Core Concepts

Before you start building with Okteto, it helps to understand the core concepts that underpin the platform. This section covers how Okteto works: how environments and access are organized, how networking and traffic routing are handled, how builds and configuration work, and how to monitor activity across your cluster.

Environment and access

Namespaces

Namespaces are isolated workspaces where development environments run. Each developer gets a personal namespace, and you can create shared namespaces for team collaboration.

Learn more about Namespaces →

Credentials

Okteto supports three types of credentials to access your environments:

• Kubernetes credentials — connect kubectl and other tools to your Okteto namespace
• Personal access tokens — authenticate CLI and API access
• Environment variables — manage secrets and configuration

User roles and permissions

Okteto uses role-based access control (RBAC) with two roles: Admin and Developer.

Learn more about roles and permissions →

Networking

Endpoints

Okteto automatically generates HTTPS endpoints for your deployed services, with SSL certificates managed for you.

• Automatic SSL — auto-generated HTTPS endpoints for your services
• Private endpoints — restrict access to internal services

Divert

Divert routes traffic across microservice environments so you only need to deploy the services you are modifying, connecting to shared versions of everything else.

Learn more about Divert →

Build and configuration

Okteto Manifest

The okteto.yaml file is the central configuration for building, deploying, testing, and developing your application in Okteto. It defines everything from build targets to dev container settings.

Learn more about the Okteto Manifest →

Okteto Variables

Okteto Variables let you save configuration values and inject them automatically at deployment time. Variables can be scoped to a namespace, user, or admin level.

Learn more about Okteto Variables →

Build Service

The Okteto Build Service builds container images remotely and pushes them automatically to the Okteto Registry.

Learn more about the Build Service →

Container registry

Each Okteto Namespace has its own space in the built-in container registry to store and pull images.

Learn more about the Okteto Registry →

Remote execution

Remote execution runs your deploy, test, and destroy commands in the cluster rather than on your local machine, ensuring consistent, reproducible operations.

Learn more about Remote Execution →

Data and observability

Insights dashboards

Okteto Insights tracks build times, deploy frequency, resource usage, and user activity across your cluster.

Learn more about Okteto Insights →

Volume snapshots

Volume snapshots let you initialize a persistent volume from a previous snapshot, so you can seed development databases with realistic data.

Learn more about Volume Snapshots →