User documentation for Okeanos

Okeanos is a fully-managed service based on Gardener to deliver Kubernetes clusters at scale everywhere, currently in public beta.

Login to the dashboard is possible with your existing GitHub account. After the first login a new project will be automatically created for you. Please reload the dashboard after a few seconds to see this project. You can then add your credentials for the cloud to be used and create Kubernetes clusters that will use virtual machines in that cloud account, and we provide and manage the Kubernetes Control Plane on our own infrastructure.

The clouds currently available are AWS, GCP, Azure, Hetzner Cloud, Fugacloud, Betacloud and CityCloud. We are currently working on support for IONOS and OVH. During the public beta, the only cost for using Okeanos is the cost on your own cloud account, charged directly by the cloud provider.

We do not ask for payment information and will not charge you for the control plane of the managed Kubernetes clusters. The service and support is offered on a best effort basis for free accounts until further notice.

Hetzner Cloud

The following describes how a Hetzner Cloud project is integrated into Okeanos.

Create new project

API tokens list

Create new API token

Generated API token

Okeanos dashboard login

Login with GitHub

Secrets panel

Add new Hetzner Cloud Secret

Create new cluster


The provided Grafana is stateless and therefore has the flaw of not beeing able to save settings. For example marking a dashboard as a favorite is impossible.

Dashboard overview


Try opening a dashboard again

Login required

Programmatic shoot creation

If you want to create clusters trough applications, you can do this via a custom resource definition of type shoot trough kubernetes. To gain access to the gardener API which creates shoots, you have to create a service account from the web dashboard.

Create new Service Account

From here you can also view or download the kubernetes config file. Once your kubectl or other tool is configured to use the new config file, you can simple apply the resource, e.g.

kubectl apply -f cluster.yaml

cluster.yaml example for Betacloud

kind: Shoot
apiVersion: core.gardener.cloud/v1beta1
  name: my-cluster-name
  namespace: garden-<your_project_name>
  cloudProfileName: betacloud
    enabled: false
      - start: '00 17 * * 1,2,3,4,5'
        end: '00 08 * * 1,2,3,4,5'
        location: Europe/Berlin
    version: 1.22.9
    type: cilium
    type: openstack
      apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1
      kind: ControlPlaneConfig
      loadBalancerProvider: amphora
      apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1
      floatingPoolName: external
      kind: InfrastructureConfig
      - cri:
          name: containerd
        name: worker-small
          type: 2C-4GB-40GB
            name: gardenlinux
            version: 576.1.0
        maximum: 2
        minimum: 1
        maxSurge: 1
        maxUnavailable: 0
          size: 50Gi
  purpose: development
  region: betacloud-1
  secretBindingName: betacloud-secret

Keep in mind, that some things need to be changed accordingly. Here are at least a few explanations of the bare minimum possible.