Skip to main content
Version: v0.31 Stable

Experimental

Enterprise
Available in these plansFreeDevProdScale
Generic Sync
Isolated Control Plane
warning

The following features are experimental. They might have breaking changes or be deprecated.

Experimental features​

vCluster provides several experimental features that extend its capabilities:

Available features​

Configure experimental features​

Experimental features are configured under the experimental section of your vCluster configuration. These features might change between releases, so use them with caution in production environments.

Config reference​

experimental required object ​

Experimental features for vCluster. Configuration here might change, so be careful with this.

deploy required object ​

Deploy allows you to configure manifests and Helm charts to deploy within the host or virtual cluster.

host required object ​

Host defines what manifests to deploy into the host cluster

manifests required string ​

Manifests are raw Kubernetes manifests that should get applied within the host cluster.

manifestsTemplate required string ​

ManifestsTemplate is a Kubernetes manifest template that will be rendered with vCluster values before applying it within the host cluster.

vcluster required object ​

VCluster defines what manifests and charts to deploy into the vCluster

manifests required string ​

Manifests are raw Kubernetes manifests that should get applied within the virtual cluster.

manifestsTemplate required string ​

ManifestsTemplate is a Kubernetes manifest template that will be rendered with vCluster values before applying it within the virtual cluster.

helm required object[] ​

Helm are Helm charts that should get deployed into the virtual cluster

chart required object ​

Chart defines what chart should get deployed.

name required string ​
repo required string ​
insecure required boolean ​
version required string ​
username required string ​
password required string ​
release required object ​

Release defines what release should get deployed.

name required string ​

Name of the release

namespace required string ​

Namespace of the release

values required string ​

Values defines what values should get used.

timeout required string ​

Timeout defines the timeout for Helm

bundle required string ​

Bundle allows to compress the Helm chart and specify this instead of an online chart

syncSettings required object ​

SyncSettings are advanced settings for the syncer controller.

setOwner required boolean true ​

SetOwner specifies if vCluster should set an owner reference on the synced objects to the vCluster service. This allows for easy garbage collection.

hostMetricsBindAddress required string ​

HostMetricsBindAddress is the bind address for the local manager

virtualMetricsBindAddress required string ​

VirtualMetricsBindAddress is the bind address for the virtual manager

virtualClusterKubeConfig required object ​

VirtualClusterKubeConfig allows you to override distro specifics and specify where vCluster will find the required certificates and vCluster config. Deprecated: Removed in 0.29.0.

kubeConfig required string ​

KubeConfig is the virtual cluster kubeconfig path.

serverCAKey required string ​

ServerCAKey is the server ca key path.

serverCACert required string ​

ServerCAKey is the server ca cert path.

clientCACert required string ​

ServerCAKey is the client ca cert path.

requestHeaderCACert required string ​

RequestHeaderCACert is the request header ca cert path.

denyProxyRequests required object[] ​

DenyProxyRequests denies certain requests in the vCluster proxy.

name required string ​

The name of the check.

namespaces required string[] ​

Namespace describe a list of namespaces that will be affected by the check. An empty list means that all namespaces will be affected. In case of ClusterScoped rules, only the Namespace resource is affected.

rules required object[] ​

Rules describes on which verbs and on what resources/subresources the webhook is enforced. The webhook is enforced if it matches any Rule. The version of the request must match the rule version exactly. Equivalent matching is not supported.

apiGroups required string[] ​

APIGroups is the API groups the resources belong to. '*' is all groups.

apiVersions required string[] ​

APIVersions is the API versions the resources belong to. '*' is all versions.

resources required string[] ​

Resources is a list of resources this rule applies to.

scope required string ​

Scope specifies the scope of this rule.

operations required string[] ​

Verb is the kube verb associated with the request for API requests, not the http verb. This includes things like list and watch. For non-resource requests, this is the lowercase http verb. If '*' is present, the length of the slice must be one.

excludedUsers required string[] ​

ExcludedUsers describe a list of users for which the checks will be skipped. Impersonation attempts on these users will still be subjected to the checks.

proxy required object ​

Proxy enables vCluster-to-vCluster proxying of resources

customResources required {key: object} ​

CustomResources is a map of resource keys (format: "kind.apiGroup/version") to proxy configuration

enabled required boolean ​

Enabled defines if this resource proxy should be enabled

targetVirtualCluster required object ​

TargetVirtualCluster is the target virtual cluster for the custom resource proxy

name required string ​

Name is the name of the target virtual cluster.

project required string ​

Project is the project of the target virtual cluster. If empty, defaults to the same project as the source vCluster.

accessResources required string ​

AccessResources defines which resources should be accessible in the proxy.

docker required object ​

Docker allows you to configure Docker related settings when deploying a vCluster using Docker.

image required string ​

Image defines the image to use for the container. Defaults to ghcr.io/loft-sh/vm-container.

ports required string[] ​

Ports defines extra port mappings to be added to the container.

volumes required string[] ​

Volumes defines extra volumes to be added to the container.

env required string[] ​

Env defines extra environment variables to be added to the container. Use key=value.

args required string[] ​

Args defines extra arguments to be added to the docker run command of the container.

enabled required boolean ​

Enabled defines if the vCluster was deployed using Docker. This is automatically set by vCluster and should not be set by the user.

network required string ​

Network defines the network to use for the vCluster. If not specified, the a network will be created for the vCluster.

nodes required object[] ​

Nodes defines the nodes of the vCluster.

image required string ​

Image defines the image to use for the container. Defaults to ghcr.io/loft-sh/vm-container.

ports required string[] ​

Ports defines extra port mappings to be added to the container.

volumes required string[] ​

Volumes defines extra volumes to be added to the container.

env required string[] ​

Env defines extra environment variables to be added to the container. Use key=value.

args required string[] ​

Args defines extra arguments to be added to the docker run command of the container.

name required string ​

Name defines the name of the node. If not specified, a random name will be generated.

registryProxy required object ​

Defines if docker images should be pulled from the host docker daemon. This prevents pulling images again and allows to use purely local images. Only works if containerd image storage is used. For more information, see https://docs.docker.com/engine/storage/containerd

enabled required boolean true ​

Enabled defines if this option should be enabled.

loadBalancer required object ​

Defines if vCluster should configure load balancer services inside the vCluster. This might require sudo access on the host cluster for docker desktop or rancher desktop on macos.

enabled required boolean true ​

Enabled defines if this option should be enabled.

forwardPorts required boolean true ​

ForwardPorts defines if the load balancer ips should be made available locally via port forwarding. This will be only done if necessary for example on macos when using docker desktop.