kplane — Virtual Kubernetes Control Planes

2 min read Original article ↗

It's a
cluster f*ck

Run thousands of Kubernetes control planes on a single shared API server, megabytes of memory overhead per control plane.

What it is

A normal Kubernetes cluster gives you one control plane. kplane gives you as many as you want, each with its own RBAC, CRDs, and etcd path, running on infrastructure you already have.

1,000+

planes per shared core

Why

Built for density, isolation,
and speed.

Three primitives doing the heavy lifting so platform teams can stop pretending one cluster is enough.

01

Shared core architecture.

Single apiserver, shared storage, per-cluster isolation. Every plane runs lightweight without duplicating infrastructure.

02

Multi-cluster aware.

Controllers share caches and informers across clusters. No redundant watches, no wasted memory, no duplicated work.

03

Built-in governance.

CRD-backed policies with native RBAC inside each plane. Fine-grained access control at every boundary.

How it works

One server routes to many planes.

Every request is scoped to a cluster path. kplane enforces RBAC, admission, and storage boundaries before the request ever touches shared state.

kubectl·operators·helm

kplane apiserver

← shared, one process

path-routed requests

team-alpha

  • rbac
  • crds
  • etcd path

preview-9c3

  • rbac
  • crds
  • etcd path

ci-east-02

  • rbac
  • crds
  • etcd path

platform

  • rbac
  • crds
  • etcd path

Quick start

Make a cluster. Throw it away.

Four commands. No accounts, no cloud, no YAML to copy. Planes are cheap, create them freely.

It's Open Source. Go look at it.

Check it out on Github, read the code, file an issue, send a PR. Or just star it so you remember we exist.

Star on GitHubJoin the Discord