Skip to main content
OVHcloud provides two managed container services: Managed Kubernetes Service (MKS) for orchestrating containerized workloads, and Managed Private Registry for storing and distributing container images. OVHcloud manages the control plane, OS patching, and Kubernetes version upgrades — you manage your workloads, node pools, and deployments.

Managed Kubernetes Service

Creating a Kubernetes cluster

1

Open Managed Kubernetes Service

In the OVHcloud Control Panel, go to your Public Cloud project. In the left menu under Containers & Orchestration, click Managed Kubernetes Service, then click Create a cluster.
2

Select a region

Choose the region where the cluster will be deployed. The region cannot be changed after cluster creation.
3

Choose the Kubernetes version

Select the minor version of Kubernetes. Always choose the latest stable version unless you have a specific compatibility requirement.
OVHcloud follows a lifecycle policy for supported Kubernetes versions. Refer to the End of life / end of support page before selecting an older version.
4

Configure private networking (optional)

To isolate your cluster from the public Internet or connect it to other OVHcloud resources, attach it to an existing vRack private network. The private network ID cannot be changed after creation.
5

Configure the default node pool

A node pool is a group of worker nodes sharing the same configuration (flavor, billing mode, autoscaling settings).
  • Choose a node flavor (e.g. b2-7 for 2 vCPUs and 7 GB RAM).
  • Set the initial number of nodes.
  • Optionally enable Autoscaling and set minimum and maximum node counts.
  • Choose hourly or monthly billing for the nodes. You cannot change from monthly to hourly after creation.
6

Enable anti-affinity (optional)

Anti-affinity ensures that nodes in the pool are launched on different physical hypervisors, improving fault tolerance. Anti-affinity node pools are limited to 5 nodes.
7

Name and create the cluster

Enter a name for the cluster and click Send. The cluster is ready within a few minutes.

Configuring kubectl

After the cluster is created, download the kubeconfig file and configure kubectl to connect to it.
  1. In the Control Panel, click your cluster, then click kubeconfig to download the configuration file.
  2. Set the KUBECONFIG environment variable to point to it:
# Linux / macOS
export KUBECONFIG=~/.kube/my-cluster.yaml

# Verify the connection
kubectl cluster-info
Expected output: 
Kubernetes control plane is running at https://xxxxxx.c2.gra.k8s.ovh.net
CoreDNS is running at https://xxxxxx.c2.gra.k8s.ovh.net/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

Deploying workloads

# Create a namespace
kubectl create ns my-app

# Apply a deployment and service manifest
kubectl apply -f deployment.yaml -n my-app

# Check pods
kubectl get pods -n my-app

# Check the external IP assigned to the LoadBalancer service
kubectl get services -n my-app
When you create a LoadBalancer Service in a Managed Kubernetes cluster, OVHcloud automatically provisions a Public Cloud Load Balancer. This load balancer is billed separately on an hourly basis. Delete the Service when you no longer need it to stop the charges.

Node pool management

Node pools let you mix different node flavors and configurations in the same cluster. Common patterns:
  • A general-purpose pool for most workloads
  • A GPU pool for AI/ML workloads
  • A high-memory pool for in-memory databases
# List node pools
kubectl get nodes -o wide

# Label nodes for workload targeting
kubectl label node my-node-1 workload=gpu

# Taint a pool so only GPU workloads are scheduled there
kubectl taint nodes my-node-1 gpu=true:NoSchedule

Autoscaling

Enable the Cluster Autoscaler to automatically add nodes when pods cannot be scheduled due to insufficient resources, and remove nodes when they are underutilised. To enable autoscaling on a node pool:
  1. In the Control Panel, open the cluster and go to the Node pools tab.
  2. Edit the pool and enable Autoscaling.
  3. Set the minimum and maximum number of nodes.
When a pod is unschedulable, the autoscaler adds a node within a few minutes. When nodes are idle for a configurable period (default 10 minutes), they are removed.

Upgrading Kubernetes versions

OVHcloud announces new Kubernetes versions and deprecation timelines on the lifecycle policy page. To upgrade your cluster:
  1. In the Control Panel, open your cluster. An upgrade notification appears when a new version is available.
  2. Click Upgrade and confirm.
  3. OVHcloud performs a rolling upgrade of the control plane, followed by a rolling drain and replacement of each node pool.
Always test your workloads against the target Kubernetes version in a staging cluster before upgrading production. Review the Kubernetes release notes and the OVHcloud-specific release notes for breaking changes.

Managed Private Registry

Managed Private Registry provides an authenticated Harbor-based container registry where you store and distribute Docker images and Helm charts.

Creating a registry

  1. In the Control Panel, under Containers & Orchestration, click Managed Private Registry, then Create a private registry.
  2. Select a region.
  3. Enter a registry name.
  4. Choose a plan:
    • S — basic registry
    • M — registry with Trivy vulnerability scanning
    • L — registry with Trivy vulnerability scanning and higher storage limits
  5. Wait for the status to show OK, then click ... > Generate identification details to create your credentials.

Pushing and pulling images

# Log in to your private registry
docker login my-registry.c1.gra.container-registry.ovh.net \
  --username my-user \
  --password my-password

# Tag a local image for your registry
docker tag my-app:latest \
  my-registry.c1.gra.container-registry.ovh.net/my-project/my-app:latest

# Push the image
docker push \
  my-registry.c1.gra.container-registry.ovh.net/my-project/my-app:latest

# Pull the image
docker pull \
  my-registry.c1.gra.container-registry.ovh.net/my-project/my-app:latest

Using images from a private registry in Kubernetes

Create a Kubernetes Secret with your registry credentials and reference it in your deployment: 
# Create a registry secret
kubectl create secret docker-registry my-registry-secret \
  --docker-server=my-registry.c1.gra.container-registry.ovh.net \
  --docker-username=my-user \
  --docker-password=my-password \
  --namespace my-app

# Reference the secret in your Pod spec
spec:
  imagePullSecrets:
    - name: my-registry-secret
  containers:
    - name: my-app
      image: my-registry.c1.gra.container-registry.ovh.net/my-project/my-app:latest

Responsibility model

OVHcloud and you share responsibilities for the Kubernetes service.
ResponsibilityOVHcloudYou
Kubernetes control plane (API server, etcd, scheduler)Responsible
Node OS patching and security updatesResponsible
Kubernetes version lifecycle managementResponsible
Node pool configuration and sizingResponsible
Workload deployment and configurationResponsible
Application security (RBAC, network policies)Responsible
Data persistence and backup of application stateResponsible
Kubernetes upgrades (triggering)InformedResponsible
Private network configurationInformedResponsible

Managing node pools

Add, remove, and configure node pools for your Kubernetes cluster.

Using the vRack with Kubernetes

Connect your cluster to a private network for secure inter-service communication.

Deploying GPU workloads

Schedule GPU-accelerated pods on OVHcloud Managed Kubernetes.

AI & Machine Learning

Run AI Notebooks, training jobs, and deploy models with OVHcloud AI services.

Build docs developers (and LLMs) love

Get started for freeTalk to us