Espejote - an in-cluster templating controller.

Espejote (‘big mirror’ in Spanish) manages arbitrary resources in a Kubernetes cluster. Built from the ground up to take advantage of Server Side Apply and Jsonnet templating.

Safe and robust

We built Espejote to be safe and robust for production use in large clusters after growing tired of operators randomly entering reconcile loops and crashing our clusters.

Espejote uses sane rate limiting and backoff strategies. It builds on the battle-tested controller-runtime library.

Every resource manager runs with its own ServiceAccount for least privilege.

No implicit watches or triggers – you are in complete control of what gets reconciled and when.

Swiss Army knife

Espejote helped VSHN replace multiple specialized operators, patch-operator, Kyverno, and Crossplane.

An API builder and WASM plugins are coming soon.

Backed by Jsonnet

Espejote uses Jsonnet as the templating language, arguably the best templating language for Kubernetes.

The use of SSA means Espejote works well with other tools and operators in the cluster. Manage a single annotation or full resources with ease.