Gardener Logo
Deliver fully-managed clusters at scale everywhere with your own Kubernetes-as-a-Service
  • Gardener Cookies

    Green Tea Matcha Cookies

    For a team event during the Christmas season we decided to completely reinterpret the topic cookies. :-)

    Matcha cookies have the delicate flavor and color of green tea. These soft, pillowy and chewy green tea cookies are perfect with tea. And of course they fit perfectly to our logo.


    • 1 stick butter, softened
    • ⅞ cup of granulated sugar
    • 1 cup + 2 tablespoons all-purpose flour
    • 2 eggs
    • 1¼ tablespoons culinary grade matcha powder
    • 1 teaspoon baking powder
    • pinch of salt


    1. Cream together the butter and sugar in a large mixing bowl - it should be creamy colored and airy. A hand blender or stand mixer works well for this. This helps the cookie become fluffy and chewy.
    2. Gently incorporate the eggs to the butter mixture one at a time.
    3. In a separate bowl, sift together all the dry ingredients.
    4. Add the dry ingredients to the wet by adding a little at a time and folding or gently mixing the batter together. Keep going until you’ve incorporated all the remaining flour mixture. The dough should be a beautiful green color.
    5. Chill the dough for at least an hour - up to overnight. The longer the better!
    6. Preheat your oven to 325 F.
    7. Roll the dough into balls the size of ping pong balls and place them on a non-stick cookie sheet.
    8. Bake them for 12-15 minutes until the bottoms just start to become golden brown and the cookie no longer looks wet in the middle. Note: you can always bake them at 350 F for a less moist, fluffy cookie. It will bake faster by about 2-4 minutes 350 F so watch them closely.
    9. Remove and let cool on a rack and enjoy!


    Make sure you get culinary grade matcha powder. You should be able to find this in Asian or natural grocers.

  • Shoot Reconciliation October 23, 2020

    Do you want to understand how Gardener creates and updates Kubernetes clusters (Shoots)? Well, it’s complicated, but if you are not afraid of large diagrams and are a visual learner like me, this might be useful to you.


    In this blog post I will share a technical diagram which attempts to tie together the various components involved when Gardener creates a Kubernetes cluster. I have created and curated the diagram, which visualizes the Shoot reconciliation flow since I started developing on Gardener. Aside from serving as a memory aid for myself, I created it in hopes that it may potentially help contributors to understand a core piece of the complex Gardener machinery. Please be advised that the diagram and components involved are large. Although it can be easily divided into multiple diagrams, I want to show all the components and connections in a single diagram to create an overview of the reconciliation flow.

    The goal is to visualize the interactions of the components involved in the Shoot creation. It is not intended to serve as a documentation of every component involved.


    Taking a step back, the Gardener states

    In essence, Gardener is an extension API server that comes along with a bundle of custom controllers. It introduces new API objects in an existing Kubernetes cluster (which is called garden cluster) in order to use them for the management of end-user Kubernetes clusters (which are called shoot clusters). These shoot clusters are described via declarative cluster specifications which are observed by the controllers. They will bring up the clusters, reconcile their state, perform automated updates and make sure they are always up and running.

    This means that Gardener, just like any Kubernetes controller, creates Kubernetes clusters (Shoots) using a reconciliation loop.

    The Gardenlet contains the controller and reconciliation loop responsible for the creation, update, deletion and migration of Shoot cluster (there are more, but we spare them in this article). In addition, the Gardener Controller Manager also reconciles Shoot resources, but only for seed-independent functionality such as Shoot hibernation, Shoot maintenance or quota control.

    This blog post is about the reconciliation loop in the Gardenlet responsible for creating and updating Shoot clusters. The code can be found here. The reconciliation loops of the extension controllers can be found in their individual repositories.

    Shoot reconciliation flow diagram

    When Gardner creates a Shoot cluster, there are three conceptual layers involved: the Garden cluster, the Seed cluster and the Shoot cluster. Each layer represents a top-level section in the diagram (similar to a lane in a BPMN diagram).

    It might seem confusing, that the Shoot cluster itself is a layer, because the whole flow in the first place is about creating the Shoot cluster. I decided to introduce this separate layer to make a clear distinction between which resources exist in the Seed API server (managed by Gardener) and which in the Shoot API server (accessible by the Shoot owner).

    Each section contains several components. Components are mostly Kubernetes resources in a Gardener installation (e.g. the gardenlet deployment in the Seed cluster).

    This is the list of components:

    (Virtual) Garden Cluster

    • Gardener Extension API server
    • Validating Provider Webhooks
    • Project Namespace

    Seed Cluster

    Shoot Cluster

    • Cloud Provider compute API (owned by Stakeholder) - for VM/Node creation.
    • VM / Bare metal node hosted by Cloud Provider (in Stakeholder owned account).

    How to use the diagram

    The diagram

    • should be read from top to bottom - starting in the top left corner with the creation of the Shoot resource via the Gardener Extension API server.
    • should not require an encompassing documentation / description. More detailed documentation on the components itself, can usually be found in the respective repository.
    • does not show which activities execute in parallel (many) and also does not describe the exact dependencies between the steps. This can be found out by looking at the source code. It however tries to put the activities in a logical order of executing during the reconciliation flow.

    Occasionally, there is an info box with additional information next to parts in the diagram that in my point of view require further explanation. Large example resource for the Gardener CRDs (e.g Worker CRD, Infrastructure CRD) are placed on the left side and are referenced by a dotted line (—–).

    Be aware, that Gardener is an evolving project, so the diagram will most likely be already outdated by the time you are reading this. Nevertheless, it should give a solid starting point for further explorations into the details of Gardener.

    Flow diagram

    The diagram can be found below and on There are multiple formats available (svg, vsdx,, html).

    Please open an issue or open a PR in the repository if information is missing or is incorrect. Thanks!

  • Community Call - Deploying and Developing Gardener Locally March 25, 2022


    This community call was led by Tim Ebert and Rafael Franzke.


    So far, deploying Gardener locally was not possible end-to-end. While you certainly could run the Gardener components in a minikube or kind cluster, creating shoot clusters always required to register seeds backed by cloud provider infrastructure like AWS, Azure, etc..

    Consequently, developing Gardener locally was similarly complicated, and the entry barrier for new contributors was way too high.

    In a previous community call (Hackathon “Hack The Metal”), we already presented a new approach for overcoming these hurdles and complexities.

    Now we would like to present the Local Provider Extension for Gardener and show how it can be used to deploy Gardener locally, allowing you to quickly get your feet wet with the project.

    In this session, Tim Ebert goes through the process of setting up a local Gardener cluster. After his demonstration, Rafael Franzke showcases a different approach to building your clusters locally, which, while more complicated, offers a much faster build time.

    You can find the tutorials in this community call at:

    Feel free to try out the guides upfront and join one of our scheduled meetings with your questions! We will have plenty of time to clarify them and look at any issues you might have encountered.


  • Community Call - Gardener Extension Development June 17, 2022


    This community call was led by Jens Schneider and Lothar Gesslein.


    Starting the development of a new Gardener extension can be challenging, when you are not an expert in the Gardener ecosystem yet. Therefore, the first half of this community call led by Jens Schneider aims to provide a “getting started tutorial” at a beginner level. 23Technologies have developed a minimal working example for Gardener extensions, gardener-extension-mwe, hosted in a Github repository. Jens is following the Getting started with Gardener extension development tutorial, which

    In the second part of the community call, Lothar Gesslein introduces the gardener-extension-shoot-flux, which allows for the automated installation of arbitrary Kubernetes resources into shoot clusters. As this extension relies on Flux, an overview of Flux’s capabilities is also provided.

    If you are left with any questions regarding the content, you might find the answers at the Q&A session and discussion held at the end.

    You can find the tutorials in this community call at:

    Feel free to try out the guides upfront and join one of our scheduled meetings with your questions! We will have plenty of time to clarify them and look at any issues you might have encountered.


Make It All About Kubernetes Again

Gardener abstracts environment specifics to deliver the same homogeneous Kubernetes-native DevOps experience everywhere
Cluster Fleet Hub
A single Gardener can scale to register and manage thousands of clusters, regardless of their location - public/private clouds, DC bare metal, regulated environments... anywhere a Gardenlet is deployed.
Kubernetes Native
Gardener manages clusters very much like pods are orchestrated in Kubernetes. Cluster workloads are scheduled and Gardenlets, similar to Kubelets, take over to manage them in particular environments in a loosely coupled, controller pattern.
Fully Managed
Gardenlets manage control planes, worker nodes (full lifecycle, self-healing and updates) and cluster components, such as the overlay network, DNS and certificates, control plane monitoring and logging stack, to provide automation, resilience and observability.
Scalable by Design
A single Kubernetes cluster can host an enormous amount of control planes. Gardener can scale-out massively by more control plane clusters and letting the Gardenlets do the heavy lifting. In fact, those clusters can also be managed by Gardener for maximum efficency.
Learn more about the concepts behind Gardener

Get The Kubernetes You Really Want

The clusters Gardener provisions are as flexible as DIY clusters, except you don’t have to do them yourself

Gardener control planes allow you to control a wide range of features gates and configurations.

The updates you want, when you want them

No more unexpected updates! Gardener allows you to update Kubernetes to the version you want, when you want it, rather than when your cloud provider decides. It even allows you to update your Host OS when desired.

100% Kubernetes compliant

Gardener is Kubernetes native and is not shy to be completely transparent on its compliance, proudly holding the 100% badge with public evidence for that.

The one you already know

Gardener delivers the same Kubernetes you know from and are certified for. The same binaries, the same tools; you are already trained to use it.

Everywhere You Want It

The compute resources you need, wherever you want them.
  • Alibaba Cloud
  • Amazon Web Services
  • Microsoft Azure
  • Google Cloud Platform
  • Metal-Stack
  • OpenStack
  • Equinix Metal
  • VMware vSphere
New infrastructure use case? Let’s build it together

However You Want It

Extend And Contribute To Gardener
Extensible By Design

Gardener is a modular system of managed extensions around a robust core, fully adaptable in multiple dimensions. Extend the existing extension set or add completely new pieces. And while you are at it, why not contribute them back to the community and benefit from contributions of others?

Managed Extensions

Gardener watches over and manages extensions, automatically reconciling their actual and desired state as designed.

Control the Stack

You are in control of the setup for the cluster that will be delivered by Gardener. Choose the components you actually need.

Learn more about Gardener’s extensibility