Kubernetes
The Control Panel provides multi-cluster Kubernetes management. You can register multiple Kubernetes clusters, store their kubeconfigs with AES-256 encryption, monitor cluster health, and deploy workloads across clusters from a single interface.
Cluster Registration
Adding a Cluster
- Navigate to Kubernetes from the sidebar
- Click Register Cluster
- Enter a display name for the cluster
- Paste the kubeconfig contents or upload a kubeconfig file
- Click Register
The Control Panel encrypts the kubeconfig with AES-256 using the CC_K8S_ENCRYPTION_KEY environment variable before storing it in the database. The kubeconfig is only decrypted in memory when the Control Panel needs to communicate with the cluster.
The CC_K8S_ENCRYPTION_KEY must be set before registering any clusters. If this key is lost, stored kubeconfigs cannot be decrypted. Back up this key securely.
Kubeconfig Security
| Aspect | Implementation |
|---|---|
| Encryption at rest | AES-256 encryption in PostgreSQL |
| Encryption in transit | TLS between Control Panel and K8s API server |
| Access control | Only users with the appropriate role can view or use kubeconfigs |
| Key management | Encryption key provided via CC_K8S_ENCRYPTION_KEY environment variable |
Health Checking
The Control Panel performs health checks against registered clusters at a 2-minute interval. Each health check verifies:
- API server reachability — can the Control Panel connect to the cluster’s API server
- Node status — are cluster nodes in a Ready state
- System pod health — are critical system pods (kube-system namespace) running
Cluster Statuses
| Status | Meaning |
|---|---|
| Healthy | API server reachable, all nodes Ready, system pods running |
| Degraded | API server reachable but some nodes or system pods are unhealthy |
| Unreachable | Cannot connect to the cluster API server |
Health status is displayed on the Kubernetes page and updates automatically as checks run.
Unified Cluster View
The Kubernetes page provides a consolidated view of all registered clusters:
- Cluster cards — each cluster shown with its name, status, node count, and last health check time
- Resource summary — aggregated CPU and memory capacity across all clusters
- Namespace list — namespaces per cluster with workload counts
Click any cluster card to see its detailed view including nodes, namespaces, deployments, and pods.
Cross-Cluster Deployments
The Control Panel can deploy workloads to one or more clusters from a single operation.
Deployment Kinds
The following Kubernetes resource types are supported for cross-cluster deployments:
| Kind | Description |
|---|---|
| QuazzarApp | A Cloud OS app template deployed as a Kubernetes workload |
| Deployment | Standard Kubernetes Deployment resource |
| StatefulSet | Kubernetes StatefulSet for stateful workloads |
Creating a Cross-Cluster Deployment
- Navigate to Kubernetes > Deployments
- Click New Deployment
- Select the deployment kind
- Configure the workload (image, replicas, environment variables, volumes)
- Select the target clusters — one or more registered clusters
- Click Deploy
The Control Panel applies the resource definition to each selected cluster and tracks the deployment status per cluster.
Deployment Status
Each deployment shows per-cluster status:
- Deploying — resource is being applied to the cluster
- Running — all pods are in a Ready state
- Degraded — some pods are not ready
- Failed — deployment could not be applied
Cluster Detail
The cluster detail page provides a deeper look at a single cluster:
Nodes
- Node name, status, role (control-plane, worker)
- CPU and memory capacity and allocation
- Pod count per node
- Conditions and taints
Namespaces
- List of namespaces with workload counts
- Resource quotas if configured
- Click a namespace to see its workloads
Workloads
- Deployments, StatefulSets, DaemonSets, and Jobs
- Replica status (desired vs. ready)
- Pod list with status, restarts, and age
Pods
- Pod name, namespace, node, and status
- Container images and resource usage
- Logs accessible from the pod detail view
Managing Clusters
Editing a Cluster
Update a cluster’s display name or replace its kubeconfig from the cluster detail page. Click Edit and update the desired fields.
Removing a Cluster
Remove a cluster registration from the Control Panel. This does not affect the cluster itself — it only removes the Control Panel’s reference to it.
- Open the cluster detail page
- Click Remove Cluster
- Confirm the removal
Removing a cluster from the Control Panel does not delete any workloads running on the cluster. It only removes the registration and stored kubeconfig.
Next Steps
- High Availability — set up Control Panel redundancy
- Fleet Management — manage Cloud OS instances alongside K8s clusters