Skip to main content
Install Qovery on your Scaleway account and deploy a fully managed Kubernetes cluster (Kapsule) in less than 20 minutes.

Overview

Qovery simplifies Scaleway Kapsule management by:
  • Automating Kapsule cluster creation and configuration
  • Managing networking, load balancers, and DNS
  • Providing built-in monitoring and logging
  • Handling rolling updates and scaling
  • Securing your infrastructure with best practices

Fully Managed

Qovery creates and manages your Kapsule cluster automatically

EU Data Sovereignty

All data stays in Europe - Paris, Amsterdam, or Warsaw

Cost Effective

Free control plane + competitive instance pricing

GDPR Compliant

European cloud provider with built-in GDPR compliance

Prerequisites

Before you begin, ensure you have:
Scaleway Account: Active Scaleway account with billing enabled
Scaleway Project: A project created (or use default project)
Qovery Account: Free account at console.qovery.com
IAM Access: Ability to create applications and API keys

Why Choose Scaleway?

  • All data centers located in Europe (Paris, Amsterdam, Warsaw)
  • GDPR compliant by design
  • No data transfer outside EU
  • Sovereignty for sensitive workloads
  • Free Kubernetes control plane (mutualized option)
  • Transparent, predictable pricing
  • No egress fees within regions
  • Easy-to-use console and APIs
  • Fast provisioning times
  • Good performance-to-price ratio
  • European-based support team

Step 1: Create Scaleway Credentials

Qovery needs API credentials to manage resources in your Scaleway account. We use a secure API key approach with granular permissions.

Generate API Key

1

Access IAM Console

  1. Log into Scaleway Console
  2. Click your profile/organization name in the top-right
  3. Select Identity and Access Management (IAM) Scaleway IAM
2

Create Application

  1. Navigate to Applications tab
  2. Click + Create application
  3. Name it: qovery-manager or similar
  4. Description: “Qovery cluster management”
  5. Click Create application
Applications help organize API keys by purpose. You can reuse this application for multiple clusters.
3

Generate API Key

  1. Click on your newly created application
  2. Go to API keys tab
  3. Click + Generate API key
  4. Description: “Qovery cluster access”
  5. Select Object Storage preferred Project (your main project)
  6. Click Generate API key
Save these credentials immediately! The secret key is only shown once and cannot be retrieved later.
You’ll see:
  • Access key ID: SCWxxxxxxxxxxxxxxxxx
  • Secret access key: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Copy both to a secure location.
4

Configure Permissions

  1. Go to Policies tab in IAM
  2. Click + Create policy
  3. Name it: qovery-permissions
  4. Click Add rule for each of these permission sets:
Required Permissions:
  • Containers - Full access (for Kapsule management)
  • Network Services - Full access (for VPC, Load Balancers)
  • Compute - Full access (for instances)
  • Storage - Full access (for persistent volumes)
  • VPC - Full access (for networking)
  1. Under Principal, attach this policy to your application
  2. Click Create policy
These permissions allow Qovery to fully manage your Kubernetes infrastructure, including creating instances, configuring networking, and managing storage.
5

Gather Required IDs

You’ll need these identifiers:Organization ID:
  1. Go to Organization Settings
  2. Copy the Organization ID (format: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)
Project ID:
  1. Go to your Project Dashboard
  2. Click Project settings
  3. Copy the Project ID (format: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)
Keep these IDs handy - you’ll need them when configuring Qovery.

Add Credentials to Qovery

1

Start Cluster Creation

  1. Go to Qovery Console
  2. Click Clusters in the left sidebar
  3. Click Create Cluster
  4. Select Scaleway as the cloud provider
2

Enter Credentials

Provide the information you gathered:
  • Access Key ID: Your Scaleway access key
  • Secret Access Key: Your Scaleway secret key
  • Organization ID: Your Scaleway organization ID
  • Project ID: Your Scaleway project ID
Enter Scaleway credentials in Qovery Console
Click Next to validate the credentials.
3

Verify Connection

Qovery will test the credentials and verify it can access your Scaleway account.
If validation fails, double-check your API key has all required permissions attached via the policy.
Source: Content above is maintained in /snippets/scaleway-credentials.mdx. Update snippet first, then copy to all usage locations.

Step 2: Configure Your Cluster

Now configure your Kapsule cluster settings in the Qovery console.

Basic Configuration

1

Cluster Name

Choose a descriptive name for your cluster:
  • production-kapsule
  • staging-scaleway
  • dev-kapsule-paris
Use naming conventions that indicate environment and region for easier management.
2

Select Region

Choose a Scaleway region closest to your users:Paris (France) - fr-par:
  • Availability Zones: fr-par-1, fr-par-2, fr-par-3
  • Main Scaleway hub with most services
  • Lowest latency for Western Europe
  • Multiple data centers for redundancy
Amsterdam (Netherlands) - nl-ams:
  • Availability Zones: nl-ams-1, nl-ams-2, nl-ams-3
  • Optimal for Northern Europe
  • Good connectivity to UK and Scandinavia
  • Growing availability zone coverage
Warsaw (Poland) - pl-waw:
  • Availability Zones: pl-waw-1, pl-waw-2, pl-waw-3
  • Optimal for Eastern Europe
  • Central European location
  • Good latency to Germany, Austria, Czech Republic
Choosing a Region:
  • Paris: Most mature, largest service catalog
  • Amsterdam: Northern Europe, strong connectivity
  • Warsaw: Eastern Europe, competitive pricing
3

Attach Credentials

Select the Scaleway credentials you created in Step 1.If you need to create new credentials, click Add new credentials and repeat Step 1.

Node Pool Configuration

Configure the instance types for your Kapsule node pools:
Development/Testing:
  • DEV1-M (2 vCPU, 3 GB RAM)
  • DEV1-L (3 vCPU, 4 GB RAM)
  • DEV1-XL (4 vCPU, 6 GB RAM)
General Purpose (Balanced workloads):
  • GP1-XS (4 vCPU, 16 GB RAM)
  • GP1-S (8 vCPU, 32 GB RAM)
  • GP1-M (16 vCPU, 64 GB RAM)
  • GP1-L (32 vCPU, 128 GB RAM)
Cost-Optimized (x86):
  • COPARM1-2C-8G (2 vCPU, 8 GB RAM) - Budget-friendly
  • COPARM1-4C-16G (4 vCPU, 16 GB RAM) - Good balance
  • COPARM1-8C-32G (8 vCPU, 32 GB RAM) - Higher capacity
Cost-Optimized (ARM - Ampere Altra):
  • COPARM1-2C-8G (2 vCPU ARM, 8 GB RAM) - Lower cost
  • COPARM1-4C-16G (4 vCPU ARM, 16 GB RAM) - Great value
  • COPARM1-8C-32G (8 vCPU ARM, 32 GB RAM) - Best price/performance
ARM instances offer excellent price-to-performance ratio for compatible workloads (most modern container images support ARM).
Example Configuration: 
Node Pool Settings:
  - DEV1-M (2 vCPU, 3GB) - Development workloads
  - GP1-XS (4 vCPU, 16GB) - General purpose applications
  - COPARM1-4C-16G (4 vCPU ARM, 16GB) - Cost-optimized workloads
Multi-architecture Support: Scaleway Kapsule supports both x86_64 and ARM instances. You can mix both in the same cluster by using node selectors.

Step 3: Configure Network

1

Configure Network

In the Configure Network window, configure your cluster networking options:
  • Static IP for egress traffic: Enable this option if your applications need to connect to external services that require IP allowlisting. When enabled, your cluster will use a fixed public IP address for all outbound traffic.
  • NAT Gateway type: Select the appropriate gateway size based on your expected outbound traffic requirements:
    • VPC-GW-S (Up to 100 Mbps): Small development environments, low traffic
    • VPC-GW-M (Up to 1 Gbps): Standard production workloads
    • VPC-GW-L (Up to 3 Gbps): High-traffic applications
    • VPC-GW-XL (Up to 10 Gbps): Very high-traffic, enterprise workloads
The Static IP feature is useful when connecting to external databases, third-party APIs, or enterprise services that require IP allowlisting. See Scaleway Public Gateway documentation for more details.
To confirm, click Next.

Control Plane Options

Mutualized (Free) - Recommended for most users:
  • Shared Kubernetes control plane
  • No additional cost
  • Suitable for development, staging, and production
  • 99.9% SLA
Dedicated (Paid) - For high-performance needs:
  • Dedicated control plane resources
  • Higher API rate limits
  • Better performance under heavy load
  • 30-day minimum commitment
Start with mutualized (free) control plane. You can upgrade to dedicated later if you need higher performance or rate limits.

Step 4: Deploy Your Cluster

1

Review Configuration

Review all your cluster settings:
  • Cluster name
  • Scaleway project
  • Region and availability zones
  • Instance types
  • Control plane tier
  • Networking options
2

Create and Deploy

Click Create and Deploy
You can start configuring applications immediately! The cluster will be available once deployment completes.
3

Monitor Progress

Watch the deployment progress in the Qovery console.Timeline:
  • 0-5 min: Creating Private Network and security groups
  • 5-10 min: Provisioning Kapsule control plane
  • 10-15 min: Creating node pool and instances
  • 15-20 min: Installing Qovery components (ingress, monitoring, etc.)
Status indicators:
  • 🟡 Creating: Infrastructure provisioning in progress
  • 🟢 Running: Cluster is ready to use
  • 🔴 Error: Check logs for troubleshooting
4

Verify Installation

Once complete, your cluster will appear in the cluster list with status Running.

What Gets Created

Qovery automatically provisions these Scaleway resources:
  • Kapsule Cluster: Managed Kubernetes cluster
  • Private Network: Isolated VPC for your cluster
  • Control Plane: Mutualized or dedicated (your choice)
  • Node Pool: Auto-scaling group of instances
  • Security Groups: Firewall rules for traffic control
  • Public Gateway: NAT for outbound internet access
  • Load Balancer: Layer 4/7 load balancing for ingress
  • Public IPs: Flexible IP addresses for services
  • DNS: Automatic domain management
  • Private IPs: Internal cluster communication
  • Instances: DEV1, GP1, or Cost-Optimized instances
  • Block Storage: SSD volumes for persistent data
  • Auto-scaling: Cluster autoscaler for node provisioning
  • Multi-AZ: Nodes spread across availability zones
  • NGINX Ingress Controller: HTTP/HTTPS routing
  • Cert-Manager: Automatic SSL/TLS certificates
  • Qovery Agent: Cluster management and monitoring
  • Metrics Server: Resource usage metrics
  • DNS Management: Automatic domain configuration

Post-Installation Steps

Once your cluster is running:
1

Deploy Your First Application

Follow the Deploy Your First App guide
2

Configure Custom Domain

Set up your own domain instead of the default Qovery domain
3

Set Up Monitoring

Configure monitoring and observability
4

Configure Backups

Set up backup policies for persistent data using Scaleway snapshots

Troubleshooting

Error: “Invalid credentials” or “Permission denied”Solutions:
  • Verify all required permissions are attached to your API key via IAM policy
  • Check that the API key is active (not expired or revoked)
  • Ensure you copied the full access key and secret key correctly
  • Verify the Organization ID and Project ID match your Scaleway account
  • Make sure your Scaleway project has billing enabled
Issue: Cluster stuck in “Creating” state for over 30 minutesSolutions:
  • Check Scaleway quotas for your project (instances, IPs, block volumes)
  • Verify the selected region has instance availability
  • Check Scaleway Status Page for outages
  • Verify your billing is up to date
  • Contact Qovery support if issue persists
Error: “Quota exceeded” or “No capacity available”Solutions:
  1. Check your quotas in Scaleway Console → Organization Settings → Quotas
  2. Request quota increase through Scaleway support
  3. Try a different availability zone within the same region
  4. Choose smaller or different instance types
  5. Clean up unused resources
Common quota limits:
  • Compute instances per zone
  • Total vCPUs per organization
  • Flexible IPs per project
  • Block Storage volumes
  • Load Balancers per region
Issue: Applications can’t access external services or the internetSolutions:
  • Verify Public Gateway is properly configured
  • Check Security Group rules allow outbound traffic
  • Ensure Private Network routes are configured
  • Verify DNS resolution: kubectl run -it debug --image=nicolaka/netshoot --rm
  • Check load balancer health checks are passing
Error: “Instance failed to join cluster” or “Node registration timeout”Solutions:
  • Check instance type availability in your region/AZ
  • Verify Security Group allows Kapsule control plane communication
  • Ensure Private Network is properly configured
  • Check instance startup logs in Scaleway console
  • Try a different instance type or availability zone

Advanced Configuration

Private Network Routes

Connect your Kapsule cluster to existing Scaleway resources:
  1. Navigate to Private Networks in Scaleway Console
  2. Attach your existing Private Network to the Kapsule cluster
  3. Configure routes between networks
  4. Update Security Groups to allow traffic
  5. Test connectivity from pods

Using Existing Private Network

Deploy Qovery into your own Private Network:
When using an existing Private Network, ensure it has:
  • Sufficient IP address ranges for pods and services
  • Public Gateway attached for internet access
  • Security Groups configured to allow Kubernetes traffic
  • No conflicts with existing resources

ARM Workloads

Take advantage of ARM instances for better price-to-performance:
  1. Use ARM-compatible container images (most official images support both)
  2. Add node selector to deployments: 
    nodeSelector:
  kubernetes.io/arch: arm64
  3. Test ARM compatibility in staging before production
  4. Mix ARM and x86 nodes using node selectors for different workloads

Multi-Availability Zone

Increase reliability with multi-AZ deployment:
  1. Configure node pools across multiple AZs
  2. Use pod anti-affinity to spread replicas
  3. Configure topology spread constraints
  4. Test failover scenarios
  5. Monitor cross-AZ traffic costs

Best Practices

Use ARM Instances

Leverage ARM instances (COPARM1) for better price/performance on compatible workloads

Start with Free Control Plane

Mutualized control plane is free and suitable for most workloads

Enable Autoscaling

Configure cluster autoscaler to optimize costs during low-traffic periods

Multi-AZ Deployment

Deploy across multiple AZs for high availability

Monitor Costs

Use Scaleway Cockpit to track resource usage and costs

Regular Backups

Leverage Scaleway snapshots for persistent volume backups

Next Steps

Deploy Your First App

Complete step-by-step deployment guide

Configure RBAC

Set up team access control

Set Up CI/CD

Automate deployments with GitHub Actions or GitLab CI

Monitor Your Cluster

Configure monitoring and alerting

Additional Resources