A cloud control plane. Your nodes. One Kubernetes experience.
K8S Engine hosts and operates your Kubernetes control plane. Your nodes connect securely (outbound-first) to the control plane endpoint. You manage compute placement via Node Pools, and K8S Engine handles the lifecycle and operational complexity.
Create a cluster
Choose Kubernetes version, region (for control plane), and availability mode. Your control plane is provisioned in minutes.
Attach compute
Add nodes manually (bare metal / existing VMs), or create Node Pools to provision nodes via Cluster API on AWS, Azure, GCP, Hetzner, or IONOS.
Enable autoscaling (optional)
Define min/max per pool. K8S Engine scales nodes up/down automatically based on scheduling demand. Safe scale-down respects pod disruption budgets.
Storage works automatically
K8S Engine installs the CSI driver and creates a default StorageClass. PVCs can be provisioned immediately—no day-2 setup required.
Operate confidently
Upgrades, backups, audit logs, and access control are centralized in one console. Focus on workloads, not control plane operations.
Ownership clarity
Clear boundaries make security reviews easier and operations predictable.
K8S Engine is responsible for
Control plane reliability and security posture
You retain full control of
Infrastructure location and cost
Workloads remain portable
Through standard Kubernetes APIs
Operational Ownership
K8S Engine
Control plane, etcd, upgrades, backups, scaling logic
You
Nodes, networking, workloads, infrastructure costs
Architecture overview
K8S Engine (Managed)
- Kubernetes API endpoint
- Controllers and scheduler
- etcd cluster (HA, encrypted)
- Backup service
- Upgrade orchestrator
Your Infrastructure
- Node Pools (via Cluster API)
- Nodes across providers / bare metal
- Workloads and namespaces
- Network connectivity
Connectivity uses outbound tunnels with mTLS. Nodes initiate connections to the control plane—no inbound firewall rules required.