Contact UsTry it for free
© 2026 Direct Cursus Technology L.L.C.

Connection method overview

Written by
Updated at January 26, 2026

You can connect to a Managed Service for Kubernetes cluster in the following ways:

  • Over the internet if you configured public access to the cluster when creating it.
  • From Yandex Cloud virtual machines located in the same cloud network.

To connect to a cluster, you can use:

To connect to cluster nodes, follow the steps in Connecting to a node over SSH.

Tip

For integration with GitLab, we recommend using the GitLab Runner application installed in the cluster. Learn more in Continuous deployment of containerized applications using GitLab.

Configuring security groups

Security groups may block cluster connections. To manage a cluster using kubectl, you must have rules in security groups that allow access to the Kubernetes API. If you need a step-by-step guide on setting up rules, see Rules to access the Kubernetes API.

Connecting to a cluster

When connecting to a Kubernetes cluster, the user logs in to Yandex Identity and Access Management and gets access permissions based on the assigned role. To log in, install the Yandex Cloud command-line interface (CLI).

If you do not have the Yandex Cloud CLI installed yet, install and initialize it.

By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.

To connect to your cluster:

  1. Install kubectl.

  2. Add credentials to the kubectl configuration file depending on the type of IP address of the cluster you are connecting to:

    To get credentials to connect to the cluster's public IP address from the internet, run this command:

    yc managed-kubernetes cluster \
   get-credentials <cluster_name_or_ID> \
   --external

    You can also view the connection command in the management console on the cluster page under Access.

    If you created your cluster without a public IP address, you can only connect to this cluster using its internal IP address.

    To get credentials to connect to the cluster's internal IP address from a VM located in the same network, run this command:

    yc managed-kubernetes cluster \
   get-credentials <cluster_name_or_ID> \
   --internal

    You can also view the connection command in the management console on the cluster page under Access.

    Note

    By default, credentials are added to the $HOME/.kube/config file. If you need to change the configuration location, use the --kubeconfig <file_path> parameter.

  3. Make sure the cluster is accessible:

    kubectl cluster-info

    If kubectl is configured correctly, the command will return cluster information.

Connecting using a static configuration

If you cannot use the Yandex Cloud CLI for some reason, connect to a cluster using static configuration files.

Previous
Installing applications from Yandex Cloud Marketplace using Terraform
Next
Configuring security groups