Docker Kanvas: From Compose to Kubernetes Without Writing YAML

If you've ever migrated an application from Docker Compose to Kubernetes 1.35 et le Dynamic Resource Allocation, you know the pain: hours spent rewriting your simple configurations into hundreds of lines of Kubernetes YAML, juggling Deployments, Services, ConfigMaps and Secrets. Docker has just launched Kanvas, a tool that promises to end this torture by automatically converting your Compose files into erreurs courantes Docker en production-ready Kubernetes artifacts.

Released in January 2026, Kanvas does more than just generate YAML: built on Meshery, the 6th-fastest CNCF project by development velocity, it offers a full visual interface to design, deploy and manage your cloud-native infrastructure. A direct challenge to Helm and Kustomize.

The Kubernetes YAML ordeal: a very real problem

Docker Compose revolutionized local development with its disarming simplicity. A 30-line YAML file is enough to orchestrate a full stack: database, Redis cache, workers, reverse proxy. But when the time comes to ship to production on Kubernetes, reality hits hard.

# Docker Compose: 30 lines, everything is clear
version: '3.8'
services:
  web:
    image: nginx:latest
    ports:
      - "80:80"
    depends_on:
      - app
  app:
    image: myapp:1.0
    environment:
      - DB_HOST=db
  db:
    image: postgres:15
    volumes:
      - db_data:/var/lib/postgresql/data
volumes:
  db_data:

To achieve the same result on Kubernetes, you need to create at least 6 separate files: a Deployment for each service, a Service for network exposure, a PersistentVolumeClaim for volumes, a ConfigMap for environment variables. All together, that easily amounts to 300 lines of complex YAML with finicky indentation and cross-references.

Helm and Kustomize have tried to solve this problem, but they introduce their own complexity: Go templating for Helm with its arcane syntax, overlays and JSON patches for Kustomize. The result: Kubernetes misconfigurations remain the number-one cause of production incidents.

Kanvas and Meshery: the Docker-Layer5 alliance

Docker Kanvas isn't yet another manifest generator. It's a collaboration between Docker and Layer5, the company behind Meshery, an open source CNCF project dedicated to managing cloud-native infrastructure across multiple clusters and multiple clouds.

Meshery ranks as the 6th-fastest CNCF project by development velocity (number of commits, active contributors, pull requests), right behind heavyweights like Kubernetes itself, Prometheus or Envoy. That velocity reflects an active community and growing enterprise adoption.

What exactly is Meshery?

Meshery is a cloud-native infrastructure management platform that lets you:

• Design visually Kubernetes architectures with a drag-and-drop editor (1000+ Kubernetes components, 55+ AWS services, 50+ Azure, 60+ GCP)
• Manage in real time multiple Kubernetes clusters through native controllers (AWS Controllers for Kubernetes, Google Config Connector)
• Validate and test configurations before deployment with dry-runs
• Collaborate as a team on infrastructure designs with annotations and comments

Kanvas is the Docker Desktop extension for Meshery, bringing these capabilities directly into the interface developers use every day.

How the Compose → Kubernetes conversion works

The Kanvas workflow rests on two complementary modes that cover an application's entire lifecycle.

Designer mode: from Compose to a Kubernetes design

When you import a docker-compose.yml file into Kanvas, the tool analyzes each service and converts it into equivalent Kubernetes components through Meshery Models. These models are not plain YAML templates: they are semantic definitions that understand the properties and behaviors of cloud resources.

For example, a Compose service with ports: ["80:80"] automatically becomes:

• A Kubernetes Deployment with pod specifications
• A Service of type LoadBalancer or ClusterIP depending on context
• ConfigMaps for environment variables
• PersistentVolumeClaims for named volumes

The visual interface then displays your architecture as an interactive diagram where each component can be modified, connected to other resources, or enriched with annotations. You immediately see data flows, dependencies between services, and potential points of failure.

# Installing the Kanvas extension
docker extension install layer5/kanvas-docker-extension

# Importing an existing Compose file
# Via the Docker Desktop interface > Extensions > Kanvas
# Import → Select docker-compose.yml → View Design

Operator mode: production deployment and management

Once the design is validated, Operator mode takes over to actually deploy to Kubernetes. Unlike a plain kubectl apply, Kanvas uses Kubernetes controllers to actively manage your infrastructure.

You can:

• Run a dry-run to validate the configuration without touching the cluster
• Roll out progressively with automatic canary releases
• Monitor pods, logs and metrics in real time from the visual interface
• Open interactive shells inside containers for debugging
• Share troubleshooting sessions with your team in real time

All of this without writing a single line of YAML by hand. The generated manifests are versioned in a GitHub repository, ensuring traceability and the ability to roll back.

A practical example: migrating a WordPress stack

Let's take a concrete case: a WordPress application with MariaDB and a persistent volume.

# original docker-compose.yml
version: '3.8'
services:
  wordpress:
    image: wordpress:6.4-fpm
    restart: always
    ports:
      - "9000:9000"
    environment:
      WORDPRESS_DB_HOST: db
      WORDPRESS_DB_USER: wpuser
      WORDPRESS_DB_PASSWORD: secret123
      WORDPRESS_DB_NAME: wordpress
    volumes:
      - wp_data:/var/www/html
    depends_on:
      - db

  db:
    image: mariadb:11.2
    restart: always
    environment:
      MYSQL_DATABASE: wordpress
      MYSQL_USER: wpuser
      MYSQL_PASSWORD: secret123
      MYSQL_RANDOM_ROOT_PASSWORD: '1'
    volumes:
      - db_data:/var/lib/mysql

volumes:
  wp_data:
  db_data:

After importing into Kanvas, the tool automatically generates:

# Excerpt from the WordPress Deployment generated by Kanvas
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wordpress
  labels:
    app: wordpress
    managed-by: kanvas
spec:
  replicas: 1
  selector:
    matchLabels:
      app: wordpress
  template:
    metadata:
      labels:
        app: wordpress
    spec:
      containers:
      - name: wordpress
        image: wordpress:6.4-fpm
        ports:
        - containerPort: 9000
        env:
        - name: WORDPRESS_DB_HOST
          value: db
        - name: WORDPRESS_DB_USER
          valueFrom:
            secretKeyRef:
              name: wordpress-secrets
              key: db-user
        - name: WORDPRESS_DB_PASSWORD
          valueFrom:
            secretKeyRef:
              name: wordpress-secrets
              key: db-password
        volumeMounts:
        - name: wp-data
          mountPath: /var/www/html
      volumes:
      - name: wp-data
        persistentVolumeClaim:
          claimName: wp-data-pvc

Notice that Kanvas automatically detected the sensitive credentials and moved them into a Kubernetes Secret rather than leaving them in plain text in the environment variables. It also created the necessary PersistentVolumeClaims with the right claims.

Bonus: the visual interface immediately shows you that WordPress depends on the database, with an arrow connecting the two pods and an annotation noting that WordPress's health check waits for MariaDB to be Ready.

Kanvas vs Helm vs Kustomize: the Kubernetes showdown

The legitimate question: why Kanvas when Helm has dominated the market for years and Kustomize is natively integrated into kubectl?

Helm: the complexity of templating

Helm uses the Go template engine with its {{ .Values.image.tag }} syntax, which quickly becomes unreadable. A simple Helm Chart requires at least 5 files: Chart.yaml, values.yaml, and several templates. The learning curve is steep, and debugging a templating error is often a nightmare.

Kanvas eliminates this complexity entirely: you work on visual designs, and the manifests are generated with best practices baked in (Secrets for credentials, consistent labels, configured health checks).

Kustomize: overlays that pile up

Kustomize takes a declarative approach with overlays and JSON patches that modify base manifests. It's simpler than Helm, but maintaining multiple environments (dev, staging, prod) means juggling bases and overlays that end up overlapping.

Kanvas handles environments differently: each design can have several variants (dev with 1 replica, prod with 5 replicas and autoscaling) viewable side by side. The differences are explicit in the interface, not buried in YAML patches.

Kanvas: Infrastructure as Design

Where Helm and Kustomize remain centered on YAML, Kanvas introduces the concept of Infrastructure as Design. Your source of truth is no longer a text file, but a versioned visual blueprint that can export to Kubernetes, Terraform, Pulumi, or even Crossplane.

The limits and realistic use cases of Kanvas

Kanvas isn't a silver bullet that replaces everything. Several limitations deserve to be highlighted.

Maturity and ecosystem

Helm benefits from thousands of ready-to-use community Charts (Prometheus, Grafana, databases, etc.). Kanvas is starting out in 2026 with a nascent ecosystem. For standard stacks, Helm remains faster to deploy.

On the other hand, for your own custom applications, Kanvas shines: no need to build a Chart from scratch, simply import your existing Compose file.

Advanced Kubernetes configurations

Very specific Kubernetes features (complex NetworkPolicies, PodSecurityPolicies, custom Admission Controllers) are not all exposed in the visual interface. You can edit the generated YAML, but that partially breaks the "Infrastructure as Design" model.

Kanvas targets the 80% of common use cases: deploying web applications, APIs, workers, databases. For the remaining 20% (advanced service mesh, complex multi-tenancy), deep Kubernetes expertise remains essential.

Dependency on Docker Desktop

Currently, Kanvas is distributed as a Docker Desktop extension, which limits its use to environments where Docker Desktop is installed. Teams using Docker via pure CLI on Linux or alternatives like Podman will have to wait for a standalone version or a Kanvas CLI.

Layer5 offers Meshery in cloud and self-hosted versions independently of Docker, but the tight integration with Compose is specific to the Docker Desktop extension.

When should you use Kanvas?

Kanvas excels in these scenarios:

• Compose → Kubernetes migration: you have a Compose stack that works in dev and you want to move it to prod on K8s without rewriting everything
• Rapid prototyping: testing a multi-service cloud-native architecture before coding the infrastructure
• Developer onboarding: juniors visually understand the dependencies between services without reading hundreds of lines of YAML
• Living documentation: the Kanvas design serves as always-up-to-date documentation of your infrastructure
• Multi-cloud: when you need to deploy on AWS EKS, Azure AKS and GCP GKE with consistent configurations

Avoid Kanvas if:

• You're deploying standard community Helm Charts (Prometheus, etc.): Helm remains more direct
• Your team already masters Kustomize and has well-oiled CI/CD pipelines: no need to switch
• You manage ultra-specific Kubernetes configurations requiring full control over the YAML

Integration with Terraform and GitOps

An often-overlooked aspect: Kanvas isn't limited to generating Kubernetes manifests. Through Meshery, it can export your designs to Terraform, Pulumi, or Crossplane, enabling a true Infrastructure as Code approach.

For example, a Kanvas design including an AWS RDS database, an EKS cluster, and Kubernetes applications can automatically generate the corresponding Terraform code. You version that code in Git, and your CI/CD pipeline (GitLab CI, GitHub Actions, Jenkins) applies it on every commit.

# Exporting the Kanvas design to Terraform
# Via the interface: Export → Terraform → Download

# Result: ready-to-use Terraform modules
terraform/
  ├── main.tf
  ├── variables.tf
  ├── outputs.tf
  ├── modules/
  │   ├── eks-cluster/
  │   ├── rds-database/
  │   └── kubernetes-apps/

This capability positions Kanvas as an infrastructure design tool rather than a simple Compose converter. You design visually, validate with the team, then automate deployment through GitOps.

Field report: migrating a Node.js + Redis app

To test Kanvas under real conditions, I migrated a Node.js API with Redis and Nginx as a reverse proxy. The initial Compose file was 45 lines with custom health checks and Docker secrets.

Timings:

• Installing Kanvas: 2 minutes (docker extension install)
• Importing the Compose file: 30 seconds (drag and drop into the interface)
• Visual adjustments: 10 minutes (adding labels, configuring CPU/RAM resources, enabling autoscaling on the Node.js pod)
• Dry-run and validation: 5 minutes (automatic detection of a misconfigured secret)
• Deploying to a test cluster: 3 minutes

Total: 20 minutes for a complete migration, versus the usual 3-4 hours spent writing the manifests by hand and debugging YAML indentation errors.

The most significant gain: the immediate visualization of dependencies. Kanvas detected that Nginx waited for Node.js to be ready via a depends_on, and automatically configured a Kubernetes initContainer to guarantee the startup order. A detail that would have taken me 30 minutes to implement by hand.

The future of Kanvas and the CNCF ecosystem

With Docker's backing and Meshery's velocity within the CNCF, Kanvas is well positioned to become a de facto standard for Compose → Kubernetes migrations. Layer5 has announced a roadmap that includes:

• Support for importing Helm Charts (converting a Chart into a visual design)
• Built-in security templates (NetworkPolicies, Pod Security Standards)
• Artificial intelligence to suggest architecture optimizations (detecting single points of failure, resilience recommendations)
• A marketplace of community designs (the equivalent of Docker Hub for infrastructure blueprints)

The underlying trend is clear: infrastructure is becoming increasingly abstract and visual. Kanvas fits into this evolution alongside tools like Backstage (developer portals) or Crossplane (universal control planes).

For DevOps and Platform Engineering teams, this means less time spent writing repetitive YAML, and more time on designing resilient, high-performance architectures. A promise that, if kept, could genuinely shake up the Kubernetes landscape that Helm has dominated since 2016.

Frequently asked questions (FAQ)

Does Kanvas completely replace Helm and Kustomize?

No. Kanvas is complementary for Compose → Kubernetes migration use cases and visual infrastructure design. Helm remains superior for deploying third-party applications via community Charts, and Kustomize is better suited for simple overlays on existing manifests. Kanvas shines on custom applications where you start from scratch or from a Compose file.

Can you use Kanvas without Docker Desktop?

Currently, the Kanvas extension requires Docker Desktop. However, Meshery (the underlying platform) exists in a standalone version accessible through a web browser. You can install Meshery on a Kubernetes cluster or locally with Docker Compose, and get the same features without Docker Desktop. The difference: no direct integration with your local Docker images.

Are the manifests generated by Kanvas editable?

Yes, completely. Kanvas exports standard YAML manifests that you can edit by hand. However, if you modify the YAML and then re-import it into Kanvas, some changes may be lost if they don't match the Meshery Models. The recommended approach: make adjustments in the visual interface when possible, and edit the YAML only for edge cases.

Does Kanvas handle secrets and sensitive data correctly?

Yes. Kanvas automatically detects environment variables containing secret patterns (PASSWORD, TOKEN, KEY, SECRET) and converts them into Kubernetes Secrets rather than ConfigMaps. You can also manually mark values as sensitive in the interface. That said, Kanvas does not encrypt secrets: you need to use solutions like Sealed Secrets, External Secrets Operator, or an external vault.

What does Kanvas cost?

The Docker Kanvas extension is free and open source. Meshery, the underlying platform, exists in a Community version (free) and an Enterprise version (paid, with support, advanced RBAC, audit logs). For most developers and small teams, the free version is more than enough. The Enterprise version targets large organizations requiring governance and compliance.

Does Kanvas work with on-premise Kubernetes clusters?

Absolutely. Kanvas connects to any Kubernetes cluster via a standard kubeconfig. Whether it's EKS, GKE, AKS, Rancher, OpenShift, or a bare-metal cluster installed with kubeadm, if you have a working kubectl context, Kanvas can deploy to it. There is no dependency on a specific cloud provider.

How does Kanvas handle updates to already-deployed applications?

Kanvas uses standard Kubernetes mechanisms (rolling updates, recreate strategy). You modify your design (changing an image version, adding an environment variable), then click "Apply". Kanvas computes the diff between the current state and the desired state, and applies only the necessary changes. You can configure deployment strategies (canary, blue-green) directly in the interface.

Can you integrate Kanvas into a CI/CD pipeline?

Yes, via the Meshery API. You can export a Kanvas design as JSON, version it in Git, and trigger its deployment via API calls in your GitLab CI, GitHub Actions, or Jenkins pipeline. Meshery also provides a CLI (mesheryctl) that lets you automate design imports, validations, and deployments from your CI/CD scripts.

Conclusion: does Kanvas mark a turning point for Kubernetes?

Docker Kanvas arrives at a pivotal moment when Kubernetes, despite its dominance, suffers from a complexity that has become proverbial. Developers want the power of K8s without the vertical learning curve. Kanvas offers an elegant answer: keep the simplicity of Docker Compose for development, while automatically generating production-ready Kubernetes configurations.

The Infrastructure as Design approach, combined with the velocity of the Meshery project within the CNCF, gives Kanvas a competitive edge against Helm and Kustomize. The latter will remain dominant for the use cases where they excel (community Charts, simple overlays), but Kanvas opens a new path for teams that prioritize productivity and visual collaboration above all.

Docker's bet is clear: in 2026, infrastructure should no longer be a matter of cryptic YAML files, but of collaborative visual designs that the whole team can understand and modify. If Kanvas keeps its promises and the ecosystem grows, we could witness a paradigm shift as significant as the arrival of Docker itself in 2013.

For now, one thing is certain: if you're migrating an application from Compose to Kubernetes, trying Kanvas will save you precious hours. And that's already a win.

Sources:

• Compose to Kubernetes to Cloud With Kanvas | Docker
• Docker Kanvas Challenges Helm and Kustomize for Kubernetes Dominance - InfoQ
• Docker Extension for Meshery - Layer5
• Kanvas Documentation | Layer5
• Meshery - The Kubernetes and Cloud Native Manager