FEATURES

Every feature feels like part of the same control plane.

Beyond Cloud brings cluster provisioning, workflow automation, live operations, and security controls into one runtime so platform teams are not forced to assemble their own story out of disconnected tools.

Get started Talk to us

One runtime for clusters, workflows, and security, with encrypted state and auditable execution end to end.

api.usebey.com LIVE

$ curl -X POST \
  https://api.usebey.com/api/v1/kubernetes/clusters/talos \
  -H "Authorization: Bearer $BC_TOKEN" \
  -d '{"name":"prod-east","region":"nbg1","nodePools":2}'

{
  "workflow": "wf_cluster_launch",
  "status": "RUNNING",
  "current_step": "talos.bootstrap",
  "watch": "wss://api.usebey.com/ws"
}

Cluster ops PROVISION
prod-east cluster ****
3.8 MIN AVG

Talos-backed clusters with guardrails, node health, and clean handoff into day-two operations.

TalosNode poolsKubeconfig
Workflow runtime RECOVERY
talos-provision workflow ****
12 STEPS

Retries, resumability, and step history turn infrastructure work into something you can inspect and trust.

RetriesRecoveryLogs
Operator signal LIVE
system:health stream ****
42 EVENTS / MIN

WebSocket updates, metrics, and structured events keep the product view aligned with production reality.

MetricsAuditAlerts

A platform surface built for real operating work.

12 restartable provisioning steps

< 4 min average cluster launch time

AES-256 encrypted secret storage

24/7 live workflow and cluster visibility

CLUSTER OPS

Provision production Kubernetes clusters without building your own platform glue.

Clusters, node pools, upgrades, and kubeconfig issuance all live in the same control plane so the operational story stays coherent.

n-01

n-02

n-03

n-04

n-05

n-06

n-07

n-08

n-09

n-10

n-11

n-12

Talos provisioning Launch hardened clusters with a restartable twelve-step workflow.
Node pools Separate general compute, GPU, and workload-specific pools with clear health states.
Scaling Expand or contract capacity without losing the thread between request and infrastructure.
Upgrades Coordinate rolling node and control-plane upgrades from the same runtime.
Networking Wire private networking and firewalls during provisioning instead of after the fact.
Kubeconfig access Issue scoped kubeconfigs tied to org and user identity.

WORKFLOWS

Run infrastructure automation like product code, not a pile of invisible background jobs.

Every workflow carries its own history, retries, and recovery state so long-running operations remain readable after the page refresh.

workflow.create
hetzner.snapshot.resolve
network.private.create
servers.provision
talos.machineconfig.gen
talos.apply
talos.bootstrap
kubeconfig.issue
relationships.link
health.verify
notify.complete

Durable execution Persist step-by-step history so workflows survive restarts and operator handoffs.
Automatic retries Use exponential backoff and per-step retry policy without custom plumbing.
Recovery loops Resume stuck or interrupted runs from their last good step instead of starting over.
Cancellation Stop in-flight workflows without leaving half-created resources behind.
Scheduling Drive recurring platform jobs from the same execution engine as on-demand runs.
Execution logs Follow each workflow with structured logs mapped to the exact step doing the work.

LIVE OPS

See what the platform is doing while it is doing it.

The dashboard, logs, and health surface all read from the same runtime signals, so operators are not left stitching together partial truth.

200cluster.provision.complete0.3s
201workflow.step.advance0.7s
429hetzner.rate.limit1.2s
200system.health.snapshot1.8s

WebSocket updates Stream workflow progress and cluster state changes directly into the product.
Metrics endpoint Expose Prometheus-compatible health and workflow telemetry from the control plane.
Structured events Trace provisioning, retries, and system changes with machine-readable events.
Audit timelines Keep a clear actor-and-reason trail for platform and security reviews.
Entity graph Understand how clusters, workflows, and resources relate without separate tooling.
Alert routing Connect platform failures into the paging and observability stack you already use.

SECURITY

Keep secrets, identity, and governance inside the same operating model.

Security is part of the product surface itself, which means access control, encrypted storage, and audit are designed to cooperate.

DATABASE_URL SCOPED
HCLOUD_TOKEN AUDITED
CLOUDFLARE_API_TOKEN ENCRYPTED

actor: org_admin rotation: active last event: 14s ago

Encrypted secrets Store credentials with AES-256-GCM encryption and org-scoped access boundaries.
Org-aware auth Use JWT-based identity and organization membership to shape every action.
Role boundaries Keep administrative actions constrained to the right team and tenant context.
Audit logging Record cluster, workflow, and secret mutations with actor and timing attached.
Policy-ready controls Give security reviews one place to reason about workflows, access, and change history.
Secret hygiene Avoid leaking credentials into workflow logs or UI surfaces while still keeping operators informed.