KubeCon EUBooth 1151, Amsterdam. March 23-26
Read Operator

Overview

The read-only operator (aka "zxporter") collects Kubernetes resource utilization data and sends it to the DevZero platform.

Read Operator (zxporter)

The Read Operator is a lightweight, read-only Kubernetes operator that collects resource utilization metrics from your cluster and exports them to the DevZero platform via gRPC.

It is open-source on GitHub and designed with the principle of least privilege -- it cannot modify any cluster resources.

What It Collects

The operator collects metadata and utilization data across 65+ Kubernetes resource types:

CategoryResources
WorkloadsDeployments, StatefulSets, DaemonSets, ReplicaSets, Jobs, CronJobs, Pods
ComputeNodes, ResourceQuotas, LimitRanges, PriorityClasses, RuntimeClasses
StoragePersistentVolumes, PersistentVolumeClaims, StorageClasses, CSI drivers
NetworkingServices, Endpoints, Ingresses, NetworkPolicies
ConfigurationConfigMaps (metadata only), Namespaces, ServiceAccounts
AutoscalingHorizontalPodAutoscalers, VerticalPodAutoscalers
SchedulingPodDisruptionBudgets, PodTemplates
Custom ResourcesKarpenter NodePools/NodeClaims/EC2NodeClasses, Argo Rollouts
GPU MetricsNVIDIA DCGM metrics via Prometheus scraping

Architecture

zxporter Operator (in-cluster)

  Kubernetes Informers (65+ types)
  - Watch for create/update/delete
  - Delta-based (only changes)
            |
  Collection Manager
  - Configurable frequency
  - Namespace inclusion/exclusion
  - Resource type filtering
            |
  Prometheus Scraper
  - Scrapes cAdvisor, kubelet
  - DCGM GPU metrics
  - Node Exporter metrics
            |
  gRPC Transport (mTLS)
  - Batched export
  - Retry with backoff
  - Compression
            |
   DevZero Control Plane

RBAC

zxporter uses a minimal ClusterRole with read-only access:

  • get, list, watch on all collected resource types
  • No create, update, patch, or delete permissions
  • No access to secrets resources

The operator's ServiceAccount is scoped to its own namespace (devzero-zxporter).

Resource Footprint

ResourceRequestLimit
CPU200m500m
Memory128Mi512Mi

The operator adds negligible load to the Kubernetes API server -- it uses informers (watch-based) rather than polling.

Quickstart

A step-by-step guide on installing the zxporter (read-only) operator into your cluster.

Configuration

Configure the zxporter operator -- collection frequency, namespace filtering, GPU monitoring, and all available options.

On this page

Read Operator (zxporter)
What It Collects
Architecture
RBAC
Resource Footprint