CloudRaya Documentation
Compute ServicesKubeRaya

Best Practices

Running Kubernetes successfully is not just about deploying containers. It’s about designing, operating, and securing clusters intentionally.

This page outlines best practices for running Kubernetes workloads in KubeRaya. These guidelines help you build clusters that are secure, scalable, predictable, and cost-aware.

Use this page as a decision guide. Each section links to deeper documentation where more detailed configuration and step-by-step guidance is required.

Design Clusters with Purpose

A Kubernetes cluster should have a clear and limited scope.

Best Practices

  • Use one cluster for one primary purpose
  • Avoid mixing unrelated workloads in the same cluster
  • Separate environments:
    • Development
    • Staging
    • Production
  • Keep clusters small, focused, and manageable

Well-scoped clusters are easier to operate, secure, and scale.

Expose Services Intentionally

By default, Kubernetes services are not public, and that is a good thing.

Best Practices

  • Use ClusterIP for internal communication
  • Expose services only when required
  • Prefer Ingress for web applications
  • Avoid NodePort for production workloads
  • Treat public exposure as a security decision, not a convenience

πŸ“„ See:

Apply Security by Default

Kubernetes security is a shared responsibility between the platform and your workloads.

Best Practices

  • Follow the principle of least privilege
  • Secure workloads at both:
    • Network level
    • Application level
  • Assume internal traffic is not automatically trusted
  • Avoid permissive defaults and broad access

Security should be designed in, not added later.

πŸ“„ See:

Scale Responsibly

Scaling Kubernetes clusters should be intentional and observable, not reactive.

Best Practices

  • Scale worker nodes, not control plane components
  • Understand platform limits before scaling
  • Use autoscaling only when workloads justify it
  • Monitor usage before increasing capacity

Uncontrolled scaling increases cost and operational risk.

πŸ“„ See: Scale Kubernetes Nodes

Manage Resource Usage Carefully

Kubernetes makes it easy to consume resources, sometimes too easy.

Best Practices

  • Size clusters based on real workload needs
  • Avoid over-provisioning nodes
  • Monitor CPU, memory, and pod distribution
  • Clean up unused workloads and clusters

Efficient resource management improves both stability and cost efficiency.

Operate Clusters Declaratively

Kubernetes is designed to be managed declaratively.

Best Practices

  • Use YAML manifests as the source of truth
  • Prefer declarative workflows over manual changes
  • Version-control configuration files
  • Avoid ad-hoc production changes

Declarative operations reduce drift and improve reliability.

Manage the Cluster Lifecycle

Kubernetes clusters are infrastructure, not permanent assets.

Best Practices

  • Create clusters intentionally
  • Scale only when required
  • Delete unused or obsolete clusters
  • Treat clusters as disposable when appropriate

πŸ“„ See:

Summary

Well-run Kubernetes environments share common traits:

  • Clear cluster boundaries
  • Minimal public exposure
  • Strong security defaults
  • Controlled scaling
  • Predictable operations

Following these best practices helps ensure your Kubernetes workloads in CloudRaya are secure by default, scalable by design, and easy to operate.

πŸ“„ Kubernetes Overview

πŸ“„ Cluster Architecture & Concepts

πŸ“„ Networking in Kubernetes

πŸ“„ Expose Services in Kubernetes

πŸ“„ Kubernetes Security Basics

πŸ“„ Scale KubeRaya Nodes

πŸ“„ Manage KubeRaya Cluster

Architecture & Concepts

Common Security Mistakes

Β© 2026 CloudRaya Product Team. All rights reserved.

On this page

Design Clusters with PurposeBest PracticesExpose Services IntentionallyBest PracticesApply Security by DefaultBest PracticesScale ResponsiblyBest PracticesManage Resource Usage CarefullyBest PracticesOperate Clusters DeclarativelyBest PracticesManage the Cluster LifecycleBest PracticesSummaryRelated Guides