Skip to main content

Experimental

Enterprise
Available in these plansFreeDevProdScale
Generic Sync
Isolated Control PlaneAdd-OnAdd-OnAdd-On
warning

The following features are experimental. They might have breaking changes or be deprecated.

Experimental features

vCluster provides several experimental features that extend its capabilities:

Available features

Configure experimental features

Experimental features are configured under the experimental section of your vCluster configuration. These features might change between releases, so use them with caution in production environments.

Config reference

experimental required object

Experimental features for vCluster. Configuration here might change, so be careful with this.

deploy required object

Deploy allows you to configure manifests and Helm charts to deploy within the host or virtual cluster.

host required object

Host defines what manifests to deploy into the host cluster

manifests required string

Manifests are raw Kubernetes manifests that should get applied within the host cluster.

manifestsTemplate required string

ManifestsTemplate is a Kubernetes manifest template that will be rendered with vCluster values before applying it within the host cluster.

vcluster required object

VCluster defines what manifests and charts to deploy into the vCluster

manifests required string

Manifests are raw Kubernetes manifests that should get applied within the virtual cluster.

manifestsTemplate required string

ManifestsTemplate is a Kubernetes manifest template that will be rendered with vCluster values before applying it within the virtual cluster.

helm required object[]

Helm are Helm charts that should get deployed into the virtual cluster

chart required object

Chart defines what chart should get deployed.

name required string
repo required string
insecure required boolean
version required string
username required string
password required string
release required object

Release defines what release should get deployed.

name required string

Name of the release

namespace required string

Namespace of the release

values required string

Values defines what values should get used.

timeout required string

Timeout defines the timeout for Helm

bundle required string

Bundle allows to compress the Helm chart and specify this instead of an online chart

syncSettings required object

SyncSettings are advanced settings for the syncer controller.

setOwner required boolean true

SetOwner specifies if vCluster should set an owner reference on the synced objects to the vCluster service. This allows for easy garbage collection.

hostMetricsBindAddress required string

HostMetricsBindAddress is the bind address for the local manager

virtualMetricsBindAddress required string

VirtualMetricsBindAddress is the bind address for the virtual manager

virtualClusterKubeConfig required object

VirtualClusterKubeConfig allows you to override distro specifics and specify where vCluster will find the required certificates and vCluster config. Deprecated: Removed in 0.29.0.

kubeConfig required string

KubeConfig is the virtual cluster kubeconfig path.

serverCAKey required string

ServerCAKey is the server ca key path.

serverCACert required string

ServerCAKey is the server ca cert path.

clientCACert required string

ServerCAKey is the client ca cert path.

requestHeaderCACert required string

RequestHeaderCACert is the request header ca cert path.

denyProxyRequests required object[]

DenyProxyRequests denies certain requests in the vCluster proxy.

name required string

The name of the check.

namespaces required string[]

Namespace describe a list of namespaces that will be affected by the check. An empty list means that all namespaces will be affected. In case of ClusterScoped rules, only the Namespace resource is affected.

rules required object[]

Rules describes on which verbs and on what resources/subresources the webhook is enforced. The webhook is enforced if it matches any Rule. The version of the request must match the rule version exactly. Equivalent matching is not supported.

apiGroups required string[]

APIGroups is the API groups the resources belong to. '*' is all groups.

apiVersions required string[]

APIVersions is the API versions the resources belong to. '*' is all versions.

resources required string[]

Resources is a list of resources this rule applies to.

scope required string

Scope specifies the scope of this rule.

operations required string[]

Verb is the kube verb associated with the request for API requests, not the http verb. This includes things like list and watch. For non-resource requests, this is the lowercase http verb. If '*' is present, the length of the slice must be one.

excludedUsers required string[]

ExcludedUsers describe a list of users for which the checks will be skipped. Impersonation attempts on these users will still be subjected to the checks.

proxy required object

Proxy enables vCluster-to-vCluster proxying of resources

customResources required {key: object}

CustomResources is a map of resource keys (format: "kind.apiGroup/version") to proxy configuration

enabled required boolean

Enabled defines if this resource proxy should be enabled

targetVirtualCluster required object

TargetVirtualCluster is the target virtual cluster for the custom resource proxy

name required string

Name is the name of the target virtual cluster.

project required string

Project is the project of the target virtual cluster. If empty, defaults to the same project as the source vCluster.

accessResources required string

AccessResources defines which resources should be accessible in the proxy.

docker required object

Docker allows you to configure Docker related settings when deploying a vCluster using Docker.

image required string

Image defines the image to use for the container. Defaults to ghcr.io/loft-sh/vm-container.

ports required string[]

Ports defines extra port mappings to be added to the container.

volumes required string[]

Volumes defines extra volumes to be added to the container.

env required string[]

Env defines extra environment variables to be added to the container. Use key=value.

args required string[]

Args defines extra arguments to be added to the docker run command of the container.

enabled required boolean

Enabled defines if the vCluster was deployed using Docker. This is automatically set by vCluster and should not be set by the user.

network required string

Network defines the network to use for the vCluster. If not specified, the a network will be created for the vCluster.

nodes required object[]

Nodes defines the nodes of the vCluster.

image required string

Image defines the image to use for the container. Defaults to ghcr.io/loft-sh/vm-container.

ports required string[]

Ports defines extra port mappings to be added to the container.

volumes required string[]

Volumes defines extra volumes to be added to the container.

env required string[]

Env defines extra environment variables to be added to the container. Use key=value.

args required string[]

Args defines extra arguments to be added to the docker run command of the container.

name required string

Name defines the name of the node. If not specified, a random name will be generated.

registryProxy required object

Defines if docker images should be pulled from the host docker daemon. This prevents pulling images again and allows to use purely local images. Only works if containerd image storage is used. For more information, see https://docs.docker.com/engine/storage/containerd

enabled required boolean true

Enabled defines if this option should be enabled.

loadBalancer required object

Defines if vCluster should configure load balancer services inside the vCluster. This might require sudo access on the host cluster for docker desktop or rancher desktop on macos.

enabled required boolean true

Enabled defines if this option should be enabled.

forwardPorts required boolean true

ForwardPorts defines if the load balancer ips should be made available locally via port forwarding. This will be only done if necessary for example on macos when using docker desktop.