UpCloud Managed Kubernetes

UpCloud Managed Kubernetes provides CNCF-certified Kubernetes orchestration with simplified cluster management, automatic upgrades, and the same high-performance infrastructure that powers UpCloud's cloud servers. Designed for teams seeking production-grade Kubernetes without operational complexity, the service handles control plane management while giving you complete flexibility over workload deployment.

The platform delivers a fully managed control plane at no additional cost, eliminating the undifferentiated heavy lifting of etcd management, API server scaling, and controller redundancy that plagues self-hosted Kubernetes.

CNCF Certification and Kubernetes Versions

UpCloud Managed Kubernetes maintains Cloud Native Computing Foundation (CNCF) certification, guaranteeing API compatibility and interoperability with the broader Kubernetes ecosystem. This certification ensures your workloads, Helm charts, and kubectl commands work identically across any conformant Kubernetes distribution.

Supported Kubernetes versions:

• 1.28.x (latest stable)
• 1.27.x (stable)
• 1.26.x (stable)

UpCloud automatically applies security patches to control plane components, while cluster upgrades require explicit customer initiation to prevent unexpected disruption. The platform maintains multiple recent versions simultaneously, allowing gradual migration strategies.

Control Plane Management

The managed control plane operates independently from worker nodes, with UpCloud handling all aspects of control plane availability, scaling, and backup. This architecture means you never pay for control plane compute resources — only worker nodes incur charges.

Control plane components (API server, etcd, scheduler, controller manager) run in highly available configuration automatically. UpCloud manages etcd backups, API server TLS certificates, and admission controller configuration without requiring administrative intervention.

Pricing and Plans

UpCloud Kubernetes employs straightforward pricing based exclusively on worker node resources consumed. The control plane remains free regardless of cluster size or configuration.

Development Tier (Free):

• €0/month control plane fee
• Ideal for testing, staging, and personal projects
• Full feature parity with production tier
• No SLA guarantee

Production Tier:

• €60/month control plane fee
• 99.95% uptime SLA
• Priority support for cluster issues
• Recommended for business-critical workloads

Worker Node Pricing: Pay only for compute resources (vCPU, RAM, storage) at standard UpCloud Cloud Server rates. Nodes leverage the same flexible configurations available for virtual machines, from 1 vCPU / 1GB RAM to 32 vCPU / 128GB RAM.

The Cloud Native server plans work particularly well for Kubernetes worker nodes, offering pay-per-hour billing that aligns perfectly with cluster autoscaling behaviors.

Cluster Auto-Scaling

UpCloud implements Kubernetes Cluster Autoscaler to dynamically adjust worker node counts based on pod resource requests. When pods remain unschedulable due to insufficient cluster capacity, the autoscaler provisions additional nodes within minutes.

Similarly, when node utilization drops below configured thresholds, the autoscaler safely drains and removes underutilized nodes, reducing costs automatically. This elasticity proves essential for workloads with variable traffic patterns or scheduled batch processing.

Node Pools

Clusters support multiple node pools with distinct configurations, enabling heterogeneous workload requirements within a single cluster. One pool might use high-memory nodes for database workloads, while another uses high-CPU nodes for computation-intensive tasks.

Node pool features:

• Independent autoscaling configuration per pool
• Kubernetes labels for workload scheduling
• Taints and tolerations for workload isolation
• Rolling node updates without cluster disruption

Node pools simplify operational management by grouping similar nodes together, making capacity planning and resource allocation more transparent.

Load Balancer Integration

UpCloud Kubernetes includes automatic LoadBalancer service provisioning through cloud controller integration. When you create a LoadBalancer type service, UpCloud provisions a dedicated load balancer, configures backend pool members, and assigns a public IP address — all automatically.

Load balancers support both TCP and UDP protocols, with configurable health checks ensuring traffic routes only to healthy pods. This native integration eliminates manual load balancer configuration and keeps infrastructure-as-code definitions clean.

Persistent Storage

The platform provides Container Storage Interface (CSI) drivers for MaxIOPS and standard SSD storage, enabling Kubernetes PersistentVolumeClaims to provision block storage dynamically. Applications request storage through standard Kubernetes primitives, and UpCloud provisions volumes automatically.

Storage classes available:

• MaxIOPS — Up to 100,000 IOPS for database workloads and high-performance applications
• Standard SSD — Up to 10,000 IOPS for general-purpose persistent storage

Persistent volumes support snapshots for backup creation and cloning for rapid environment duplication. Storage scales from 10GB to 4TB per volume, with up to 16 volumes attachable per node.

Container Registry Integration

While UpCloud doesn't provide a proprietary container registry, clusters integrate seamlessly with external registries including Docker Hub, GitHub Container Registry, Google Container Registry, and private registries. Kubernetes image pull secrets enable secure authentication to private registries.

For teams requiring registry services, pairing UpCloud Kubernetes with Harbor (self-hosted) or external managed registries provides complete CI/CD pipeline integration.

Network Policies

UpCloud Kubernetes deploys with Calico CNI for advanced network policy enforcement. Network policies define fine-grained rules controlling pod-to-pod communication, implementing microsegmentation for enhanced security posture.

This capability proves essential for multi-tenant clusters or applications requiring strict isolation between services. NetworkPolicy resources integrate with Kubernetes RBAC, providing comprehensive security controls.

RBAC and Security

Kubernetes Role-Based Access Control (RBAC) enables granular permission management for users and service accounts. UpCloud integrates with your cluster RBAC configuration, allowing you to define who can deploy workloads, view logs, or modify cluster configuration.

Security features:

• Pod Security Standards enforcement
• Audit logging for API server requests
• Encrypted etcd data at rest
• Automatic TLS certificate management
• Private cluster endpoints available

Monitoring and Logging

Every cluster includes integrated Prometheus monitoring deployed automatically, collecting metrics from nodes, pods, and cluster components. Grafana dashboards visualize cluster health, resource utilization, and application performance without requiring manual setup.

For centralized logging, UpCloud Kubernetes integrates with external logging solutions like Elasticsearch/Kibana (ELK), Grafana Loki, or cloud-native logging services. Standard container output streams to stdout/stderr, and you ship logs to your preferred aggregation platform.

Backup Support

While UpCloud handles etcd backups for control plane state automatically, application data backup requires external tools like Velero. Velero performs cluster-level backups including Kubernetes resources and persistent volume snapshots.

UpCloud's storage CSI driver supports volume snapshots that Velero leverages for consistent application backup. This approach provides disaster recovery capabilities and enables cluster migration across regions or providers.

Multi-Zone Deployment

For enhanced resilience, clusters support worker node distribution across multiple availability zones within a region. This configuration protects against datacenter-level failures, ensuring applications remain available during infrastructure incidents.

Kubernetes topology spread constraints distribute pods across zones automatically, achieving high availability without manual replica placement. Combined with UpCloud's 99.999% compute SLA, multi-zone clusters deliver exceptional reliability.

API and kubectl Access

Cluster management operates through standard Kubernetes APIs accessible via kubectl command-line tool. UpCloud Hub provides kubeconfig file downloads containing cluster endpoint, certificates, and authentication tokens.

For automation and CI/CD integration, UpCloud's REST API manages cluster lifecycle operations including creation, scaling, and deletion. Terraform provider support enables infrastructure-as-code cluster management alongside other UpCloud resources.

Helm Support

The platform provides native Helm 3 compatibility without restrictions. Deploy Helm charts for applications, operators, or cluster addons using standard helm commands. Popular charts from Bitnami, Jetstack (cert-manager), and other ecosystem providers work without modification.

For GitOps practitioners, Helm integrates seamlessly with Argo CD and Flux for declarative application delivery.

GitOps Ready

UpCloud Kubernetes supports GitOps workflows through Argo CD, Flux, and similar tools without platform-specific modifications. These tools monitor Git repositories for configuration changes and automatically synchronize cluster state to match declared intent.

GitOps approaches improve operational consistency, provide audit trails for changes, and simplify rollback operations when deployments introduce issues.

Service Mesh Compatibility

The platform supports deployment of service mesh solutions including Istio, Linkerd, and Consul Connect. Service meshes provide advanced traffic management, mutual TLS between services, and detailed observability for microservices architectures.

While UpCloud doesn't mandate specific mesh implementations, the CNCF-certified Kubernetes ensures compatibility with all major service mesh projects.

Upgrade Strategy

Cluster version upgrades follow a controlled, customer-initiated process that minimizes disruption risk. UpCloud upgrades the control plane first, followed by automated node pool updates using rolling deployments.

Upgrade process:

• Control plane upgrades complete in 10-15 minutes
• Node pool upgrades drain pods gracefully before updating nodes
• Pod Disruption Budgets honored during rolling updates
• Rollback capabilities if issues emerge

Support and SLA

Production tier clusters include 99.95% uptime SLA covering control plane availability. This translates to approximately 22 minutes of permissible control plane downtime monthly.

UpCloud provides 24/7/365 support with average response times under 46 seconds. Kubernetes-specific support covers cluster troubleshooting, networking issues, storage problems, and upgrade guidance from engineers experienced with production Kubernetes operations.

Use Cases

UpCloud Managed Kubernetes excels across various scenarios:

• Microservices architectures — Native service discovery and load balancing for distributed applications
• CI/CD platforms — Dynamic environments for testing and staging using autoscaling
• Machine learning inference — GPU node pools for model serving (future capability)
• Data processing pipelines — Apache Spark, Airflow, and other data tools on Kubernetes
• Edge computing — Deploy applications closer to users across UpCloud's global network

Competitive Positioning

UpCloud Managed Kubernetes competes with major cloud providers (AWS EKS, Google GKE, Azure AKS) and specialized Kubernetes platforms (DigitalOcean DOKS, Linode LKE). Key differentiators include zero-cost data egress, free development tier clusters, MaxIOPS storage performance, and European data center concentration for GDPR compliance.

The €60/month production control plane fee significantly undercuts AWS EKS ($73/month) and Azure AKS (free control plane but higher node costs), while matching or exceeding SLA commitments.