Alauda Container Platform

Cluster Management Models

Use the cluster management model to separate three planning decisions:

  1. Infrastructure responsibility.
  2. Control-plane topology.
  3. Kubernetes ownership and onboarding.

Each cluster path combines choices from these axes. Installer-Provisioned Infrastructure (IPI), User-Provisioned Infrastructure (UPI), Hosted Control Plane (HCP), and the current UI label Managed Cluster are not one flat list of mutually exclusive cluster types.

TOC

Infrastructure ResponsibilityControl-Plane TopologyKubernetes Ownership And OnboardingThird-Party Cluster Capability BoundariesProvider And Workflow Caveats

Infrastructure Responsibility

Infrastructure responsibility explains who provides and manages machines, node operating systems, and Kubernetes lifecycle.

ModelMachines and nodesNode operating systemKubernetes lifecycleMain docs
Installer-Provisioned Infrastructure (IPI)Provisioned through the platform and its infrastructure provider integration.Managed by the platform with Immutable OS.Managed by the platform, including supported provisioning, scaling, and upgrade flows.About Immutable Infrastructure
User-Provisioned Infrastructure (UPI)Prepared by the user as physical or virtual machines.Managed by the user.Installed and managed by the platform after the user prepares nodes.Creating an On-Premise Cluster

IPI and UPI describe responsibility boundaries. They do not by themselves describe whether the control plane is hosted or dedicated, and they do not describe whether a third-party cluster has been imported or registered.

Existing third-party Kubernetes environments are covered under Kubernetes Ownership And Onboarding, because their Kubernetes distribution and lifecycle usually exist outside .

Control-Plane Topology

Control-plane topology explains where Kubernetes control plane components run.

TopologyMeaning 4.3 boundary
Dedicated control planeControl plane components run on control plane nodes in the target cluster.This is the normal topology for current production guidance.
Hosted Control PlaneEach hosted cluster has its own control plane, but the control plane runs as workloads on a management cluster. In , HCP is implemented through Kamaji (TenantControlPlane).Technology Preview, not production-supported, supports disconnected environments, and defaults to IPI only.

HCP is an architecture for the control plane. It is not a Core default capability and is not a peer concept to IPI or UPI.

For more information, see About Hosted Control Plane.

Kubernetes Ownership And Onboarding

Kubernetes ownership explains whether owns the Kubernetes lifecycle or whether the Kubernetes environment already exists outside .

ModelHow it enters the platformLifecycle boundary
lifecycle-managed workload clusterCreated through supported cluster workflows. manages the supported Kubernetes lifecycle for the selected model.
Third-party clusterOnboarded through import or register workflows. provides central governance and operations within documented prerequisites and caveats. The external cluster owner, distribution, or provider usually owns Kubernetes lifecycle, node lifecycle, and provider infrastructure lifecycle.

Managed Cluster is the current UI and navigation label for third-party cluster onboarding and management areas. For product-model planning, use Third-party cluster.

Import cluster and Register cluster are onboarding methods for third-party clusters:

Onboarding methodConnection modelUse when
Import clusterThe global cluster connects to the target cluster API server with supplied address, CA, and credentials.The platform can reach the target cluster API server and the operator can provide the required cluster information.
Register clusterA reverse proxy service in the target cluster initiates registration and establishes a tunnel to the platform.The target cluster should initiate the connection, or direct platform access to the target API server is restricted.

After onboarding, expected day-2 management is treated as the same at the Overview level. Provider and workflow-specific caveats still apply.

Third-Party Cluster Capability Boundaries

can provide these entry capabilities for third-party clusters when prerequisites are met:

  • Resource visibility and centralized governance.
  • Project and namespace association.
  • Application operations.
  • Operator and Cluster Plugin installation, subject to Extension compatibility.
  • Observability integration, subject to installed components, network paths, credentials, and provider caveats.

Third-party cluster onboarding does not mean that manages every Kubernetes version, provider operation, node operation, certificate, control-plane metric, audit source, ingress path, storage class, or Extension image on every third-party cluster.

For 4.3, third-party Kubernetes clusters are accepted for onboarding only in the range >=1.19.0 <1.35.0. Clusters outside that range are blocked from onboarding. Treat this range as an onboarding gate, not as a complete product validation matrix for every Kubernetes version, provider, operation, or Extension.

For the exact matrix and upgrade relationship, see Kubernetes Support Matrix and Version and Lifecycle.

Provider And Workflow Caveats

Use the following caveat categories to decide which provider or workflow documentation to check for provider-specific details.

Caveat categoryWhat to checkContinue with
Kubernetes lifecycleWhether Kubernetes installation or upgrade is managed by or by the external owner.Clusters Overview
Node lifecycleWhether adding, deleting, or scaling nodes is supported from the platform UI for the selected model.Node Management
ConnectivityWhether the global cluster and target cluster can reach the required endpoints and whether a platform URL annotation is needed.Network Configuration for Imported Clusters
CertificatesWhich certificates are visible or rotated by the platform for the selected workflow.Provider or onboarding workflow docs under Import Third-Party Clusters
Audit and metricsWhether audit data and control-plane metrics are available from the target environment.Audit and provider workflow docs
Ingress and storageWhether post-import initialization is required for ingress, load balancing, or storage classes.Public Cloud Cluster Initialization
Extension compatibilityWhether the exact Operator or Cluster Plugin version supports the target version and cluster model.Core and Extensions

If you need to choose what to read next, see Learn More.