Introducing Prebake: A straightforward Developer Platform for Kubernetes

TL;DR

• Prebake is a new Open Source project that turns bare Kubernetes clusters into Developer Platforms in two commands.
• The goal is to help developers focus on building apps instead of becoming experts in every infrastructure component.
• It includes ArgoCD, Cert Manager, Cilium, Traefik, Sealed Secrets, and more - all configured with sensible defaults.
• Just two commands to deploy - officially supported on Kind or AWS EKS - though any bare Kubernetes cluster should work.
• Please support us by starring the Prebake GitHub repository!

Today, we’re excited to introduce Prebake, our Open Source solution for turning bare Kubernetes clusters into Developer Platforms, which is being released under the Apache 2.0 license.

Prebake is available on GitHub today and officially supports deployment to Kind and AWS EKS, though it should work with any bare cluster.

If you want to see a cluster with Prebake in action, you can clone the Prebake GitHub repository, run a Kind cluster in two commands (make kind-create & make kind-context), and deploy Prebake in two commands (make setup & make install).

And we have an official website at prebake.dev - where we plan to add further documentation and examples as Prebake develops.

The challenge with bare Kubernetes clusters

Kubernetes provides excellent abstractions for container orchestration, but setting up a cluster involves deploying and configuring numerous components: ingress controllers, certificate management, networking, secrets management, storage, DNS, and continuous deployment tooling.

Each of these components requires specialized knowledge to configure correctly, creating a barrier for developers who just want to deploy their applications. The typical path involves either:

• Spending weeks or months becoming an expert in each component, trawling through documentation and Helm values files to make decisions on every knob and dial
• Using a managed platform that abstracts away Kubernetes entirely
• Deploying minimal infrastructure and dealing with gaps in production

None of these options are ideal. Developers shouldn’t need to become infrastructure experts to deploy apps, but they also shouldn’t be locked into proprietary abstractions that hide the underlying Kubernetes APIs.

Kubernetes has somewhat a reputation of “complexity”, and with Prebake, our hope is to start to change that for the better.

The Prebake approach: sensible defaults without unnecessary abstractions

Prebake takes a different approach to many IDPs. Instead of adding layers of abstraction, it provides carefully chosen defaults and configurations for the essential components every Kubernetes cluster needs. The entire stack remains transparent and uses standard Kubernetes resources, so developers can inspect, modify, and debug deployments using familiar tools.

With just two commands, you can transform a bare cluster into a platform that includes:

• Cilium for cluster networking and security policies
• CoreDNS for reliable DNS resolution
• Traefik for ingress with the Gateway API
• Cert Manager for automated TLS certificate management
• Trust Manager for certificate trust store management
• Sealed Secrets for encrypted secrets in Git
• ArgoCD for GitOps-based continuous deployment
• Snapshot Controller for persistent volume snapshots
• Gateway API CRDs for standardized ingress
• AWS EBS CSI Driver (when deploying on AWS)

All components are configured with defaults for networking (dual-stack IPv4/IPv6), RBAC, and trust bundles.

How it works

Prebake uses a simple workflow:

1. Generate configuration values for your domain:

   make setup DOMAIN=<ingress-hostname>

2. Install all components to your cluster:

   make install

The generated values are stored in the _values directory, giving you full visibility and control over configuration. These values are embedded into ArgoCD applications, so your customizations persist across syncs.

You can optionally preview all rendered manifests before installation:

make render

Built for the Nadrama PaaS

Prebake was created to power the Nadrama Open Source Platform-as-a-Service. When you launch a Nadrama cluster, the cluster state is pre-imaged with the Prebake configuration, allowing you to immediately start deploying applications without manual setup.

We designed it to work seamlessly with our other Open Source projects like Netsy, our S3-backed etcd alternative, to provide a complete platform that scales from single-node hobbyist clusters to enterprise deployments.

What’s next for Prebake?

Prebake can be deployed today to any bare Kubernetes cluster, with official support for Kind and AWS EKS. We’re keen to get community feedback, and some ideas for what’s next include:

• Support for additional cloud providers (GCP, Azure)
• Expanded template charts for common application patterns
• Enhanced observability stack integration

We built Prebake to solve a real problem we faced while building Nadrama: how to give developers a platform without forcing them to learn every infrastructure component or being forced to use abstractions and give up the power of Kubernetes.

If this resonates with you, please join the Nadrama Discord community and please show your support by starring the Prebake GitHub repository. Thanks for reading!

Published: Nov 12, 2025 .