Sentinel is a high-performance reverse proxy built on Cloudflare Pingora. It provides explicit limits, predictable behavior, and production-grade defaults for environments where operators need to sleep.
Quick Start
# Install
|
# Or via Cargo
# Run
Features
| Feature | Description |
|---|---|
| KDL Configuration | Human-readable config with hot reload |
| Agent System | Extend via external processes (WAF, auth, rate limiting) |
| Service Types | Optimized handling for APIs, static files, web apps |
| Observability | Prometheus metrics, structured logging, distributed tracing |
| TLS | Modern cipher suites, automatic certificate handling |
| Load Balancing | Round-robin, least connections, consistent hashing |
Why Sentinel
Modern proxies accumulate hidden behavior, unbounded complexity, and operational risk that surfaces under stress.
Sentinel takes a different approach:
- Bounded resources — Memory limits, queue depths, deterministic timeouts
- Explicit failure modes — Fail-open or fail-closed, never ambiguous
- External extensibility — Security logic lives in agents, not the core
- Observable by default — Every decision is logged and metered
The goal is infrastructure that is correct, calm, and trustworthy.
Design Principles
- Sleepable operations — No unbounded resources. No surprise behavior.
- Security-first — Every limit and decision is explicit in configuration.
- Small, stable core — Innovation lives outside the dataplane, behind contracts.
- Production correctness — Features ship only when bounded, observed, and tested.
See MANIFESTO.md for the full philosophy.
Community
- 💬 Discussions — Questions, ideas, show & tell
- 🐛 Issues — Bug reports and feature requests
- 📖 Documentation — Guides, reference, and examples
Contributions welcome. See CONTRIBUTING.md.
License
Apache 2.0 — See LICENSE.