• Products
    • Kubernetes Platform

      Creating identical Kubernetes clusters and managing them
    • Virtualization Platform

      Managing virtual machines
    • Observability Platform

      Infrastructure and application monitoring and logging
    • Stronghold

      Securely managing lifecycle of secrets
    • Delivery Kit

      Building and delivering containerized software
    • Commander

      Cluster control center
    • Prom++

      Open Source monitoring system
  • Solutions
    • Technical Support
    • Security
    • Training & Consulting
    • Deckhouse vs KaaS
  • Success stories
  • Community
Documentation Contact us
En Ru
Kubernetes Platform
  • Learn more
  • Getting started
  • Documentation
  • Modules
  • Guides
  1. Platform documentation
  1. Project management
Channel/version: 
stable
  • Rock Solid v1.72
  • Stable v1.72
  • Early Access v1.73
  • Beta v1.73
  • Alpha v1.73
  • latest
  • Overview
  • Administration
    • Platform installation
    • Platform configuration
      • Description
      • Registries and editions
        • Overview
        • Third-party registry
        • Internal registry
        • Restoring registry access
        • Switching editions
      • IAM
        • Authentication
          • Overview
          • Integration with external authentication providers
          • Local authentication
          • Accessing the Kubernetes API via load balancer
          • Resource configuration
        • Authorization
          • Overview
          • Current authorization model
          • Experimental authorization model
          • Granting permissions to users and service accounts
          • Checking user permissions
          • Access for CI/CD
      • Integration with IaaS
        • Overview
        • Public cloud providers
          • Overview
          • Integration with Yandex Cloud
            • Connection and authorization
            • Layouts and configuration
            • Storage and load balancing
            • Integration with Yandex Cloud services
          • Integration with VK Cloud
            • Connection and authorization
            • Layouts and configuration
          • Integration with Selectel Cloud
            • Connection and authorization
            • Layouts and configuration
          • Integration with OVH Cloud
            • Connection and authorization
            • Layouts and configuration
          • Integration with OpenStack-based clouds
            • Connection and authorization
            • Layouts and configuration
          • Integration with Amazon Web Services (AWS)
            • Connection and authorization
            • Layouts and configuration
            • Storage and load balancing
            • Integration with Amazon Web Services
          • Integration with Microsoft Azure
            • Connection and authorization
            • Layouts and configuration
            • Storage and load balancing
            • Integration with Microsoft Azure services
          • Integration with Google Cloud Platform (GCP)
            • Connection and authorization
            • Layouts and configuration
        • Private cloud providers
          • Overview
          • Integration with VK Cloud
            • Connection and authorization
            • Layouts and configuration
          • Integration with OpenStack
            • Connection and authorization
            • Layouts and configuration
          • Integration with Huawei Cloud
            • Connection and authorization
            • Layouts and configuration
            • Storage and load balancing
            • Integration with Huawei Cloud services
        • Virtualization systems
          • Overview
          • Integration with DVP
            • Integration with DVP
            • Connection and authorization
            • Layouts and configuration
          • Integration with VMware Cloud Director
            • Connection and authorization
            • Layouts and configuration
          • Integration with VMware vSphere
            • Connection and authorization
            • Layouts and configuration
            • Storage and load balancing
            • Integration with VMware vSphere services
          • Integration with zVirt
            • Connection and authorization
            • Layouts and configuration
            • Storage and load balancing
            • Integration with zVirt services
        • Hybrid cluster
      • Platform update
        • Overview
        • Configuring updates
        • Configuring notifications
        • FAQ
      • High reliability and availability
        • Overview
        • Node configuration recommendations
        • Managing HA mode
        • Chaos engineering
      • Platform scaling and node management
        • Overview
        • Control plane management
          • General management and configuration of the control plane
          • Control plane recovery and debugging
          • Scaling and changing master nodes
          • Updating Kubernetes and versioning
        • Node management
          • Node management basics in Deckhouse
          • Adding and managing cloud nodes
          • Adding and managing bare-metal nodes
          • Custom node configuration
          • Migrating container runtime to ContainerdV2
      • Application scaling and resource management
        • Overview
        • Scaling by metrics
        • Horizontal pod autoscaling
        • Vertical pod autoscaling
        • Pod restart on configuration change
        • Load distribution management
          • Scheduler
          • Priority classes
      • Network
        • Overview
        • Internal network
          • Internal network configuration
          • Encrypting traffic between pods
          • Configuring cluster network stack visualization
          • Switching CNI from Flannel to Cilium
        • Incoming traffic balancing
          • Overview
          • NLB
            • Balancing with MetalLB
            • External balancer
          • ALB
            • ALB with NGINX Ingress controller
            • ALB with Istio
          • Ensuring high availability and fault tolerance (keepalived)
        • Outgoing traffic balancing
          • Egress Gateway
        • Inter-cluster cooperation (alliance)
          • Overview
          • Multicluster
          • Federation
        • Network policy configuration
        • Other network configuration options
          • Managing static routes and ip rules on cluster nodes
          • Managing DNS in a Kubernetes cluster
          • Caching DNS requests on cluster nodes
          • BpfLB operation modes for external traffic processing
          • Synchronizing time on nodes
        • Access via OpenVPN
          • Overview
          • Configuration
      • Storage
        • Overview
        • Storage configuration
        • Configuring volume snapshot creation
        • Software-defined storage (SDS)
          • Local path provisioner storage
          • Node configuration for software-defined storage (SDS)
            • Overview
            • Usage scenarios
            • Configuration scenarios
            • FAQ
          • Local storage based on LVM
            • Setting up local storage based on LVM
            • Managing local storage based on LVM
          • Replicated storage based on DRBD
            • Setting up replicated storage based on DRBD
            • Managing DRBD‑based replicated storage
        • External
          • Distributed Ceph storage
          • HPE data storage
          • Huawei data storage
          • NetApp data storage
          • NFS storage
          • S3 object storage
          • SCSI-based data storage
          • TATLIN.UNIFIED (Yadro) unified storage
      • Security
        • Overview
        • Security events
          • Kubernetes API event audit
          • Security event audit
        • Security policies
        • Vulnerability scanning
        • Certificate management
        • Integration with KUMA and antivirus software
        • Distribution of secrets across namespaces
      • Platform monitoring
        • Overview
        • Monitoring configuration
          • Configuring monitoring of network interaction and cluster nodes
          • Writing Prometheus data to longterm storage
          • Configuring external access
        • Configuring a system for collecting and storing metrics
        • Cluster SLA Monitoring
        • Setting up alerts
          • Configuring integrations
      • Logging
        • Overview
        • Collection and delivery
        • Short-term storage
      • Multitenancy
      • Backup and restore
      • Assigning namespace labels
    • Platform uninstalling
  • Using
    • Access
      • Authentication
    • Application scaling and resource management
      • Vertical Pod Autoscaling
    • Network
      • Incoming traffic processing
        • Overview
        • NLB
        • ALB
      • Intra-cluster communication
      • Managing authorization and access to workload with Istio
      • Request routing with Istio
      • Enabling Istio for applications
      • Managing request balancing between service endpoints with Istio
      • Locality failover with Istio
      • Configuring request retries with Istio
      • Configuring resources for istio-proxy sidecars
      • Circuit Breaker
      • Canary deployment
    • Security
      • Container image vulnerability scanning
      • Using TLS certificates
    • Interfaces
      • Web interfaces
        • Web UI
        • Grafana
        • Alert management
        • Kubeconfig generator
        • Downloading Deckhouse utilities
        • Secret management
        • Visualizing cluster network stack
    • Multitenancy
    • Monitoring
      • Overview
      • Configuring application monitoring
    • Logging settings
  • Architecture
    • Overview
    • Modules
      • Description
      • Module structure
      • Building and publication
      • Running and verifying in the cluster
      • Module dependencies
      • Versioning
      • Examples
      • Development and debugging
    • Disaster resilience
      • Overview
      • Geo-distribution
      • Geo-reserving
    • Updating
    • Logging
      • Log collection and delivery
      • Short-term storage
    • VPA
    • Authentication
    • Node management
    • Monitoring
    • Network
      • Cluster architecture with Istio enabled
      • Application service architecture with Istio enabled
      • Caching DNS server in a cluster
    • Multitenancy
    • Security
      • Integrity control
      • Architecture of security event audit
    • Direct mode architecture (registry)
  • Reference
    • API
      • Global configuration
      • Custom Resources
    • Release channels
    • Supported K8s & OS versions
    • Revision comparison
    • Network interaction
    • Alerts
    • Sysctl parameters
    • Used software
    • Used directors
  • Console utilities
    • Deckhouse CLI (d8)
      • Overview and installation
      • Reference
  • Release notes

Project management

You are viewing the documentation for an unreleased version of Deckhouse. You may choose the appropriate release channel from the versions menu or go to the latest stable Deckhouse version.

Was the page useful?

✕

Thanks for the review!

✕

Your response is being processed, and changes can be made in 5 minutes.

✕

An error has occurred

Please try again later

✕

Tell us what you didn’t like.

We use cookies to make your browsing experience more convenient. Please refer to our Privacy Policy for details.
✕

Request trial access

Fill out the form, and we will contact you within the next business day — please stay in touch!

Select your preferred communication means

By submitting form, you agree to the Privacy Policy

Thank you

Thank you for your interest in the Deckhouse Kubernetes Platform!
We will contact you within the next business day regarding the details of your request — please be in touch!

Error

Something went wrong...

✕

Request callback

Fill out this form, and we will contact you soon.

Select your preferred communication means

By submitting form, you agree to the Privacy Policy

Thank you

We will contact you on this or the next business day

Something went wrong

Please try again later

✕

Book your sessions

Fill out this form, and we will contact you to discuss the details

Thank you

Check your email for details.

Error

Something went wrong...

✕

Request demo

Fill out this form, and we will contact you soon.

Thank you

We will contact you soon.

Error

Something went wrong...

✕

Get the PCI SSC Compliance Report

The document is aimed at companies that use container-based payment systems. It contains a list of common threats along with the best practices and measures we put in place to address them. Find out the extent to which Deckhouse meets the PCI SSC criteria!

By clicking the "Download the report" button, you agree to the Privacy policy.

Thank you

The file is loaded automatically. If it doesn't, click the «Download» button.

Error

Something went wrong...

✕

Contacts
  • contact@deckhouse.io
  • +7 (495) 721-10-27
Products
  • Kubernetes Platform
  • Virtualization Platform
  • Observability Platform
  • Commander
  • Stronghold
  • Delivery Kit
  • Prom++
Solutions
  • Technical Support
  • Security
  • Training & Consulting
  • Deckhouse vs KaaS
Resources
  • Success stories
  • Community
  • Documentation
  • Getting started
  • Blog
  • Privacy Policy
  • Terms of service
  • Cookie Policy
© 2025 Deckhouse. All rights reserved.