Cloudflare OperatorKubernetes Tunnels & DNS, Automated

A Kubernetes Operator to create and manage Cloudflare Tunnels and DNS records for HTTP/TCP/UDP Service Resources.

Tunnel Management

Create new or use existing Cloudflare Tunnels via Custom Resources. Supports both Namespace (Tunnel) and Cluster (ClusterTunnel) scoped resources.

Automatic DNS

Automatically creates and manages DNS records in Cloudflare when TunnelBinding resources are configured.

Scalable cloudflared

Runs a managed, scalable Deployment of cloudflared with automatic ConfigMap management.

Flexible Routing

Route traffic directly via cloudflared or through your own reverse proxy like ingress-nginx with TunnelBinding resources.

Cross-Cluster Access

Use AccessTunnel to expose services across clusters using Cloudflare's Arbitrary TCP Access.

API Version Migration

Built-in conversion webhooks for seamless v1alpha1 to v1alpha2 migration.

WARNING

This project is currently in Alpha.

Overview

The Cloudflare Operator provides a Kubernetes-native way of dynamically deploying the cloudflared daemon. Built using operator-sdk, once deployed it provides:

Tunnel/ClusterTunnel CRDs - Accept a Secret for Cloudflare API Tokens, run a scaled Deployment of cloudflared, and manage ConfigMaps automatically
TunnelBinding controller - Updates cloudflared configuration, restarts deployments, and manages DNS entries with proper cleanup via Finalizers
AccessTunnel CRD - Enables cross-cluster service connectivity through Cloudflare's TCP Access

Architecture

Operator Architecture

INFO

This is NOT an official operator provided by Cloudflare Inc. It utilizes their v4 API and their cloudflared to automate setting up of tunnels on Kubernetes.