Deploy a Kubernetes Cluster
AstroPulse supports two paths:
- Provision a new cluster — AstroPulse creates and manages the cluster in your cloud account (EKS, GKE, or AKS).
- Register an existing cluster — works with any cluster (EKS, GKE, AKS, on-prem, kind, minikube).
Free accounts can provision 1 cluster and register 3 existing clusters. See pricing.
Before You Start
- Complete Set Up AstroPulse and confirm
astroctl whoamishows the right org. - Have access to your cloud account (AWS, GCP, or Azure).
Option A: Provision a New Cluster
Choose your provider:
- AWS EKS
- Google GKE
- Azure AKS
- Self-Hosted (AWS)
- Self-Hosted (GCP)
Step 1 — Find your AWS credentials
You need your 12-digit AWS account ID. If you don't know it:
aws sts get-caller-identity --query Account --output text
Example output: 123456789012
Make sure the AWS CLI is configured for the account you want to deploy into. If not, run aws configure or set AWS_PROFILE.
Step 2 — Connect your AWS account
Run this once per cluster. Replace the values with your own:
astroctl cloud aws connect \
--account-id <YOUR_AWS_ACCOUNT_ID> \
--region <YOUR_REGION> \
--cluster-name <YOUR_CLUSTER_NAME>
Example:
astroctl cloud aws connect \
--account-id 123456789012 \
--region us-east-1 \
--cluster-name eks-dev
The CLI opens a pre-filled AWS CloudFormation link in your browser. Make sure you are logged into AWS account <YOUR_AWS_ACCOUNT_ID> in that browser tab, then click Create stack. The CLI waits and confirms when the IAM role is ready.
astroctl cloud aws regions list
Step 3 — Create cluster YAML
Save this as cluster.yaml and fill in your values:
apiVersion: platform.astropulse.io/v1
kind: K8sCluster
spec:
clusterName: <YOUR_CLUSTER_NAME> # same name you used in Step 2
provider: aws
region: <YOUR_REGION> # same region you used in Step 2 (e.g. us-east-1)
provisioner:
type: eks
eks:
accountId: "<YOUR_AWS_ACCOUNT_ID>" # 12-digit account ID from Step 1
credentials:
type: dynamic
clusterSpec:
dataPlane:
nodeGroups:
- name: default-pool
minNode: 1
maxNode: 3
instanceType: ondemand
machineTypes:
- t3.medium
labels:
environment: dev
Use the same clusterName and region you used in Step 2.
# List all types in your region
astroctl cloud aws machines list -r <YOUR_REGION>
# Filter by CPU and memory (MiB)
astroctl cloud aws machines list -r <YOUR_REGION> --cpuMin 2 --memMax 4096
Step 4 — Validate and apply
astroctl infra k8s apply -f cluster.yaml --dry-run
astroctl infra k8s apply -f cluster.yaml
Step 5 — Watch progress
astroctl infra k8s progress stream eks-dev
Step 6 — Verify
astroctl infra k8s get
astroctl infra k8s set-context eks-dev
kubectl get nodes
Step 1 — Find your GCP credentials
You need your GCP project ID. If you don't know it:
gcloud config get-value project
Example output: my-project-123456
Enable the GKE API if you haven't already:
gcloud services enable container.googleapis.com --project <YOUR_GCP_PROJECT_ID>
Step 2 — Connect your GCP project
Run this once per cluster. Replace the values with your own:
astroctl cloud gcp connect \
--project-id <YOUR_GCP_PROJECT_ID> \
--region <YOUR_REGION> \
--cluster-name <YOUR_CLUSTER_NAME>
Example:
astroctl cloud gcp connect \
--project-id my-project-123456 \
--region us-central1 \
--cluster-name gke-dev
The CLI generates a setup script and opens Google Cloud Shell in your browser. Cloud Shell uses your browser's active Google account — make sure it has access to <YOUR_GCP_PROJECT_ID>. In Cloud Shell, run the one-liner shown in the terminal. The CLI waits and confirms when the project is connected.
If you have gcloud installed locally, use --local to save the script and run it in your own terminal:
astroctl cloud gcp connect \
--project-id my-project-123456 \
--region us-central1 \
--cluster-name gke-dev \
--local
astroctl cloud gcp regions list
Step 3 — Create cluster YAML
Save this as cluster.yaml and fill in your values:
apiVersion: platform.astropulse.io/v1
kind: K8sCluster
spec:
clusterName: <YOUR_CLUSTER_NAME>
provider: gcp
region: <YOUR_REGION> # e.g. us-central1
provisioner:
type: gke
gke:
projectId: "<YOUR_GCP_PROJECT_ID>" # project ID from Step 1
credentials:
type: dynamic
# Fleet enrollment happens automatically — no manual steps needed.
clusterSpec:
dataPlane:
nodeGroups:
- name: default-pool
minNode: 1
maxNode: 3
instanceType: ondemand
machineTypes:
- e2-standard-2
labels:
environment: dev
Use the same clusterName and region you used in Step 2.
# List all types in your region
astroctl cloud gcp machines list -r <YOUR_REGION>
# Filter by CPU and memory (MiB)
astroctl cloud gcp machines list -r <YOUR_REGION> --cpuMin 2 --memMax 4096
Step 4 — Validate and apply
astroctl infra k8s apply -f cluster.yaml --dry-run
astroctl infra k8s apply -f cluster.yaml
Step 5 — Watch progress
astroctl infra k8s progress stream gke-dev
Step 6 — Verify
astroctl infra k8s get
astroctl infra k8s set-context gke-dev
kubectl get nodes
Step 1 — Find your Azure credentials
You need your Azure subscription ID and a resource group. If you don't know your subscription ID:
az account show --query id -o tsv
Example output: 12345678-1234-1234-1234-123456789abc
Create a resource group if you don't have one:
az group create --name <YOUR_RESOURCE_GROUP> --location <YOUR_REGION>
Example:
az group create --name rg-astropulse --location eastus
Step 2 — Connect your Azure subscription
Run this once per cluster. Replace the values with your own:
astroctl cloud azure connect \
--subscription-id <YOUR_SUBSCRIPTION_ID> \
--resource-group <YOUR_RESOURCE_GROUP> \
--region <YOUR_REGION> \
--cluster-name <YOUR_CLUSTER_NAME>
Example:
astroctl cloud azure connect \
--subscription-id 12345678-1234-1234-1234-123456789abc \
--resource-group rg-astropulse \
--region eastus \
--cluster-name aks-dev
The CLI saves a setup script named astro-azure-setup-<YOUR_CLUSTER_NAME>.sh in the current directory and prints instructions. Run that script in Azure Cloud Shell or any shell where az is logged into the target tenant:
bash astro-azure-setup-<YOUR_CLUSTER_NAME>.sh
The CLI waits and confirms when the subscription is connected.
astroctl cloud azure regions list
Azure requires the first node group (the system pool) to use instanceType: ondemand. Spot VMs are not allowed for system pools.
Step 3 — Create cluster YAML
Save this as cluster.yaml and fill in your values:
apiVersion: platform.astropulse.io/v1
kind: K8sCluster
spec:
clusterName: <YOUR_CLUSTER_NAME>
provider: azure
region: <YOUR_REGION> # e.g. eastus
provisioner:
type: aks
aks:
subscriptionId: "<YOUR_SUBSCRIPTION_ID>" # subscription ID from Step 1
resourceGroup: "<YOUR_RESOURCE_GROUP>" # resource group from Step 1
credentials:
type: dynamic
clusterSpec:
dataPlane:
nodeGroups:
# System pool: AKS node pool names must start with a lowercase letter,
# contain only lowercase alphanumeric characters, and be ≤12 chars (Linux pools).
- name: systempool
minNode: 2
maxNode: 3
instanceType: ondemand # required for system pools
machineTypes:
- Standard_D2s_v7
labels:
environment: dev
Use the same clusterName and region you used in Step 2.
# List all types in your region
astroctl cloud azure machines list -r <YOUR_REGION>
# Filter by CPU and memory (MiB)
astroctl cloud azure machines list -r <YOUR_REGION> --cpuMin 2 --memMax 4096
Step 4 — Validate and apply
astroctl infra k8s apply -f cluster.yaml --dry-run
astroctl infra k8s apply -f cluster.yaml
Step 5 — Watch progress
astroctl infra k8s progress stream aks-dev
Step 6 — Verify
astroctl infra k8s get
astroctl infra k8s set-context aks-dev
kubectl get nodes
Self-hosted runs Kubernetes on your own AWS EC2 infrastructure. The platform manages the full cluster lifecycle: creation, upgrades, and scaling.
Step 1 — Find your AWS credentials
aws sts get-caller-identity --query Account --output text
Example output: 123456789012
Step 2 — Run cloud setup
Run once per cluster. This creates the required IAM user, S3 state bucket, and policies, then stores everything in the platform vault automatically:
astroctl cloud aws selfHosted setup \
--account-id <YOUR_AWS_ACCOUNT_ID> \
--region <YOUR_REGION> \
--cluster-name aws-sh-dev
That's it — credentials and the state bucket are stored for you. Nothing to copy.
astroctl cloud aws regions list
Step 3 — Create cluster YAML
Save this as cluster.yaml:
apiVersion: platform.astropulse.io/v1
kind: K8sCluster
spec:
clusterName: <YOUR_CLUSTER_NAME> # must match --cluster-name from Step 2
provider: aws
region: <YOUR_REGION> # must match --region from Step 2 (e.g. us-east-1)
provisioner:
type: selfHosted
selfHosted:
accountId: "<YOUR_AWS_ACCOUNT_ID>" # 12-digit account ID from Step 1
credentials:
type: vault # uses credentials stored by setup command
clusterSpec:
controlPlane:
nodeGroup:
name: control-plane
machineTypes:
- t3.medium
dataPlane:
nodeGroups:
- name: worker-ng
minNode: 3
maxNode: 6
instanceType: ondemand
machineTypes:
- t3.medium
labels:
environment: dev
# List all types in your region
astroctl cloud aws machines list -r <YOUR_REGION>
# Filter by CPU and memory (MiB)
astroctl cloud aws machines list -r <YOUR_REGION> --cpuMin 2 --memMax 4096
Step 4 — Validate and apply
astroctl infra k8s apply -f cluster.yaml --dry-run
astroctl infra k8s apply -f cluster.yaml
Step 5 — Watch progress
astroctl infra k8s progress stream aws-sh-dev
Step 6 — Verify
astroctl infra k8s get
astroctl infra k8s set-context aws-sh-dev
kubectl get nodes
Self-hosted runs Kubernetes on your own GCP Compute Engine infrastructure. The platform manages the full cluster lifecycle: creation, upgrades, and scaling.
Step 1 — Find your GCP credentials
gcloud config get-value project
Example output: my-project-123456
Step 2 — Run cloud setup
Run once per cluster. This creates the required service account, GCS state bucket, and IAM roles, then stores everything in the platform vault automatically:
astroctl cloud gcp selfHosted setup \
--project-id <YOUR_GCP_PROJECT_ID> \
--region <YOUR_REGION> \
--cluster-name gcp-sh-dev
That's it — credentials and the state bucket are stored for you. Nothing to copy.
astroctl cloud gcp regions list
Step 3 — Create cluster YAML
Save this as cluster.yaml:
apiVersion: platform.astropulse.io/v1
kind: K8sCluster
spec:
clusterName: <YOUR_CLUSTER_NAME> # must match --cluster-name from Step 2
provider: gcp
region: <YOUR_REGION> # must match --region from Step 2 (e.g. us-central1)
provisioner:
type: selfHosted
selfHosted:
accountId: "<YOUR_GCP_PROJECT_ID>" # project ID from Step 1
credentials:
type: vault # uses credentials stored by setup command
clusterSpec:
controlPlane:
nodeGroup:
name: control-plane
machineTypes:
- e2-medium
dataPlane:
nodeGroups:
- name: worker-ng
minNode: 3
maxNode: 6
instanceType: ondemand
machineTypes:
- e2-medium
labels:
environment: dev
# List all types in your region
astroctl cloud gcp machines list -r <YOUR_REGION>
# Filter by CPU and memory (MiB)
astroctl cloud gcp machines list -r <YOUR_REGION> --cpuMin 2 --memMax 4096
Step 4 — Validate and apply
astroctl infra k8s apply -f cluster.yaml --dry-run
astroctl infra k8s apply -f cluster.yaml
Step 5 — Watch progress
astroctl infra k8s progress stream gcp-sh-dev
Step 6 — Verify
astroctl infra k8s get
astroctl infra k8s set-context gcp-sh-dev
kubectl get nodes
Option B: Register an Existing Cluster
If you already have a Kubernetes cluster, register it with AstroPulse. This works with any cluster — EKS, GKE, AKS, on-premises, or local (kind, minikube).
astroctl infra k8s register --cluster-name <YOUR_CLUSTER_NAME>
The CLI installs a lightweight agent that opens a secure reverse tunnel (mTLS) back to the platform. Your cluster's kubectl context must be active.
Dry-run (print the agent manifest without deploying):
astroctl infra k8s register --cluster-name <YOUR_CLUSTER_NAME> --dry-run
Check registration status:
astroctl infra k8s register status --cluster-name <YOUR_CLUSTER_NAME>
For split-team workflows and advanced options, see Bring Your Own Kubernetes Cluster.
Not sure about all the fields? Run the template command to get a fully annotated YAML with every option:
astroctl infra k8s template
Add --schema to see field types, required/optional status, and valid values.
You can provision and manage clusters from the AstroPulse Console without writing any YAML.
Useful References
Next Step
Continue with Deploy an Application.