoped

DNS and service discovery

Example configuration

Internal DNS

Predictable names

Environment-scoped

Private vs public traffic

Ports are private by default. Opt in to public exposure per port. Internal service-to-service traffic never leaves the overlay network.

Port visibilityInternal-only portsPublic opt-in

Private vs public traffic

Example configuration

Port visibility

Internal-only ports

Public opt-in

How services connect

Internet

↓ HTTPSTLS terminated

Gateway

api.acme.com → api:3000

↓ Overlay mesh

api:3000

private

worker:8080

private

postgres:5432

private

Networking that just works

Zero-config mesh, automatic TLS, internal DNS.

Open Cloud Read the docs