It lets you define tenants as CRDs and automatically provisions:
* Namespaces with isolated RBAC and network policies * ResourceQuota and LimitRange * Full tenant lifecycle (create/update/delete)
One unique part: it can provision tenants directly from your database — a new DB row instantly becomes a `Tenant` CR and triggers namespace/RBAC setup. This makes it easy to build SaaS-style onboarding like Atlassian Cloud or Slack, where a tenant is created immediately after signup (or by a customer manager in real time).
I first built an early version ~2 years ago, running over 150 tenants in production. This new design generalizes those lessons into a simpler, more universal interface.
Multi-tenancy isn’t a common need, so real-world feedback is invaluable. If you spot design flaws, anti-patterns, or confusing docs - please let me know. Even small input helps make it stronger.
Repo: https://github.com/kubernetes-tenants/tenant-operator License: Apache 2.0