Frequently Asked Questions

Installation & Setup

What Kubernetes versions does CostPilot support?

CostPilot supports Kubernetes 1.24 and later. The agent uses standard Kubernetes API resources (pods, nodes, namespaces, resourcequotas) that have been stable since 1.18, so older clusters may work in practice — but 1.24+ is the tested and supported range.

Managed Kubernetes services supported: GKE, EKS, AKS, DigitalOcean DOKS, and any CNCF-conformant distribution.

Does the agent need internet access?

Yes. The agent sends metrics to the CostPilot ingest endpoint (ingest.eu.cost-pilot.com) over HTTPS (port 443). It does not require inbound internet access — only outbound HTTPS egress from within the cluster.

If your cluster runs in a private network with restricted egress, you will need to allow outbound traffic to ingest.eu.cost-pilot.com:443. The agent does not use any other external endpoints.

Does CostPilot modify my cluster?

No. CostPilot is entirely read-only with respect to your workloads. The agent reads metrics from the Kubernetes API and cAdvisor. It does not create, modify, or delete any of your application resources.

The Helm chart creates:

A costpilot namespace
A ServiceAccount with ClusterRole (read-only — get, list, watch on pods, nodes, namespaces)
The Operator Deployment and agent ReplicaSet

No changes are made to your existing namespaces, Deployments, or Pods.

Can I use CostPilot without cloud provider credentials?

Yes. CostPilot does not require API credentials for your cloud provider. Cost calculations use published pricing data for the cloud provider and region you specify during cluster registration — no billing API access is needed.

For spot instance pricing, CostPilot reads instance type and pricing tier from node labels that your cloud provider sets automatically (e.g. karpenter.sh/capacity-type=spot).

What happens if the agent goes down?

If the agent becomes unavailable, metric collection pauses for the duration of the outage. When the agent recovers, it resumes collection from the current point — it does not backfill the missed window.

Gaps in metric data appear as gaps in cost charts. The Dashboard displays a warning banner if no metrics have been received from a cluster in the last 15 minutes.

The Operator will automatically restart failed agent pods within a few seconds of detecting the failure.

Data & Privacy

What data does the agent collect?

The agent collects Kubernetes resource metrics only:

Pod name, namespace, labels, QoS class, resource requests and limits
Actual CPU and memory usage from cAdvisor (aggregated at pod level)
Node name, instance type, capacity, allocatable resources, and cloud provider labels
PersistentVolume capacity and storage class

The agent does not collect:

Application logs
Network traffic content
Secrets, ConfigMaps, or environment variables
Any data from inside your containers

Is my data encrypted?

Yes. All data in transit between the agent and the CostPilot backend is encrypted over TLS 1.2+. Data at rest is encrypted using AES-256.

How long is data retained?

Basic plan: 7 days. Pro plan: 30 days. Max plan: 90 days. See Plans & Entitlements for details.

CostPilot collects infrastructure metadata only — Kubernetes resource names, labels, and usage metrics. This data does not constitute personal data under GDPR in typical usage.

If your team uses personal names or email addresses as Kubernetes label values or pod names, those values would be collected as part of label/name metadata. We recommend using team identifiers or role-based labels rather than personal names.

CostPilot is operated from the EU and data is processed in accordance with GDPR. A Data Processing Agreement (DPA) is available on request for paid plan customers.

How does multi-tenancy work?

Each CostPilot account is a separate tenant. Data is strictly isolated between tenants at the database and application layer — one tenant cannot access another’s cost data.

Within an account, multiple users can be invited with Viewer, Member, or Admin roles. All users within an account share access to the same clusters and cost data.

Cost Accuracy

How accurate are the cost figures?

CostPilot cost figures are an allocation model, not a direct read from your cloud bill. Accuracy depends on several factors:

Node pricing: CostPilot uses published on-demand and spot pricing for the registered cloud provider and region. Actual bills may differ if you have committed-use discounts, sustained-use discounts, Enterprise Agreements, or credits applied at the account level.
CPU/memory split: CostPilot splits node cost proportionally between CPU and memory based on published instance pricing ratios.
Storage: PersistentVolume costs are estimated from storage class pricing. Actual I/O costs are not included.
Networking: Egress and inter-zone traffic costs are not included.

For most teams, CostPilot figures are within 5–15% of actual Kubernetes-attributable cloud spend. The primary value is relative comparison (which team costs more, which workload is inefficient) rather than exact billing reconciliation.

How often is pricing data updated?

CostPilot’s pricing database is updated weekly from published cloud provider pricing APIs. For spot instance pricing, CostPilot uses the pricing type label on the node rather than the live Spot market price — so the figure is the detected node cost at time of provisioning.

What is the difference between idle cost and overprovisioned cost?

These are two distinct forms of waste:

Overprovisioned: A pod has requests set but uses far less than requested. The node is utilised, but the utilisation is attributed to the wrong thing (the pod’s requests, not its actual usage).
Idle (unallocated): Node capacity that no pod has requested at all. The node is running but has spare capacity that is simply wasted.

Both appear on the Dashboard idle cost breakdown. Overprovisioned cost is fixed by right-sizing pod requests. Unallocated cost is fixed by reducing node count or enabling Cluster Autoscaler.

Operations

What happens to insights if I’m on the free plan?

Free plan users receive insights from 4 analysers (~19 insight types). Paid plan users receive insights from 11 analysers (40+ insight types). Insight generation is triggered automatically for all tenants when 5,000 metrics are collected — plan tier only affects which analysers run, not whether generation happens.

How do I rotate my API key?

Navigate to Nodes → Clusters and select the cluster.
Click Rotate API key.
Copy the new key immediately (it is not shown again).
Update the Kubernetes Secret in your cluster with the new key:

kubectl create secret generic cp-agent-secret \
  --namespace costpilot \
  --from-literal=cluster-api-key=<new-api-key> \
  --dry-run=client -o yaml | kubectl apply -f -

Restart the agent pods to pick up the new secret:

kubectl rollout restart deployment/cost-pilot-operator -n costpilot

The old key is invalidated immediately upon rotation. There is a brief gap in metric collection while the agent restarts.

Can I export my cost data?

Yes. In Cost Explorer, set your desired filters and date range, then click Export CSV. The export includes all visible rows with cost, efficiency, and resource breakdown columns.

Paid plan users also have access to the CostPilot API for programmatic data export — useful for pulling cost-by-team data into internal finance systems or data warehouses on a schedule.

What is the demo data feature?

The demo data feature injects a fictional cluster into your CostPilot account — a simulated AWS cluster spending approximately $687/month, with 48 pods, 6 nodes, and 4 teams — so you can explore the UI before your real cluster sends data.

Demo data is enabled by default for new accounts and can be toggled in Settings → Features (under Data & onboarding → Demo cluster). When enabled, demo rows appear with an amber “Demo” badge in all views. Demo data is generated client-side and has zero impact on your real metrics or billing.

What is the `cp-agent-mtls` Secret in my cluster?

The CostPilot Operator automatically provisions a mutual TLS (mTLS) certificate for encrypted communication between the agent and the CostPilot ingester. This certificate is stored as a Kubernetes Secret named {agentName}-mtls of type kubernetes.io/tls.

You do not need to manage this Secret manually. The Operator renews it automatically seven days before its 30-day expiry and triggers a rolling agent restart when it changes. Do not delete it — the Operator will recreate it, but there will be a brief interruption in metric delivery while the new certificate is issued.

Why are my metric counts slightly off during agent pod restarts?

This is expected behaviour during leader transitions. When the leader agent pod is replaced, there is a brief window where both the outgoing and incoming leaders may attempt to ship the same metric batch. The agent uses a short-lived deduplication cache to suppress duplicates, so the impact is typically zero or one duplicated collection interval. Cost charts will not show a meaningful spike as a result.

How do I check whether the agent is collecting metrics correctly?

Query the agent’s health endpoint directly:

kubectl exec -n costpilot <agent-pod-name> -- wget -qO- http://localhost:2112/healthz

This returns a JSON object with fields including isLeader, lastCollectionSuccess, configLoaded, and the circuit breaker state. For a detailed description of each field, see Agent Architecture — Health endpoint.

You can also check the leader agent’s logs:

kubectl logs -n costpilot -l app=costpilot-agent --prefix | grep -i "shipping\|shipped\|error"

How do I uninstall the agent?

helm uninstall costpilot --namespace costpilot
kubectl delete namespace costpilot

This removes all CostPilot components from your cluster. Your account and historical data in CostPilot are not affected — the cluster will show as disconnected (no recent metrics) in the dashboard.

To fully remove the cluster from your account, go to Nodes → Clusters and delete the cluster entry.