Ingress Traffic

Ingress Controller Traffic

The vCluster has the option to enable Ingress resources synchronization. That means that you can create an ingress in a vCluster to make a service in this vCluster available via a hostname/domain. However, instead of having to run a separate ingress controller in each vCluster, the ingress resource will be synchronized to the underlying cluster (when enabled) which means that the vCluster can use a shared ingress controller that is running in the host cluster. This helps to share resources across different vClusters and is easier for users of vClusters because otherwise, they would need to install an ingress controller and manually configure DNS for each vCluster.

info

Before the v0.12.0 release of vCluster, the Ingress synchronization was enabled by default.

Enable Ingress Sync

If you want to use an ingress controller from the underlying cluster by synchronizing the Ingress resources, set the following in your values.yaml:

sync:
  ingresses:
    enabled: true

then create or upgrade the vCluster with:

vcluster create my-vcluster --upgrade -f values.yaml

SSL Certificates

Because the syncer keeps typical SSL provisioning related annotations for ingresses, you may also set the cert-manager ingress annotations on an ingress in your vClusters to use the cert-manager of the underlying host cluster to automatically provision SSL certificates from Let's Encrypt.

Ingress Controller Traffic​

Enable Ingress Sync​

SSL Certificates​

Ingress Controller Traffic

Enable Ingress Sync

SSL Certificates