Skip to content

Kubernetes quick start

This page is for people who are familiar with Kubernetes in general, and want to start using it as quickly as possible.

Requesting access

In order to obtain access to Kubernetes, please submit a Kubernetes request . Alternatively you can email your request to .

Polices set access at the tenant/namespace level. This means that you get a namespace and give access to that specific namespace, mostly with administrator permissions.

UTHPC uses a kubeconfig file to configure access to Kubernetes. Certificate and token are inside kubeconfig file. This means you need to have kubectl installed.


UTHPC provides several different functionalities/modules via different Kubernetes applications.

Current capabilities:

  • Integration with HashiCorp Vault for secrets management.
  • Capsule for multi-tenancy and policy-based environments.
  • Longhorn for persistent storage.
  • Nginx ingress controller for publishing applications to the internal network.

In case you need…

Here's a quick information panel what to do in certain situations.

Publish your app to outside world

To control and enforce best practices, monitoring, and security, then publishing to outside world isn't possible by yourself. UTHPC team does it through HTTP Proxy cluster called If you need to publish an app/software, please contact UTHPC support together with the name/port of your services, and the domain you would like to use.

UTHPC admins direct the domain to HTTP Proxy cluster, install HTTPS certificates on the proxy, and route the traffic through the proxies to your domain. It's also possible to enable any specific settings on the proxy level.

You need a database

While you can run a database on Kubernetes yourself, even Google raises some considerations about this.

If you wish to have a separately hosted and managed database, please contact UTHPC support, together with information what kind of database engine do you need.

Persistent storage

You can ask for persistent storage using the StorageClasses feature with a Persistent Volume Claim (PVC) in Kubernetes. Please keep your requests limited, as the space and performance of a PVC are tightly related.

Example of using a PVC in Kubernetes, asking for a 2Gi large PVC, and mounting it to /data inside an NGINX container.

apiVersion: v1
kind: PersistentVolumeClaim
  name: longhorn-volv-pvc
    - ReadWriteOnce
      storage: 2Gi
apiVersion: v1
kind: Pod
  name: volume-test
  namespace: default
  - name: volume-test
    image: nginx:stable-alpine
    imagePullPolicy: IfNotPresent
    - name: volv
      mountPath: /data
    - containerPort: 80
  - name: volv
      claimName: longhorn-volv-pvc

Continuous delivery to deploy to Kubernetes

There's two main ways to provide programmatic access to the Kubernetes.

One way is for the administrator of a namespace to create appropriate Service Accounts to the namespace, and with RoleBindings allow appropriate access.

The other way is to use ArgoCD, at , which allows you to also manage the lifecycle of the app.