DOC-1967: Clarify that Redpanda manages Kubernetes infrastructure in BYOC (#527)

micheleRP · claude · web-flow · commit c2984d696165 · 2026-03-12T14:06:02.000-06:00
Customers seeing Kubernetes EOL alerts from their cloud provider were
confused about who manages K8s upgrades in BYOC. Clarify across
maintenance, cloud overview, and BYOC architecture pages that Redpanda
manages all underlying infrastructure and Kubernetes maintenance,
and that customers do not need to act on K8s deprecation notices.

Co-authored-by: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/modules/get-started/pages/byoc-arch.adoc b/modules/get-started/pages/byoc-arch.adoc
@@ -1,15 +1,15 @@
 = BYOC Architecture
 :description: Learn about the control plane - data plane architecture in BYOC. 
 
-With Bring Your Own Cloud (BYOC) clusters, you deploy Redpanda in your own cloud (AWS, Azure, or GCP), and all data is contained in your own environment. This provides an additional layer of security and isolation. Redpanda handles provisioning, operations, and maintenance.
+With Bring Your Own Cloud (BYOC) clusters, you deploy Redpanda in your own cloud (AWS, Azure, or GCP), and all data is contained in your own environment. This provides an additional layer of security and isolation. Redpanda handles provisioning, operations, and maintenance of the underlying infrastructure, including Kubernetes.
 
 == Control plane - data plane 
 
 For high availability, Redpanda Cloud uses the following control plane - data plane architecture:
 
 image::shared:control_d_plane.png[Control plane and data plane]
 
-* *Control plane*: This is where most cluster management, operations, and maintenance takes place. The control plane enforces rules in the data plane. You can use role-based access control xref:security:authorization/rbac/rbac.adoc[(RBAC) in the control plane] to manage access to organization-level resources like clusters, resource groups, and networks. 
+* *Control plane*: This is a Redpanda Cloud managed service that manages provisioning, operations, and maintenance of clusters with Kubernetes under the hood, including Kubernetes version upgrades and infrastructure maintenance. The control plane enforces rules in the data plane. You can use role-based access control xref:security:authorization/rbac/rbac.adoc[(RBAC) in the control plane] to manage access to organization-level resources like clusters, resource groups, and networks.
 
 * *Data plane*: This is where your cluster lives. The term _data plane_ is sometimes used interchangeably with _cluster_. The data plane is where you manage topics, consumer groups, connectors, and schemas. You can use xref:security:authorization/rbac/rbac_dp.adoc[RBAC in the data plane] to configure cluster-level permissions for provisioned users at scale. 
 
diff --git a/modules/get-started/pages/cloud-overview.adoc b/modules/get-started/pages/cloud-overview.adoc
@@ -172,7 +172,7 @@ Redpanda creates a cloud organization for you and sends you a welcome email.
 With BYOC clusters, the Redpanda data plane (including Redpanda ADP components and Redpanda brokers) deploys into your existing VPC or VNet, ensuring all data remains in your environment.
 
 With BYOC clusters, you deploy the Redpanda glossterm:data plane[] into your existing VPC (for AWS and GCP) or VNet (for Azure), and all data is
-contained in your own environment. This provides an additional layer of security and isolation. (See xref:get-started:byoc-arch.adoc[].) Redpanda manages provisioning, monitoring, upgrades, and security policies, and it manages required resources in your VPC or VNet, including subnets (subnetworks in GCP), IAM roles, and object storage resources (for example, S3 buckets or Azure Storage accounts). 
+contained in your own environment. This provides an additional layer of security and isolation. (See xref:get-started:byoc-arch.adoc[].) Redpanda manages provisioning, monitoring, upgrades, and security policies, including the underlying infrastructure and Kubernetes used to run the cluster. Redpanda also manages required resources in your VPC or VNet, including subnets (subnetworks in GCP), IAM roles, and object storage resources (for example, S3 buckets or Azure Storage accounts). For full details, see xref:manage:maintenance.adoc[].
 
 ==== Bring Your Own VPC/VNet (BYOVPC/BYOVNet) 
 
diff --git a/modules/manage/pages/maintenance.adoc b/modules/manage/pages/maintenance.adoc
@@ -1,7 +1,9 @@
 = Upgrades and Maintenance
 :description: Learn how Redpanda Cloud manages maintenance operations.
 
-As a fully-managed service, the Redpanda Cloud glossterm:control plane[] handles all maintenance operations, such as upgrades to your software and infrastructure.
+As a fully-managed service, the Redpanda Cloud glossterm:control plane[] handles all maintenance operations, such as upgrades to your software and infrastructure. Here, _control plane_ refers to the Redpanda Cloud managed service that orchestrates cluster operations, not the Kubernetes control plane.
+
+For BYOC and Dedicated deployments, Redpanda manages all maintenance operations for the underlying infrastructure and Kubernetes, ensuring high availability. This includes Kubernetes version upgrades (both the Kubernetes control plane and worker nodes), security patches, and VM image updates. You do not need to act on Kubernetes end-of-life or deprecation notices from your cloud provider (for example, EKS, GKE, or AKS version warnings). Redpanda handles these upgrades on your behalf, targeting completion before the Kubernetes version reaches end of life.
 
 Redpanda runs maintenance operations on clusters in a rolling fashion, accompanied by a series of health checks, so there is no disruption to the availability of your service. As part of the Kafka protocol, recycling nodes triggers client connections to be restarted. All mainstream client libraries support automatic reconnections when a restart occurs.
 
