Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Connection method overview

Written by
Updated at August 11, 2025

You can connect to a Managed Service for Kubernetes cluster using the following methods:

  • Over the internet if you configured public access for the cluster when creating it.
  • From Yandex Cloud virtual machines located in the same cloud network.

To connect to a cluster, you can use:

To connect to cluster nodes, follow the instructions in Connecting to a node over SSH.

Tip

For integration with GitLab, we recommend using the GitLab Runner application installed in the cluster. For more information, see Continuous deployment of containerized applications using GitLab.

Configuring security groups

Security groups may block cluster connections. To manage a cluster using kubectl, you must have rules in security groups that allow access to the Kubernetes API. If you need a step-by-step guide on setting up rules, see Rules to access the Kubernetes API.

Connecting to a cluster

When connecting to a Kubernetes cluster, the user logs in to Yandex Identity and Access Management and is granted access based on the assigned role. To log in, you must install the Yandex Cloud command-line interface (CLI).

If you do not have the Yandex Cloud CLI installed yet, install and initialize it.

By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.

To connect to your cluster:

  1. Install kubectl.

  2. Add credentials to the kubectl configuration file depending on the type of the IP address of the cluster you are connecting to:

    To get credentials to connect to the cluster's public IP address via the internet, run this command:

    yc managed-kubernetes cluster \
   get-credentials <cluster_name_or_ID> \
   --external

    You can also view the connection command in the management console on the cluster page under Access.

    If you created your cluster with no public IP address, this cluster can only be connected to using its internal IP.

    To get credentials to connect to the cluster's internal IP address from a VM located in the same network, run this command:

    yc managed-kubernetes cluster \
   get-credentials <cluster_name_or_ID> \
   --internal

    You can also view the connection command in the management console on the cluster page under Access.

    Note

    By default, credentials are added to the $HOME/.kube/config file. If you need to change the configuration location, use the --kubeconfig <file_path> parameter.

  3. Make sure the cluster is accessible:

    kubectl cluster-info

    If kubectl is configured correctly, the command will return cluster information.

Connecting using a static configuration

If you cannot use the Yandex Cloud CLI for some reason, connect to a cluster using static configuration files.

Previous
Installing applications from Yandex Cloud Marketplace using Terraform
Next
Configuring security groups