UKS edge-aligned architecture overview<\/h2>\n\n\n\n
This tutorial deploys a simple three-tier Todo application on UKS using the CLI. Each YAML file defines a key component of the stack, and the setup follows a standard microservice architecture where each component runs as a Kubernetes workload. <\/p>\n\n\n\n
- \n
- The PostgreSQL database is deployed using a StatefulSet and configured with persistent storage.<\/li>\n\n\n\n
- The Backend runs as a Node.js\/Express<\/a> API service that handles requests and communicates with the database.<\/li>\n\n\n\n
- The Frontend runs as a lightweight NGINX web server exposed publicly to users.<\/li>\n<\/ul>\n\n\n\n
This environment demonstrates how UKS can host a self-contained, edge-style Kubernetes setup. All of the components run inside a private UpCloud network, storage remains local to the zone, and external traffic is routed through a single controlled entry point. This pattern mirrors how teams design clusters closer to their workloads or specific user regions.<\/p>\n\n\n\n
The key UKS components leveraged in this architecture include:<\/p>\n\n\n\n
- \n
- Servers (Nodes):<\/strong> Worker nodes provisioned by UKS to run your application pods.<\/li>\n\n\n\n
- Networking:<\/strong> A dedicated router and private network connect all cluster nodes securely, while an external Load Balancer routes incoming traffic to the frontend service.<\/li>\n\n\n\n
- Storage:<\/strong> MaxIOPS block storage attached to the PostgreSQL StatefulSet ensures low-latency data access and persistence across pod restarts.<\/li>\n\n\n\n
- Load Balancers:<\/strong> Managed by UpCloud, providing reliable external access and automatic traffic distribution across healthy frontend pods.
Control Plane:<\/strong> Fully managed by UpCloud, maintaining the Kubernetes API server, etcd, and other control-plane components so you can focus on workloads.<\/li>\n<\/ul>\n\n\n\n![\"-\"](\"https:\/\/upcloud.com\/media\/upcloud-kubernetes-topology-1024x683.png\")
<\/figure>\n\n\n\nArchitecture of the Todo application deployed on UpCloud Kubernetes Service (UKS), showing managed control plane, worker nodes, private networking, MaxIOPS storage, and external access through an UpCloud Load Balancer.<\/em><\/p>\n\n\n\n
This architecture is compact yet production-like, offering a practical foundation for running edge-ready workloads on UpCloud before extending similar configurations to smaller or on-premise environments.<\/p>\n\n\n\n
Let\u2019s start by setting up the environment and the required tools.<\/p>\n\n\n\n
Prerequisites<\/h2>\n\n\n\n
Before getting started, make sure the following requirements are in place:<\/p>\n\n\n\n
- \n
- Kubernetes CLI<\/a>
kubect<\/code> is installed locally.<\/li>\n\n\n\n- UpCloud CLI<\/a>
upctl<\/code> <\/strong>is installed and configured.<\/li>\n\n\n\n- An active UpCloud account<\/a>.<\/li>\n\n\n\n
- A subaccount with API access<\/a> (username and password) for CLI authentication.<\/li>\n<\/ul>\n\n\n\n
The subaccount must have the following permissions enabled:<\/p>\n\n\n\n
- \n
- Servers<\/strong> \u2013 Provision and manage virtual machines used as Kubernetes control plane and worker nodes.<\/li>\n\n\n\n
- Storages<\/strong> \u2013 Create persistent volumes, manage block storage for nodes, and handle container image or data storage.<\/li>\n\n\n\n
- Load Balancers<\/strong> \u2013 Expose services externally and distribute traffic across multiple pods or nodes.<\/li>\n\n\n\n
- Private Networks<\/strong> \u2013 Create isolated networks for internal cluster communication and secure node-to-node traffic.<\/li>\n\n\n\n
- Routers<\/strong> \u2013 Route traffic between private networks and connect cluster networks to the internet.<\/li>\n\n\n\n
- Kubernetes<\/strong> \u2013 Create, manage, and delete Kubernetes clusters.<\/li>\n\n\n\n
- API Connections<\/strong> \u2013 Allow CLI access to UpCloud\u2019s API for resource creation. For this tutorial, you can allow access from all addresses. In production, always restrict API access to specific IP ranges for security.<\/li>\n<\/ul>\n\n\n\n
Step 1: Create and populate the folder and file structure<\/h2>\n\n\n\n
- \n
- Start by creating a new project directory and the necessary files<\/li>\n<\/ol>\n\n\n\n
Run:<\/p>\n\n\n\n
mkdir upcloud_kubernetes_service\ncd upcloud_kubernetes_service\nTouch postgres-statefulset.yaml backend-deployment.yaml frontend-deployment.yaml .env<\/code><\/pre>\n\n\n\nAfter creating the files, your structure should look like this:<\/p>\n\n\n\n
upcloud_kubernetes_service\/\n\u251c\u2500 .env\n\u251c\u2500 backend-deployment.yaml\n\u251c\u2500 frontend-deployment.yaml\n\u251c\u2500 postgres-statefulset.yaml<\/code><\/pre>\n\n\n\n- \n
- Next, populate the files with code.<\/li>\n<\/ol>\n\n\n\n
Postgres-statefulset.yaml<\/h3>\n\n\n\n
Creates a PostgreSQL database using a StatefulSet (for stable storage) and a headless Service.<\/p>\n\n\n\n
It stores data persistently on a 10 GB UpCloud volume and configures credentials for the database
tododb<\/code>, usertodouser<\/code>, and passwordtodopass123<\/code>.<\/p>\n\n\n\nFor real deployments, make sure to use strong passwords and store credentials securely (for example, in Kubernetes Secrets) instead of hardcoding them.<\/p>\n\n\n\n
apiVersion: v1\nkind: Service\nmetadata:\nname: postgres\nspec:\nports:\n- port: 5432\nclusterIP: None\nselector:\n app: postgres\n---\napiVersion: apps\/v1\nkind: StatefulSet\nmetadata:\nname: postgres\nspec:\nserviceName: postgres\nreplicas: 1\nselector:\n matchLabels:\n app: postgres\ntemplate:\n metadata:\n labels:\n app: postgres\n spec:\n containers:\n - name: postgres\n image: postgres:15-alpine\n ports:\n - containerPort: 5432\n env:\n - name: POSTGRES_DB\n value: tododb\n - name: POSTGRES_USER\n value: todouser\n - name: POSTGRES_PASSWORD\n value: todopass123\n volumeMounts:\n - name: postgres-storage\n mountPath: \/var\/lib\/postgresql\/data\n subPath: postgres\nvolumeClaimTemplates:\n- metadata:\n name: postgres-storage\n spec:\n accessModes: [\"ReadWriteOnce\"]\n storageClassName: upcloud-block-storage-maxiops\n resources:\n requests:\n storage: 10Gi<\/code><\/pre>\n\n\n\nBackend-deployment.yaml<\/h3>\n\n\n\n
Deploys two replicas of a Node.js\/Express API server that handles the Todo app\u2019s CRUD operations.<\/p>\n\n\n\n
The backend connects to PostgreSQL, initializes the todos table on startup, and exposes port 3001 via a ClusterIP Service (internal access only). The application code is also included in the chart to reduce file management<\/p>\n\n\n\n
apiVersion: apps\/v1\nkind: Deployment\nmetadata:\nname: backend\nnamespace: todo-app\nspec:\nreplicas: 2\nselector:\n matchLabels:\n app: backend\ntemplate:\n metadata:\n labels:\n app: backend\n spec:\n containers:\n - name: backend\n image: node:18-alpine\n workingDir: \/app\n command: [\"\/bin\/sh\", \"-c\"]\n args:\n - |\n cat > \/app\/server.js << 'ENDJS'\n const express = require('express');\n const { Pool } = require('pg');\n const cors = require('cors');\n \n const app = express();\n app.use(cors());\n app.use(express.json());\n \n const pool = new Pool({\n host: 'postgres',\n database: 'tododb',\n user: 'todouser',\n password: 'todopass123',\n port: 5432,\n });\n \n const initDB = async () => {\n let retries = 5;\n while (retries > 0) {\n try {\n await pool.query(`\n CREATE TABLE IF NOT EXISTS todos (\n id SERIAL PRIMARY KEY,\n title TEXT NOT NULL,\n completed BOOLEAN DEFAULT FALSE,\n created_at TIMESTAMP DEFAULT NOW()\n )\n `);\n console.log('Database initialized');\n break;\n } catch (err) {\n console.log('Waiting for database...', err.message);\n retries--;\n await new Promise(resolve => setTimeout(resolve, 2000));\n }\n }\n };\n \n app.get('\/api\/todos', async (req, res) => {\n try {\n const result = await pool.query('SELECT * FROM todos ORDER BY id');\n res.json(result.rows);\n } catch (err) {\n res.status(500).json({ error: err.message });\n }\n });\n \n app.post('\/api\/todos', async (req, res) => {\n try {\n const { title } = req.body;\n const result = await pool.query(\n 'INSERT INTO todos (title) VALUES ($1) RETURNING *',\n [title]\n );\n res.json(result.rows[0]);\n } catch (err) {\n res.status(500).json({ error: err.message });\n }\n });\n \n app.delete('\/api\/todos\/:id', async (req, res) => {\n try {\n await pool.query('DELETE FROM todos WHERE id = $1', [req.params.id]);\n res.json({ success: true });\n } catch (err) {\n res.status(500).json({ error: err.message });\n }\n });\n \n app.get('\/health', (req, res) => {\n res.json({ status: 'ok' });\n });\n \n initDB().then(() => {\n app.listen(3001, '0.0.0.0', () => {\n console.log('Backend running on port 3001');\n });\n });\n ENDJS\n \n cd \/app\n npm init -y\n npm install express pg cors\n node server.js\n ports:\n - containerPort: 3001\n---\napiVersion: v1\nkind: Service\nmetadata:\nname: backend\nnamespace: todo-app\nspec:\ntype: ClusterIP\nselector:\n app: backend\nports:\n- port: 3001\n targetPort: 3001<\/code><\/pre>\n\n\n\nfrontend-deployment.yaml <\/h3>\n\n\n\n
Deploys two replicas of an Nginx web server with a lightweight HTML\/CSS\/JavaScript interface.<\/p>\n\n\n\n
It also includes an Nginx config that proxies
\/api\/*<\/code> requests to the backend service and exposes port 80 through a LoadBalancer Service for external access.<\/p>\n\n\n\napiVersion: v1\nkind: ConfigMap\nmetadata:\n name: nginx-config\n namespace: todo-app\ndata:\n default.conf: |\n server {\n listen 80;\n server_name _;\n \n location \/ {\n root \/usr\/share\/nginx\/html;\n index index.html;\n try_files $uri $uri\/ \/index.html;\n }\n \n location \/api\/ {\n proxy_pass http:\/\/backend:3001\/api\/;\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n }\n }\n---\napiVersion: apps\/v1\nkind: Deployment\nmetadata:\n name: frontend\n namespace: todo-app\nspec:\n replicas: 2\n selector:\n matchLabels:\n app: frontend\n template:\n metadata:\n labels:\n app: frontend\n spec:\n containers:\n - name: frontend\n image: nginx:alpine\n ports:\n - containerPort: 80\n volumeMounts:\n - name: html\n mountPath: \/usr\/share\/nginx\/html\n - name: nginx-config\n mountPath: \/etc\/nginx\/conf.d\n initContainers:\n - name: setup\n image: alpine\n command: [\"\/bin\/sh\", \"-c\"]\n args:\n - |\n cat > \/html\/index.html << 'HTMLEOF'\n <!DOCTYPE html>\n <html lang=\"en\">\n <head>\n <meta charset=\"UTF-8\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n <title>UpCloud K8s Todo App<\/title>\n <style>\n * { margin: 0; padding: 0; box-sizing: border-box; }\n body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); min-height: 100vh; padding: 20px; }\n .container { max-width: 600px; margin: 0 auto; background: white; border-radius: 15px; box-shadow: 0 20px 60px rgba(0,0,0,0.3); padding: 30px; }\n h1 { color: #667eea; margin-bottom: 10px; text-align: center; }\n .subtitle { text-align: center; color: #666; margin-bottom: 30px; font-size: 14px; }\n .input-group { display: flex; gap: 10px; margin-bottom: 20px; }\n input { flex: 1; padding: 12px; border: 2px solid #e0e0e0; border-radius: 8px; font-size: 16px; }\n button { padding: 12px 24px; background: #667eea; color: white; border: none; border-radius: 8px; cursor: pointer; font-size: 16px; transition: background 0.3s; }\n button:hover { background: #5568d3; }\n .todo-item { display: flex; justify-content: space-between; align-items: center; padding: 15px; background: #f8f9fa; margin-bottom: 10px; border-radius: 8px; animation: fadeIn 0.3s; }\n @keyframes fadeIn { from { opacity: 0; transform: translateY(-10px); } to { opacity: 1; transform: translateY(0); } }\n .delete-btn { background: #dc3545; padding: 8px 16px; font-size: 14px; }\n .delete-btn:hover { background: #c82333; }\n .empty { text-align: center; color: #999; padding: 40px; }\n .status { text-align: center; padding: 10px; margin-bottom: 20px; border-radius: 8px; display: none; }\n .status.error { background: #fee; color: #c00; display: block; }\n .status.success { background: #efe; color: #0a0; display: block; }\n <\/style>\n <\/head>\n <body>\n <div class=\"container\">\n <h1>\ud83d\ude80 UpCloud K8s Todo App<\/h1>\n <p class=\"subtitle\">Powered by Kubernetes on UpCloud<\/p>\n <div id=\"status\" class=\"status\"><\/div>\n <div class=\"input-group\">\n <input type=\"text\" id=\"todoInput\" placeholder=\"Enter a new todo...\" onkeypress=\"if(event.key==='Enter') addTodo()\">\n <button onclick=\"addTodo()\">Add Todo<\/button>\n <\/div>\n <div id=\"todoList\"><\/div>\n <\/div>\n <script>\n const API_URL = '\/api';\n \n function showStatus(message, isError = false) {\n const status = document.getElementById('status');\n status.textContent = message;\n status.className = 'status ' + (isError ? 'error' : 'success');\n setTimeout(() => status.className = 'status', 3000);\n }\n \n async function loadTodos() {\n try {\n const res = await fetch(API_URL + '\/todos');\n if (!res.ok) throw new Error('Failed to load todos');\n const todos = await res.json();\n const list = document.getElementById('todoList');\n if (todos.length === 0) {\n list.innerHTML = '<div class=\"empty\">\ud83d\udcdd No todos yet. Add one above!<\/div>';\n } else {\n list.innerHTML = todos.map(todo => `\n <div class=\"todo-item\">\n <span>${escapeHtml(todo.title)}<\/span>\n <button class=\"delete-btn\" onclick=\"deleteTodo(${todo.id})\">Delete<\/button>\n <\/div>\n `).join('');\n }\n } catch (err) {\n showStatus('\u274c Error loading todos: ' + err.message, true);\n document.getElementById('todoList').innerHTML = '<div class=\"empty\">\u26a0\ufe0f Could not connect to backend<\/div>';\n }\n }\n \n function escapeHtml(text) {\n const div = document.createElement('div');\n div.textContent = text;\n return div.innerHTML;\n }\n \n async function addTodo() {\n const input = document.getElementById('todoInput');\n const title = input.value.trim();\n if (!title) return;\n try {\n const res = await fetch(API_URL + '\/todos', {\n method: 'POST',\n headers: { 'Content-Type': 'application\/json' },\n body: JSON.stringify({ title })\n });\n if (!res.ok) throw new Error('Failed to add todo');\n input.value = '';\n showStatus('\u2705 Todo added!');\n loadTodos();\n } catch (err) {\n showStatus('\u274c Error: ' + err.message, true);\n }\n }<\/code><\/pre>\n\n\n\n.env<\/h3>\n\n\n\n
Holds your UpCloud sub-account credentials used to authenticate the CLI.<\/p>\n\n\n\n
While this file is referenced in the tutorial for simplicity, note that the demo application hardcodes configuration values directly in the YAML files.<\/p>\n\n\n\n
In production, always store credentials securely using Kubernetes Secrets or ConfigMaps.<\/p>\n\n\n\n
export UPCLOUD_USERNAME=\"Your_sub_account_username\"\nexport UPCLOUD_PASSWORD=\"Your_sub_account_password\"<\/code><\/pre>\n\n\n\nStep 2: Authenticate the UpCloud CLI<\/h2>\n\n\n\n
Make sure you are in the root of the project directory
upcloud_kubernetes_service<\/code>. Load your credentials into the shell:<\/p>\n\n\n\nsource .env<\/code><\/pre>\n\n\n\nStep 3: Create a router<\/h2>\n\n\n\n
Run the following commands:<\/p>\n\n\n\n
upctl router create --name todo-app-router\nupctl router list<\/code><\/pre>\n\n\n\nCopy the router UUID from
upctl router list<\/code>. You will use it when creating the network.<\/p>\n\n\n\nStep 4: Create a private network<\/h2>\n\n\n\n
Replace the router UUID with the one you created in Step 3. <\/p>\n\n\n\n
upctl network create --name todo-app-network --zone de-fra1 --ip-network address=172.16.0.0\/24,dhcp=true, --router <UUID>\nupctl network list<\/code><\/pre>\n\n\n\nCopy the network UUID when after running
upctl network list<\/code> for the cluster step.<\/p>\n\n\n\nStep 5: Create a UKS cluster<\/h2>\n\n\n\n
Replace the network UUID with the value from Step 4. After creation the cluster, run the kubernetes list command to show the cluster and its cluster UUID.<\/p>\n\n\n\n
upctl kubernetes create --name my-todo-app --network <UUID> --node-group count=2,name=my-todo-app-node-group,plan=2xCPU-4GB, --zone de-fra1\nupctl kubernetes list<\/code><\/pre>\n\n\n\nStep 6: Get cluster credentials and access<\/h2>\n\n\n\n
You will need your cluster, node group identifiers, and a kubeconfig to talk to the running cluster.<\/p>\n\n\n\n
- \n
- Inspect the cluster and node group<\/li>\n<\/ol>\n\n\n\n
Use these to view details about the cluster, which includes the version, zones, operational status and also the node group.<\/p>\n\n\n\n
upctl kubernetes show my-todo-app\nupctl kubernetes node-group show <cluster_UUID> --name my-todo-app-node-group<\/code><\/pre>\n\n\n\nMake sure your cluster operational state indicates running and node groups are created before moving to the next step.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/upcloud-upctl-show-kubernetes-app.png\")
<\/figure>\n\n\n\n- \n
- Temporarily allow your IP to reach the Kubernetes API<\/li>\n<\/ol>\n\n\n\n
For this tutorial, you\u2019ll temporarily allow access from any IP so you can fetch credentials from your current machine without restrictions. In a production environment, however, its best to restrict access to your office or VPN IP range.<\/p>\n\n\n\n
upctl kubernetes modify <cluster_UUID> --kubernetes-api-allow-ip 0.0.0.0\/0<\/code><\/pre>\n\n\n\n- \n
- Generate a kubeconfig for the cluster<\/li>\n<\/ol>\n\n\n\n
This exports a context that
kubectl<\/code> can use. The outputed file from the command below includes the cluster endpoint, certificate data, and an authentication token.<\/p>\n\n\n\nupctl kubernetes config <cluster_UUID> --output yaml --write .\/my_kubeconfig.yaml<\/code><\/pre>\n\n\n\n- \n
- Activate the context locally<\/li>\n<\/ol>\n\n\n\n
Replace your current kubeconfig temporarily so kubectl picks the UKS context by default.<\/p>\n\n\n\n
cp ~\/.kube\/config ~\/.kube\/config.backup\ncp my_kubeconfig.yaml ~\/.kube\/config<\/code><\/pre>\n\n\n\n- \n
- Verify connectivity<\/li>\n<\/ol>\n\n\n\n
Confirm you can talk to the control plane and list worker nodes.<\/p>\n\n\n\n
kubectl get nodes<\/code><\/pre>\n\n\n\nConfirm that the nodes are ready<\/p>\n\n\n\n
<\/figure>\n\n\n\nStep 7: Create and target the namespace<\/h2>\n\n\n\n
kubectl create namespace todo-app\nkubectl config set-context --current --namespace=todo-app<\/code><\/pre>\n\n\n\nStep 8: Deploy the application<\/h2>\n\n\n\n
- \n
- Apply the Postgres manifest <\/li>\n<\/ol>\n\n\n\n
Make sure Postgres is fully up before applying the backend to avoid connection retries stacking.<\/p>\n\n\n\n
kubectl apply -f postgres-statefulset.yaml \n# wait until Postgres is Running\nkubectl get StatefulSet -n todo-app<\/code><\/pre>\n\n\n\nConfirm that Postgres Ready status is 1\/1 before deploying the other workloads<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/upcloud-kubectl-get-statefulset.png\")
<\/figure>\n\n\n\n- \n
- Apply the backend and frontend manifest files.<\/li>\n<\/ol>\n\n\n\n
kubectl apply -f backend-deployment.yaml\nkubectl apply -f frontend-deployment.yaml<\/code><\/pre>\n\n\n\nStep 9: Check status and get the app endpoint<\/h2>\n\n\n\n
Once all deployments are applied, verify that the pods and services are running correctly:<\/p>\n\n\n\n
kubectl get pods -n todo-app\nkubectl get services -n todo-app # look for the frontend Service external IP<\/code><\/pre>\n\n\n\nLook for the frontend Service in the list.<\/p>\n\n\n\n
Its EXTERNAL-IP field shows the public load balancer address created by UpCloud.<\/p>\n\n\n\n
It typically looks something like this:<\/p>\n\n\n\n
lb-0ab9bf7da911436eb0feae1fc329bcfc-1.upcloudlb.com<\/code><\/pre>\n\n\n\nCopy your unique address and open it in a browser to access the Todo application.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/upcloud-kubernetes-to-do-app-1024x217.png\")
<\/figure>\n\n\n\nStep 10: Clean up<\/h2>\n\n\n\n
After inspecting and testing the cluster, run the following commands to clean up the cluster.<\/p>\n\n\n\n
# 1) Delete namespace (removes app resources)\nkubectl delete namespace todo-app\n\n# 2) Check if LoadBalancers are gone\nupctl load-balancer list\n# If any remain, delete manually:\nupctl load-balancer delete <LOADBALANCER_UUID>\n\n# 3) Delete the cluster (nodes are removed automatically)\nupctl kubernetes delete my-todo-app\n\n# Wait till the kubernetes cluster has been terminated completely before running the other cleanup commands.\n# 4) Inspect leftover infrastructure\nupctl network list --zone de-fra1\nupctl router list\nupctl storage list\n\n# 5) Delete network, router, and any orphaned storage\nupctl network delete <NETWORK_UUID>\nupctl router delete <ROUTER_UUID>\nupctl storage delete <STORAGE_UUID><\/code><\/pre>\n\n\n\nThe tutorial above demonstrates how straightforward it is to spin up a Kubernetes cluster on UpCloud and deploy workloads within it. It also highlights how simple it is to clean up your environment when you\u2019re done.<\/p>\n\n\n\n
Next, let\u2019s look at some troubleshooting tips you can use if you run into issues while setting up or managing your cluster.<\/p>\n\n\n\n
Troubleshooting Guide<\/h2>\n\n\n\n
1. API Access Denied<\/p>\n\n\n\n
Error:<\/strong> UNAUTHORIZED_ADDRESS<\/p>\n\n\n\n
Cause:<\/strong> The base IP from the computer used for CLI maybe not be whitelisted for API access.<\/p>\n\n\n\n
Fix:<\/strong> Add your current IP in UpCloud \u2192 Account \u2192 Sub-accounts \u2192 API Access.<\/p>\n\n\n\n
curl -s https:\/\/api.ipify.org # find your IP<\/code><\/pre>\n\n\n\n2. Network Creation Fails<\/p>\n\n\n\n
Error:<\/strong> ROUTER_INVALID or<\/strong> DHCP not<\/strong> enabled
Cause:<\/strong> Your router UUID could be missing, or DHCP is disabled.
Fix:<\/strong><\/p>\n\n\n\nupctl router create --name todo-app-router\nupctl network create --name todo-app-network --zone de-fra1 --ip-network address=172.16.0.0\/24,dhcp=yes, --router <ROUTER_UUID><\/code><\/pre>\n\n\n\n3. kubectl Connection Errors<\/p>\n\n\n\n
Error: localhost refused or EOF
Fix:<\/p>\n\n\n\n- \n
- Regenerate kubeconfig:<\/li>\n<\/ul>\n\n\n\n
upctl kubernetes config <CLUSTER_UUID> --output yaml --write .\/kubeconfig.yaml<\/code><\/pre>\n\n\n\n- \n
- Ensure your IP is allowed:<\/li>\n<\/ul>\n\n\n\n
upctl kubernetes modify <CLUSTER_UUID> --kubernetes-api-allow-ip 0.0.0.0\/0<\/code><\/pre>\n\n\n\n4. Backend deployment fails to connect to Database<\/strong><\/p>\n\n\n\n
Error: relation “todos” does not exist<\/p>\n\n\n\n
Fix:<\/strong><\/p>\n\n\n\n
Restart backend after PostgreSQL is ready:<\/p>\n\n\n\n
kubectl rollout restart deployment\/backend -n todo-app<\/code><\/pre>\n\n\n\nUseful Debug Commands<\/p>\n\n\n\n
kubectl get pods -n todo-app\nkubectl describe pod <NAME> -n todo-app\nkubectl logs <NAME> -n todo-app\nkubectl get svc -n todo-app\nkubectl get events -n todo-app --sort-by=.lastTimestamp<\/code><\/pre>\n\n\n\nWrapping up<\/h2>\n\n\n\n
By this point, you\u2019ve gone from creating your own network and router to deploying a working application on an edge-ready UpCloud Kubernetes Service, all from the command line. You\u2019ve seen how flexible the UpCloud CLI can be for setting up clusters, managing workloads, and keeping your environment clean when you\u2019re done.<\/p>\n\n\n\n
Now that you\u2019ve had hands-on experience with UKS, it\u2019s easier to appreciate how straightforward it is to set up. Despite its simplicity, UKS lets you deploy clusters with smaller-sized worker nodes, connect to high-performance MaxIOPS storage<\/a>, and maintain data residency within your chosen region.<\/p>\n\n\n\n
In our next article, we\u2019ll compare how UKS stacks up against other managed Kubernetes platforms in real-world edge and distributed scenarios.<\/p>\n\n\n\n
- Ensure your IP is allowed:<\/li>\n<\/ul>\n\n\n\n
- Regenerate kubeconfig:<\/li>\n<\/ul>\n\n\n\n
- Apply the backend and frontend manifest files.<\/li>\n<\/ol>\n\n\n\n
- Apply the Postgres manifest <\/li>\n<\/ol>\n\n\n\n
- Verify connectivity<\/li>\n<\/ol>\n\n\n\n
- Activate the context locally<\/li>\n<\/ol>\n\n\n\n
- Generate a kubeconfig for the cluster<\/li>\n<\/ol>\n\n\n\n
- Temporarily allow your IP to reach the Kubernetes API<\/li>\n<\/ol>\n\n\n\n
- Inspect the cluster and node group<\/li>\n<\/ol>\n\n\n\n
- Next, populate the files with code.<\/li>\n<\/ol>\n\n\n\n
- Storages<\/strong> \u2013 Create persistent volumes, manage block storage for nodes, and handle container image or data storage.<\/li>\n\n\n\n
- UpCloud CLI<\/a>
- Networking:<\/strong> A dedicated router and private network connect all cluster nodes securely, while an external Load Balancer routes incoming traffic to the frontend service.<\/li>\n\n\n\n
- The Frontend runs as a lightweight NGINX web server exposed publicly to users.<\/li>\n<\/ul>\n\n\n\n