Your own namespace
tenant-<you> with full edit rights — deploy Deployments, Services, ConfigMaps,
Secrets, PVCs. Other tenants and the cluster internals are off-limits.
dubcluster
Shared homelab compute. Bring your containers, get a sandbox, deploy.
What you get
Section titled “What you get”When you’re onboarded, you get your own namespace on the cluster — a private sandbox where you can run containers. You can deploy, scale, and tear down workloads freely inside it, but you can’t see or touch anyone else’s. Everything is reachable privately over Tailscale; nothing is exposed to the public internet unless you explicitly publish it.
Private by default
Reach the cluster over Tailscale, log in with your Google account. No VPN configs, no passwords, nothing on the public internet.
Strong isolation
Your pods run in lightweight VMs (Kata Containers), so even a container breakout stays trapped — it can’t reach the host or other tenants.
Public URLs on request
Want your app reachable from the web? It can get a *.dubnubdubnub.com URL with automatic
HTTPS — see Make an app public.
The three-minute version
Section titled “The three-minute version”- Install Tailscale and accept the invite to the tailnet.
- Save the kubeconfig you were sent into
~/.kube/. - Install
kubectl+kubelogin, run a command, log in with Google.
Full walkthrough → Connect to the cluster.