I wanted to share a small project I’ve been working on: miniziti-operator
This is a “scratch our own itch” Kubernetes operator that makes some of the most common OpenZiti workflows declarative via Kubernetes manifests.
It introduces a few custom resources:
ZitiIdentityZitiServiceZitiAccessPolicy
The operator reconciles these into the corresponding OpenZiti entities, so instead of manually creating identities, services, and policies, you can define them as part of your cluster configuration and let the operator handle the rest.
This is not intended to be a full implementation of the OpenZiti management API, nor a replacement for efforts like ziti-k8s-agent. The goal is much narrower: simplify common day-to-day tasks in a Kubernetes-native way.
Disclaimer: This is still early. I haven’t used it in production yet, and it needs more testing and refinement. I’m sharing this in the “release early, release often” spirit.