Kubernetes for platform teams: Leveraging k0s and k0rdent (6 minute read)
Hosted Control Planes let you run multiple Kubernetes clusters on OpenStack without the traditional overhead of dedicating three nodes per cluster just for control plane infrastructure.
What: A technical tutorial showing how to build a multi-cluster Kubernetes platform on OpenStack using k0s (lightweight Kubernetes), k0rdent (multi-cluster orchestration), and a Hosted Control Planes architecture that centralizes all cluster control planes in a single management cluster rather than running separate 3-node control planes for each cluster.
Why it matters: Traditional Kubernetes deployments require at least three dedicated nodes per cluster just for the control plane (API server, etcd, controllers), which becomes prohibitively expensive when managing dozens or hundreds of clusters across dev, staging, and production environments. This architectural shift moves all control planes into one management cluster, dramatically reducing VM count, infrastructure costs, and operational complexity while enabling declarative, automated cluster provisioning.
Takeaway: Platform teams running multiple Kubernetes clusters can follow this step-by-step guide to implement a hosted control plane architecture and shift from managing individual clusters to operating a system that manages clusters.
Deep dive
- The traditional approach requires minimum 3 dedicated nodes per cluster for control plane components, meaning infrastructure costs multiply quickly across environments before any actual workloads run
- Hosted Control Planes run all API servers, etcd instances, and controllers inside a single management cluster, while only worker nodes are provisioned in OpenStack for each workload cluster
- The tutorial walks through creating a k0s-based management cluster, installing k0rdent controllers, configuring OpenStack credentials via clouds.yaml secrets, and defining clusters declaratively via ClusterDeployment resources
- k0s is chosen as the Kubernetes distribution because it's lightweight and simple, ideal for the management cluster that orchestrates the entire fleet
- k0rdent handles the cluster lifecycle management, continuously reconciling desired state defined in YAML manifests with actual infrastructure
- The architecture fundamentally shifts from imperative cluster provisioning (scripts, runbooks, CLI commands) to declarative definitions that are reproducible, auditable, and version-controlled
- Scaling is demonstrated by simply editing the workersNumber field in the ClusterDeployment manifest, which triggers k0rdent to automatically provision additional OpenStack VMs
- Critical setup steps include properly configuring OpenStack credentials, identifying correct network/image/flavor names from the actual OpenStack environment, and verifying access before proceeding
- The management cluster becomes the centralized brain while workload clusters become extensions, enabling policy enforcement, upgrades, and observability from a single point across the entire fleet
- This represents an architectural shift from cluster-centric thinking (managing individual clusters) to platform-centric thinking (operating a system that manages clusters)
- Both k0s and k0rdent are open source CNCF projects with active communities on GitHub and Slack channels for practitioners sharing real-world experience
Decoder
- k0s: A lightweight, zero-friction Kubernetes distribution designed to be simple to install and operate, used here for the management cluster
- k0rdent: An open source multi-cluster orchestration tool that runs as controllers in Kubernetes and handles cluster lifecycle management across fleets
- Hosted Control Planes (HCP): An architecture pattern where Kubernetes control plane components (API server, etcd, controllers) run inside a management cluster instead of on dedicated nodes per workload cluster
- OpenStack: An open source private cloud infrastructure platform for managing compute, storage, and networking resources
- Control plane: The set of Kubernetes components that make global decisions about the cluster, including the API server, scheduler, controller manager, and etcd datastore
- etcd: The distributed key-value store that Kubernetes uses as its backing store for all cluster data
- ClusterDeployment: A k0rdent custom resource that declaratively defines the desired state of a Kubernetes cluster, including worker count, machine flavors, and network configuration
Original article
This post demonstrates how to build a scalable, multi-cluster Kubernetes platform on OpenStack using k0s, k0rdent, and Hosted Control Planes (HCP), which eliminates the need for dedicated 3-node control planes per cluster by centralizing them in a single management cluster. The architecture shifts from managing individual clusters to operating a declarative system that handles provisioning, scaling, and upgrades across entire fleets while significantly reducing infrastructure costs and operational complexity.