Project Configuration


A project is a list of services that share the same configuration. Through a project, you can manage your services, your cloud provider configuration and policies, and who can access it.

All services deployed within the same project will share the following:

  1. Cloud provider infrastructure
  2. Network
  3. Docker registry credentials
  4. Secrets
  5. DNS domain
  6. SSL configuration

Projects are also used to collaborate. Via the project’s access configuration you can determine who can access the services information and the project’s configuration.

Project Settings

The project configuration is split into three sections: Provider, Access, Secrets and Docker credentials.


The provider configuration section holds all the information related to your cloud provider. The required values will change depending on the type of provider you choose.


For kubernetes, you will need to provide a Username and Password of a kubernetes user with access to your cluster, the
Endpoint and the CA Certificate of your cluster.

kubernetes configuration

In this type of project, all services deployed in the same project will share the same namespace. This will be automatically created by okteto.

More information on this type of project is available here.


The access configuration section will determine who can access your project and which type of resources she will be able to access. Okteto supports two levels of access:

  1. Users: Each user on the list will be able to deploy, upgrade and destroy services in this project.
  2. Administrators: Each user on the list will be able to modify and delete the project, as well as everything that a regular user has access to.

Access configuration

When you add a new user to your project, she will receive an invitation email to your project.


The Secrets section is used to set values that you don’t want to have declared on every service in your project (e.g a database password). They work just like environment variables, and can be used by any service in the project.

When adding secrets, keep in mind the following restrictions:

  1. The name must be unique across the project.
  2. The name can only contain ASCII letters, digits and underscores
  3. The name is case sensitive
  4. The name can’t start with a number, or include break lines or non-printable characters.

project secrets

In your service, you can use the secret name instead of the value in the environment section. During deployment time, okteto will replace it with the value. See the service reference for more information on this.

Registry Credentials

This section is optional. This is useful if you’re using private container images in your services.

By default, the Docker Hub endpoint is provided, but you can also configure any other registry by filling the server field. The username and password must be valid credentials in your registry server.

Advanced Settings

By pressing the code icon on the top right, you can see your project’s configuration as a yaml file.

kubernetes configuration

This can be useful when copying configurations across projects, or for setting up advanced options not yet supported by the form mode.

Advanced settings