Lifecycle Management Overview

The OpenBao Operator manages the full lifecycle of OpenBao clusters, from initial provisioning (Day 0) to complex upgrades (Day 2) and disaster recovery (Day N).

These flows describe manager-level responsibilities. In the code, OpenBaoCluster reconciliation is split across:

• openbaocluster-workload (certs, infra, init)
• openbaocluster-adminops (upgrade, backup)
• openbaocluster-status (conditions, finalizers)

• Day 0: Provisioning

  Tenant onboarding, Namespace creation, and RBAC delegation via the Provisioner Controller.

• Day 1: Creation

  Cluster initialization strategies (Self-Init vs Standard), PKI bootstrapping, and Unsealing.

• Day 2: Operations

  Details on Upgrade strategies (Rolling/Blue-Green), Maintenance Mode, and Version Management.

• Day N: Backups

  Backup scheduling, retention policies, and restoration workflows.