Kaphera EDC Operator
A Kubernetes operator that manages the full lifecycle of Eclipse Dataspace Components connectors (control plane, data plane, identity wallet, and credential issuer). The Apache 2.0 open-source core that every other Kaphera artefact builds on.
What it is
A Kubernetes operator that manages the full lifecycle of Eclipse Dataspace Components connectors (control plane, data plane, identity wallet, and credential issuer). Written in Rust using kube-rs. Released under the Apache 2.0 licence. It is the open-source core of the Kaphera product family: every other artefact either builds on it, extends it, or connects to what it manages.
What it does for the customer
Reduces EDC Connector deployment from a multi-week infrastructure project to a declarative Kubernetes resource. A team that previously had to assemble Java processes, configure identity systems, wire up credential issuance, and manage data plane routing can instead declare a connector spec and let the operator handle provisioning, configuration, health management, and upgrades. Validated connector profiles (MDS, Tractus-X) ship pre-built, so dataspace-specific trust anchor and credential work does not fall on the deploying team.
Who it serves
lars-hoffmann is the platform engineer who wants to ship a working connector in a day without becoming an EDC specialist. The operator is the foundation of his delivery toolchain: he deploys it via the [[kaphera-cli|kaphera CLI]] and kaphera-cloud-terraform-provider, and hands clients a production-grade connector instead of a bespoke build.
leila-brandt is the backend engineer whose SaaS product integrates with Catena-X. The operator manages the connectors her application talks to via the control plane management API. She never operates it directly (it is the infrastructure behind the managed service she subscribes to) but connector profiles and upgrade tracking directly affect her integration stability.
marco-ferretti is the white-label partner building a managed connector business. The operator is the engine under his branded offering: Apache 2.0 means he can deploy it for clients without licensing friction.
dirk-wassermann is the enterprise platform leader running connectors on his own infrastructure. He needs to inspect the operator source to satisfy his security team, and Apache 2.0 is a prerequisite for his procurement process.
Why this licence: Apache 2.0
Connector lifecycle management is the commodity layer. Every team deploying EDC must solve it. Open-sourcing it removes the barrier that currently forces teams to build bespoke automation for each deployment. The more teams that adopt the operator, the stronger the ecosystem around Kaphera’s commercial products (kaphera-cloud-operator, kaphera-cloud-server, kaphera-cloud-managed-server) becomes.
How it relates to other artefacts
Depends on the kaphera-edc-enablement-operator for infrastructure (databases, secrets, identity). Connectors are deployed into namespaces created by the kaphera-cloud-operator in managed mode. The kaphera-dsp-data-plane is deployed and configured by this operator. The [[kaphera-cli|kaphera CLI]] and kaphera-cloud-terraform-provider manage its CRDs via the kubernetes backend.
Connector lifecycle
stateDiagram-v2 [*] --> Pending Pending --> Provisioning: spec valid Provisioning --> Running: control + data plane ready Running --> Updating: spec change / upgrade Updating --> Running: reconciled Running --> Terminating: delete Provisioning --> Failed: error Updating --> Failed: error Failed --> Provisioning: retry Terminating --> [*]
Related
- kaphera-edc-enablement-operator: the infrastructure-services operator this depends on.
- kaphera-cloud-operator: the organisational layer that scopes connectors into tenants.
- kaphera-dsp-data-plane: the data plane this operator deploys and configures.
- lars-hoffmann: the platform engineer for whom this operator turns multi-week setup into a declarative Kubernetes resource.
- dirk-wassermann: the enterprise lead whose security review depends on Apache 2.0 source access.