Platform

Kupe Cloud is a managed Kubernetes platform that gives each tenant isolated, lightweight virtual clusters with platform-managed infrastructure.

How it works

Each Kupe cluster is a virtual cluster that provides:

• Its own Kubernetes API server - your kubeconfig points to your cluster API endpoint.
• Strong workload and access isolation - tenant RBAC, namespaces, and access groups are scoped to your tenant.
• Shared platform control plane services - GitOps, observability, and routing services run centrally and are scoped to your tenant and clusters.

The underlying host infrastructure (nodes, networking, storage) is managed by Kupe. Your team interacts with your virtual clusters and workloads.

What Kupe Cloud manages

• Cluster provisioning - create clusters through the console.
• Kubernetes upgrades - guided version upgrades with health validation.
• Infrastructure - compute nodes, container runtime, CNI networking, CSI storage.
• Platform services - managed delivery, monitoring, alerting, DNS, certificates, and routing infrastructure.
• Authentication - OIDC-based SSO and tenant access mapping.

What your team owns

• Application manifests - Helm charts, Kustomize overlays, or plain YAML in Git.
• Namespace design - how you organize workloads inside your cluster.
• Deployment process - GitOps workflows, promotion rules, and rollback procedures.
• Application health - SLOs, incident response, and capacity planning for your services.

Access model

You can access your cluster through two paths:

• Console - web UI powered by Headlamp for workloads, troubleshooting, logs, events, and day-2 operations.
• CLI - generated kubeconfig for kubectl, Helm, and CI/CD pipelines:
  • OIDC kubeconfig for interactive use (current token lifetime is 8 hours, requires kubelogin).
  • Token kubeconfig for automation (configurable expiry up to 365 days).

Platform guides

• Platform Concepts - cluster lifecycle, GitOps model, and operational expectations.
• CLI Access - kubeconfig setup for OIDC and token-based access.