A Kubernetes Operator to create and manage Cloudflare Tunnels and DNS records for (HTTP/TCP/UDP*) Service Resources
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
Adyanth H 21197d49ab 👷 Multi arch build only on tag 3 days ago
.github/workflows 👷 Multi arch build only on tag 3 days ago
api/v1alpha1 ⬆️ Update default cloudflared image 2 months ago
bundle 🔖 v0.8.2 3 days ago
config 🔖 v0.8.2 3 days ago
controllers 🐛 Prevent deleting the DNS entry 1 month ago
docs Add SMB protocol support 2 months ago
hack 🎉 Initial commit: Controller for Ingess 5 months ago
images 📝 Update getting started with new Cloudflare API scope terminology 3 months ago
samples 🔨 Update samples to not use kustomize 3 months ago
.dockerignore 🎉 Initial commit: Controller for Ingess 5 months ago
.gitignore 🎉 Initial commit: Controller for Ingess 5 months ago
Dockerfile 👷 Add multi-arch (arm) builds 2 months ago
LICENSE 📄 Fix license 4 months ago
Makefile 🔖 v0.8.2 3 days ago
PROJECT ClusterTunnel resource and controller! 4 months ago
README.md 📝 Documentation for configuration options 2 months ago
bundle.Dockerfile 🔖 v0.8.2 3 days ago
go.mod 🔖 v0.8.2 3 days ago
go.sum 🔖 v0.8.2 3 days ago
main.go 🎉 Set leader election reuse namespace 2 months ago

README.md

Cloudflare Operator

Logo

A Kubernetes Operator to create and manage Cloudflare Tunnels and DNS records
for (HTTP/TCP/UDP*) Service Resources

Getting Started Guide »

Report Bug · Request Feature

GitHub license GitHub forks GitHub stars GitHub issues Go Report Card

NOTE: This project is currently in Alpha

UDP*: UDP support for Cloudflare Tunnels is in Early Access

Motivation

The Cloudflare Tunnels guide for deployment on Kubernetes provides a manifest which is very bare bones and does not hook into Kubernetes in any meaningful way. The operator started out as a hobby project of mine to deploy applications in my home lab and expose them to the internet via Cloudflare Tunnels without doing a lot of manual work every time a new application is deployed.

Overview

The Cloudflare Operator aims to provide a new way of dynamically deploying the cloudflared daemon on Kubernetes. Scaffolded and built using operator-sdk. Once deployed, this operator provides the following:

  • Ability to create new and use existing Tunnels for Cloudflare for Teams using Custom Resources (CR/CRD) which will:
    • Accept a Secret for Cloudflare API Tokens and Keys
    • Run a scaled (configurable) Deployment of cloudflared
    • Manage a ConfigMap for the above Deployment
    • Have Cluster and Namespace scoped Tunnels
  • A Service controller which monitors Service Resources for Annotations and do the following:
    • Update the cloudflared ConfigMap to include the new Service to be served
    • Restart the cloudflared Deployment to make the configuration change take effect
    • Add a DNS entry in Cloudflare for the specified domain to be a proxied CNAME to the referenced tunnel
    • Reverse the above when the Service is deleted using Finalizers

Bird's eye view

Here is how the operator and the Tunnel Resource fit into your deployment.

Operator Architecture

There is more detailed information on this architecture and thought process behind it in my blog post.

Getting Started

Go through the dedicated documentation on Getting Started to learn how to deploy this operator and a sample tunnel along with a service to expose.

Look into the Configuration documentation to understand various configurable parameters of this operator.

NOTE: This is NOT an official operator provided/backed by Cloudflare Inc. It utilizes their v4 API and their cloudflared to automate setting up of tunnels on Kubernetes.