Inlets is a reverse tunnel built by Alex Ellis (of OpenFaaS) that punches out from a private network to a public exit-server and relays inbound traffic back. You run the server on a cheap cloud VM with a public IP, run the client next to the thing you want to expose (laptop, Raspberry Pi, on-prem Kubernetes), and the client holds an outbound websocket to the server over which all traffic is multiplexed.
Originally the project had an open-source core (inlets OSS) and a Pro edition; as of 2022 the open-source edition was deprecated and Inlets Pro / “inlets” is now a commercial product. It supports both HTTP (L7, with host-based routing, multiple upstream services per tunnel, TLS termination) and raw TCP (L4, for SSH, Postgres, RDP, etc.), runs natively on Kubernetes with a LoadBalancer controller that provisions real public IPs for clusters behind NAT, and can be automated via inletsctl to spin up exit-servers on DigitalOcean, Linode, Hetzner, Scaleway, and others.
It occupies the same space as ngrok, Cloudflare Tunnel, and Tailscale Funnel, but the sales pitch is that you own the exit node, your data never traverses a third-party SaaS, and you pay per VM instead of per tunnel.