Nodes
By default, vCluster will create fake nodes for every pod spec.nodeName
it encounters within the virtual cluster. Those fake nodes are created because vCluster has no RBAC permissions by default to view the real nodes in the host cluster, as this would need a cluster role and cluster role binding. It will also create a fake kubelet endpoint for each node that will forward requests to the actual node or rewrite them to preserve virtual cluster names.
Node Syncing Modes
vCluster supports multiple modes to customize node syncing behaviour:
- Fake Nodes (default): vCluster will create fake nodes for each
spec.nodeName
. If there are no more pods on a node, the fake node will be deleted (no cluster role for vCluster is needed) - Real Nodes : vCluster will copy and sync real nodes information for each
spec.nodeName
. If there are no more pods on a node within vCluster, the virtual cluster node will be deleted. This mode requires helm value.sync.nodes.enabled: true
, as described below. - Real Nodes All : vCluster will always sync all nodes from the host cluster to the vCluster, no matter where pods are running. This is useful if you want to use DaemonSets within the vCluster. This mode requires following helm values:
.sync.nodes.enabled: true
and.sync.nodes.syncAllNodes: true
. - Real Nodes Label Selector vCluster will only sync nodes that match the given label selector. This mode requires following helm values:
.sync.nodes.enabled: true
and.sync.nodes.nodeSelector: "label1=value1"
. You can also specify--enforce-node-selector
to enforce scheduling only on these nodes. - Real Nodes + Label Selector vCluster will sync nodes that match the given label selector as well as the real nodes information for each
spec.nodeName
. This mode requires following helm values:.sync.nodes.enabled: true
and.sync.nodes.nodeSelector: "label1=value1"
and the flag--enforce-node-selector=false
.
To set the .sync.nodes.enabled: true
helm value add the following to your values.yaml
file:
sync:
nodes:
enabled: true
Then you can create the vCluster with:
vcluster create my-vcluster -f values.yaml
If you want to use DaemonSets within vCluster, we recommend to either use the Real Nodes All or Real Nodes Label Selector option, as this will hard delete the nodes that are not there anymore from vCluster. If you are using fake nodes or just the used real nodes option, daemon sets will essentially never let vCluster delete an unused node as it will always be occupied by a daemon set pod.
Example Sync All Nodes
For example, if you want to create a vCluster that syncs all nodes from the host cluster, you can create a file values.yaml
:
sync:
nodes:
enabled: true
syncAllNodes: true
Then you can create the vCluster with:
vcluster create my-vcluster -f values.yaml