Skip to main content
Uncloud is a lightweight clustering and container orchestration tool that lets you deploy and manage web apps across cloud VMs and bare metal with minimal cluster management overhead. It creates a secure WireGuard mesh network between your Docker hosts and provides automatic service discovery, load balancing, ingress with HTTPS, and simple CLI commands to manage your apps.

Why Uncloud?

Modern cloud platforms like Heroku and Render offer amazing developer experiences but at a premium price. Traditional container orchestrators like Kubernetes provide power and flexibility but require significant operational expertise. Uncloud fills the gap between these two extremes with a pragmatic solution for the majority of us who aren’t running at Google scale.

Key benefits

Own your infrastructure and data: Whether driven by costs, compliance, or flexibility, run applications on any combination of cloud VMs and personal hardware while controlling your data and maintaining a cloud-like experience. Stay simple as you grow: Start with a single machine and add more whenever you need without changing your workflow. No worrying about highly-available control planes or complex YAML configurations. Build with proven primitives: Get production-grade networking, deployment primitives, service discovery, load balancing, and ingress with HTTPS out of the box without becoming a distributed systems expert. Support sustainable computing: Minimize system overhead to maximize resources available for your applications.

Core features

Multi-provider deployment

Combine cloud VMs, dedicated servers, and bare metal into a unified computing environment, regardless of location or provider. Mix a $5 VPS with a spare Mac mini or a rack of bare metal servers.

Docker Compose compatibility

Use the familiar Docker Compose format for defining services and volumes. No need to learn a new bespoke DSL. If you know Docker Compose, you already know how to deploy on Uncloud.

Zero-downtime deployments

Rolling updates without service interruption keep your apps running smoothly. Automatic rollback on failure is coming soon.

Zero-config private network

Automatic WireGuard mesh with peer discovery and NAT traversal. Containers get unique IPs for direct cross-machine communication without complex networking setup.

Service discovery

Built-in DNS server resolves service names to container IPs. Services can communicate with each other using simple DNS names like api.internal or db.internal.

Automatic HTTPS

Built-in Caddy reverse proxy handles TLS certificate provisioning and renewal using Let’s Encrypt. Your apps get HTTPS automatically with zero configuration.

Managed DNS

Automatic DNS records *.xxxxxx.uncld.dev for services with public access via the managed Uncloud DNS service. Get a free subdomain for your apps without managing DNS records.

No control plane

Fully decentralized design eliminates single points of failure and reduces operational overhead. Unlike traditional orchestrators, there’s no central control plane and quorum to maintain. Each machine maintains a synchronized copy of the cluster state through peer-to-peer communication, keeping cluster operations functional even if some machines go offline.

Docker-like CLI

Familiar commands for managing both infrastructure and applications. If you know Docker, you’ll feel right at home with uc run, uc deploy, uc ls, and more.

Remote management

Control your entire infrastructure through SSH access to any single machine in the cluster. All machines have the complete cluster state and can control everything.

How it differs from Kubernetes and Swarm

No control plane overhead

Kubernetes requires a highly-available control plane with etcd quorum, master nodes, and API servers. Uncloud has no control plane at all. Each machine maintains a synchronized copy of the cluster state through peer-to-peer communication using CRDT (Conflict-free Replicated Data Types).

Imperative over declarative

While Kubernetes uses declarative state reconciliation, Uncloud favors imperative operations. This simplifies both the mental model and troubleshooting. When you run a command, it executes directly rather than being queued for reconciliation.

Simpler networking

Uncloud creates a flat WireGuard mesh network where containers get cluster-unique IPs and can communicate directly. No complex overlay networks, network policies, or service meshes to configure.

Docker Compose format

Instead of learning Kubernetes YAML with deployments, services, ingresses, and config maps, you use the familiar Docker Compose format you already know.

Lighter footprint

Uncloud uses approximately 150MB RAM per machine compared to Kubernetes which requires significant resources just for the control plane. More resources stay available for your applications.

Common use cases

Personal projects and side hustles

Deploy your side projects across a few cheap VPSs or use that spare Raspberry Pi sitting in your drawer. Get all the benefits of distributed deployment without the operational complexity.

Small to medium web applications

Run production web apps with automatic HTTPS, zero-downtime deployments, and service discovery. Scale from one machine to dozens as your traffic grows.

Development and staging environments

Create realistic multi-machine environments for testing without the cost of managed Kubernetes clusters. Tear them down when you’re done.

Edge deployments

Combine cloud infrastructure with on-premises hardware to keep data close to where it’s needed. The decentralized design works well across network boundaries.

Cost optimization

Mix expensive cloud instances with cheaper alternatives or bare metal servers. Deploy the same app across providers and regions without vendor lock-in.

How it works

When you initialize a machine, Uncloud:
  1. Installs Docker and the uncloudd machine daemon on each server
  2. Generates WireGuard keys and allocates a dedicated subnet (like 10.210.0.0/24) for each machine
  3. Sets up Corrosion, a CRDT-based distributed SQLite database, to share cluster state
  4. Creates a Docker bridge network connected to the WireGuard interface
  5. Deploys Caddy reverse proxy in global mode to handle HTTPS and routing
When you add more machines, they establish WireGuard tunnels with existing machines and sync the cluster state. All communication happens over the secure mesh network. When you deploy a service, containers start on the appropriate machines and automatically register with DNS. Caddy discovers them and updates its routing configuration. Your app becomes accessible over HTTPS with zero manual configuration.
Each machine is equal in Uncloud. There are no master nodes or workers. Connect to any machine via SSH and you can manage the entire cluster.

What Uncloud is not

Uncloud is not ready for production use yet. The project is in active development and features may change significantly between releases. Uncloud is not a replacement for Kubernetes if you need:
  • Enterprise features like advanced RBAC, multi-tenancy, or complex network policies
  • Massive scale across hundreds or thousands of nodes
  • Deep integration with cloud provider services
  • A mature ecosystem with extensive third-party tools and operators
Uncloud prioritizes simplicity and developer experience over enterprise features and massive scale.

Next steps

Quickstart

Deploy your first app in minutes

Installation

Install the Uncloud CLI

Build docs developers (and LLMs) love

Get started for freeTalk to us