Okteto Bring Your Own Cloud (BYOC)

Okteto’s Bring Your Own Cloud (BYOC) offering allows you to run Okteto on your own cloud infrastructure while still enjoying the benefits of a fully managed experience.

This is ideal for teams who need to meet strict security or compliance requirements, operate at high-scale, require custom infrastructure configurations, or simply want to maintain full control over their environments with a SaaS-like experience.

We currently support BYOC on:

• Amazon Web Services (AWS)
• Google Cloud Platform (GCP)

How the BYOC Model Works

With BYOC, you bring the cloud provider account; we bring the platform and operational expertise.

• You provision and secure the cloud account
• Okteto creates the all the necessary cloud infrastructure and software components
• Our team manages and maintains Okteto on your cloud, including upgrades, monitoring, and incident response
• You retain full ownership of your cloud environment and data

🤝 What You Can Expect from Okteto

When you connect your cloud to Okteto:

• Okteto installs and manages its components in your cloud
• Our team handles upgrades, patching, and observability of Okteto services
• You retain full control of your cluster and data, Okteto only interacts with workloads required for our platform to function
• Continuous monitoring and observability of Okteto services
• Support and guidance is provided by our team throughout your journey

⚠️ Important: Cluster Management Restrictions

Do not manually modify cluster infrastructure directly in your cloud provider console or CLI, even though you have the necessary permissions.

What You Should Not Modify

• Kubernetes cluster configuration (node pools, machine types, disk sizes, etc.)
• Resources in Okteto-managed namespaces (including okteto, default, and system namespaces)
• Infrastructure managed by Okteto's configuration management
• Load balancers, networking, or storage resources created by Okteto

Why This Is Critical

Manual modifications to cluster infrastructure create several serious problems:

1. Infrastructure State Conflicts: Okteto manages your cluster infrastructure with automated daily reconciliation. Manual changes create state inconsistencies that can cause:

   • Automatic reversion of your changes during the next reconciliation
   • Configuration management failures that prevent critical updates
   • Unintended resource deletions or recreations

2. SLA and Support Impact: When you modify infrastructure directly, Okteto cannot guarantee our SLA commitments. The remediation for issues may be entirely on your side, outside of our control.

3. Missing Context: Okteto's infrastructure is configured based on specific architectural decisions and requirements. Manual changes without this context can cause unexpected side effects or service degradation.

4. Monitoring and Alerting: Direct modifications can trigger false alerts for our SRE team and mask real issues that need attention.

What To Do Instead

If you need infrastructure changes or want to install additional tools:

• Contact Okteto first - reach out to your Okteto representative or support team
• We'll coordinate the change through proper channels to ensure it's compatible with our managed infrastructure
• For approved changes, we'll implement them through our infrastructure management tooling to maintain consistency

If you manage infrastructure yourself, the BYOC model is not the right fit. BYOC means Okteto manages the cluster while you retain ownership of the cloud account and data.

Getting Started

Ready to get started? Head to the BYOC Onboarding Guide for your cloud provider:

• Amazon Web Services (AWS)
• Google Cloud Platform (GCP)