Version: v0.27

Sync

Limited vCluster Tenancy Configuration Support

This feature is only available when using the following worker node types:

Host Nodes

How does syncing work?

Since a virtual cluster does not have actual worker nodes or a network, syncing is the process where vCluster copies a resource between the virtual cluster and the host cluster. It's the basic principle that vCluster uses to emulate a fully functional Kubernetes cluster.

By default, vCluster only syncs low-level resources, such as pods, secrets, configmaps, or services, but a user can enable many other resources for all use cases. vCluster control plane runs with a minimal set of RBAC permissions to allow execution in restricted environments. Certain resources require extra permissions to sync, which are automatically given to the vCluster ServiceAccount if you enable a resource that requires additional permissions.

All fields of a resources are synced from either the virtual cluster to the host cluster or the inverse (i.e. from the host cluster to the virtual cluster). The direction on how the sync of the resources is based on what section the resource is part of in the vcluster.yaml. There are a few exceptions for each resource where specific fields are kept in sync in both directions (i.e. bi-directional sync).

If the resource is being asked to sync from the virtual cluster to the host cluster, vCluster copies the resources from the vCluster and sends it to the host cluster to be created. There are a couple of additional labels added to the host cluster resource object for vCluster to keep it in sync. The syncer starts watching for changes to the resource on either side. When the resource is updated in the virtual cluster, the syncer copies those changes in host cluster.

Syncing will overwrite resources

When you enable a sync, the syncer will usually copy changes in one direction. For example, if you are syncing pods from the virtual cluster to the host cluster, when changes are made to one of the pods in the host cluster, those fields are overwritten when the sync occurs. There are a couple of fields that are exceptions that are supported due to bi-directional sync.

If the resource is being asked to sync from the host cluster to the virtual cluster, as soon as that resource is created in the host cluster, vCluster copies it to the virtual cluster. Any changes to the resource in the host cluster are automatically applied to the resource in the virtual cluster.

When syncing resources, vCluster stores the mapping of the VIRTUAL NAME <-> HOST NAME for the actual resource, and the references of the other resources used by this resource. Tracking references helps the vCluster to understand what resources are still needed in the host cluster. This important for secrets and configmaps because by default only the secrets and configmaps used by pods are actually synced to the host cluster.

Assume you've started your vCluster with ingress syncing to the host enabled.

sync:
  toHost:
    ingresses:
      enabled: true

After the virtual cluster is up, the user creates an ingress in the virtual cluster.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx
spec:
  tls:
  - hosts:
      - https-example.foo.com
    secretName: testsecret-tls
  rules:
  - http:
      paths:
      - path: /
        pathType: ImplementationSpecific
        backend:
          service:
            name: nginx
            port:
              number: 80

When vCluster copies the ingress to the host cluster, the vCluster creates an ingress in the namespace of the virtual cluster with the following changes:

Name Rewritten: vCluster rewrites the name of the resource to avoid conflicts in the host cluster. The name is rewritten in the form of NAME-x-NAMESPACE-x-VCLUSTER_NAME
Namespace Rewritten: vCluster rewrites the namespace of the resource to sync everything into the namespace of the deployed virtual cluster control plane.
Annotations / Labels Added: vCluster adds annotations and labels to identify the resource in the host cluster, which are pre-fixed with vcluster.loft.sh/.
References Rewritten: vCluster rewrites the spec.rules[*].http.paths[*].backend.service.name and spec.tls[*].secretName to match the rewritten names of the resources in the host cluster.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    vcluster.loft.sh/object-host-name: nginx-x-default-x-vcluster
    vcluster.loft.sh/object-host-namespace: vcluster
    vcluster.loft.sh/object-kind: networking.k8s.io/v1, Kind=Ingress
    vcluster.loft.sh/object-name: nginx
    vcluster.loft.sh/object-namespace: default
    vcluster.loft.sh/object-uid: bb8bea39-8c0c-4295-8616-6a20b3b1900a
  labels:
    vcluster.loft.sh/managed-by: vcluster
    vcluster.loft.sh/namespace: default
  name: nginx-x-default-x-vcluster
  namespace: vcluster
spec:
  rules:
  - http:
      paths:
      - backend:
          service:
            name: nginx-x-default-x-vcluster
            port:
              number: 80
        path: /
        pathType: ImplementationSpecific
  tls:
  - hosts:
    - https-example.foo.com
    secretName: testsecret-tls-x-default-x-vcluster

Syncing labels to the host cluster

When syncing labels to the host cluster, vCluster rewrites the following labels to avoid conflicts:

release - This label must be rewritten when pods are synced to the single namespace where the vCluster control plane pod is running, but not rewritten when the pod is synced in a namespace that is synced from the virtual cluster to the host cluster.
vcluster.loft.sh/namespace
vcluster.loft.sh/managed-by
vcluster.loft.sh/controlled-by

Resources available to sync from virtual cluster to host cluster

vCluster syncs specific Kubernetes resources from the virtual cluster to the host cluster. These resources are expected to be created and updated within the virtual cluster. In addition to standard Kubernetes resources, custom resources can also be synced if configured.

Enabled by default

The following resources are synced by default.

Disabled by default

The following resources are not synced by default. You can explicitly enable them in your vcluster.yaml configuration.

Bidirectional syncing

For all resources synced from the virtual cluster to the host cluster, metadata.labels and metadata.annotations are synchronized in both directions. This means changes made in the virtual cluster are reflected in the host cluster, and changes made in the host cluster are also reflected in the virtual cluster.

vCluster specific Labels

Any labels prefixed with vcluster.loft.sh on the host resources should not be updated by the user. These labels are managed by the vCluster control plane to track resources and prevent conflicts.

Additional fields that support bidirectional sync

All metadata.labels and metadata.annotations are bidirectionally synced for resources synced from the virtual cluster to the host cluster.
In addition to these fields, vCluster also supports bidirectional syncing for the following resource-specific fields:

Resource	Fields
Pods	`status.conditions`
Secrets	`spec.data` `type`
ConfigMaps	`spec.data` `spec.binaryData`
Services	`spec.externalIPs` `spec.loadBalancerIP` `spec.ports` `spec.publishNotReadyAddresses` `spec.type` `spec.externalName` `spec.externalTrafficPolicy` `spec.sessionAffinity` `spec.sessionAffinityConfig` `spec.loadBalancerSourceRanges` `spec.healthCheckNodePort` `spec.selector`
Ingresses	`spec.ingressClassName`
PersistentVolumes	`spec.persistentVolumeSource` `spec.capacity` `spec.accessModes` `spec.persistentVolumeReclaimPolicy` `spec.nodeAffinity` `spec.volumeMode` `spec.mountOptions`
StorageClass	`spec.provisioner` `spec.parameters` `spec.reclaimPolicy` `spec.mountOptions` `spec.allowVolumeExpansion` `spec.volumeBindingMode` `spec.allowedTopologies`

Resources available to sync from host cluster to virtual cluster

vCluster can sync certain resources from the host cluster to make them available inside the virtual cluster, but when these resources are synced, they are only synced in read-only mode. No changes to the resource in the virtual cluster syncs back to the host cluster as the resources are shared across the host cluster.

A good example would be nodes, which are nice to view inside the virtual cluster and can be also used to enabled certain features such as scheduling inside the vCluster, but you wouldn't want your virtual cluster to change the node itself. Another benefit of only syncing from host is that vCluster itself only requires read-only RBAC permissions.

vCluster also allows to sync custom resources via the custom resource definitions syncer

There are a couple of labels that are created on the host cluster by vCluster that never get synced to the virtual cluster resource. These labels are:

release (Label is needed to avoid conflicts with the vCluster pods themselves).
vcluster.loft.sh/namespace
vcluster.loft.sh/managed-by
vcluster.loft.sh/controlled-by

Enabled by default

Events

Disabled by default

No bi-directional syncing

Since syncing resources from the host cluster is in read only mode and changes in the virtual cluster do not get applied to the resource in the host cluster, bi-directional syncing does not exist across these resources.

Config reference

`sync` required object

Sync describes how to sync resources from the virtual cluster to host cluster and back.

`toHost` required object

Configure resources to sync from the virtual cluster to the host cluster.

`pods` required object

Pods defines if pods created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean true

Enabled defines if pod syncing should be enabled.

`translateImage` required object {}

TranslateImage maps an image to another image that should be used instead. For example this can be used to rewrite a certain image that is used within the virtual cluster to be another image on the host cluster

`enforceTolerations` required string[] []

EnforceTolerations will add the specified tolerations to all pods synced by the virtual cluster.

`useSecretsForSATokens` required boolean false

UseSecretsForSATokens will use secrets to save the generated service account tokens by virtual cluster instead of using a pod annotation.

`runtimeClassName` required string

RuntimeClassName is the runtime class to set for synced pods.

`priorityClassName` required string

PriorityClassName is the priority class to set for synced pods.

`rewriteHosts` required object

RewriteHosts is a special option needed to rewrite statefulset containers to allow the correct FQDN. virtual cluster will add a small container to each stateful set pod that will initially rewrite the /etc/hosts file to match the FQDN expected by the virtual cluster.

`enabled` required boolean true

Enabled specifies if rewriting stateful set pods should be enabled.

`initContainer` required object

InitContainer holds extra options for the init container used by vCluster to rewrite the FQDN for stateful set pods.

`image` required object

Image is the image virtual cluster should use to rewrite this FQDN.

`registry` required string mirror.gcr.io

Registry is the registry of the container image, e.g. my-registry.com or ghcr.io. This setting can be globally overridden via the controlPlane.advanced.defaultImageRegistry option. Empty means docker hub.

`repository` required string library/alpine

Repository is the repository of the container image, e.g. my-repo/my-image

`tag` required string 3.20

Tag is the tag of the container image, and is the default version.

`resources` required object

Resources are the resources that should be assigned to the init container for each stateful set init container.

`limits` required object map[cpu:30m memory:64Mi]

Limits are resource limits for the container

`requests` required object map[cpu:30m memory:64Mi]

Requests are minimal resources that will be consumed by the container

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`hybridScheduling` required object

HybridScheduling is used to enable and configure hybrid scheduling for pods in the virtual cluster.

`enabled` required boolean false

Enabled specifies if hybrid scheduling is enabled.

`hostSchedulers` required string[] []

HostSchedulers is a list of schedulers that are deployed on the host cluster.

`secrets` required object

Secrets defines if secrets created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean true

Enabled defines if this option should be enabled.

`all` required boolean false

All defines if all resources of that type should get synced or only the necessary ones that are needed.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`configMaps` required object

ConfigMaps defines if config maps created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean true

Enabled defines if this option should be enabled.

`all` required boolean false

All defines if all resources of that type should get synced or only the necessary ones that are needed.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`ingresses` required object

Ingresses defines if ingresses created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`services` required object

Services defines if services created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean true

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`endpoints` required object

Endpoints defines if endpoints created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean true

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`networkPolicies` required object

NetworkPolicies defines if network policies created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`persistentVolumeClaims` required object

PersistentVolumeClaims defines if persistent volume claims created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean true

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`persistentVolumes` required object

PersistentVolumes defines if persistent volumes created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`volumeSnapshots` required object

VolumeSnapshots defines if volume snapshots created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`volumeSnapshotContents` required object

VolumeSnapshotContents defines if volume snapshot contents created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`storageClasses` required object

StorageClasses defines if storage classes created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`serviceAccounts` required object

ServiceAccounts defines if service accounts created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`podDisruptionBudgets` required object

PodDisruptionBudgets defines if pod disruption budgets created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`priorityClasses` required object

PriorityClasses defines if priority classes created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`customResources` required {key: object}

CustomResources defines what custom resources should get synced from the virtual cluster to the host cluster. vCluster will copy the definition automatically from host cluster to virtual cluster on startup. vCluster will also automatically add any required RBAC permissions to the vCluster role for this to work.

`enabled` required boolean

Enabled defines if this option should be enabled.

`scope` required string

Scope defines the scope of the resource. If undefined, will use Namespaced. Currently only Namespaced is supported.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`namespaces` required object

Namespaces defines if namespaces created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`mappings` required object

Mappings for Namespace and Object

`byName` required object

ByName is a map of host-object-namespace/host-object-name: virtual-object-namespace/virtual-object-name. There are several wildcards supported:

To match all objects in host namespace and sync them to different namespace in vCluster: byName: "foo/": "foo-in-virtual/"
To match specific object in the host namespace and sync it to the same namespace with the same name: byName: "foo/my-object": "foo/my-object"
To match specific object in the host namespace and sync it to the same namespace with different name: byName: "foo/my-object": "foo/my-virtual-object"
To match all objects in the vCluster host namespace and sync them to a different namespace in vCluster: byName: "": "my-virtual-namespace/*"
To match specific objects in the vCluster host namespace and sync them to a different namespace in vCluster: byName: "/my-object": "my-virtual-namespace/my-object"

`mappingsOnly` required boolean false

MappingsOnly defines if creation of namespaces not matched by mappings should be allowed.

`extraLabels` required object

ExtraLabels are additional labels to add to the namespace in the host cluster.

`fromHost` required object

Configure what resources vCluster should sync from the host cluster to the virtual cluster.

`nodes` required object

Nodes defines if nodes should get synced from the host cluster to the virtual cluster, but not back.

`enabled` required boolean false

Enabled specifies if syncing real nodes should be enabled. If this is disabled, vCluster will create fake nodes instead.

`syncBackChanges` required boolean false

SyncBackChanges enables syncing labels and taints from the virtual cluster to the host cluster. If this is enabled someone within the virtual cluster will be able to change the labels and taints of the host cluster node.

`clearImageStatus` required boolean false

ClearImageStatus will erase the image status when syncing a node. This allows to hide images that are pulled by the node.

`selector` required object

Selector can be used to define more granular what nodes should get synced from the host cluster to the virtual cluster.

`all` required boolean false

All specifies if all nodes should get synced by vCluster from the host to the virtual cluster or only the ones where pods are assigned to.

`labels` required object {}

Labels are the node labels used to sync nodes from host cluster to virtual cluster. This will also set the node selector when syncing a pod from virtual cluster to host cluster to the same value.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`events` required object

Events defines if events should get synced from the host cluster to the virtual cluster, but not back.

`enabled` required boolean true

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`ingressClasses` required object

IngressClasses defines if ingress classes should get synced from the host cluster to the virtual cluster, but not back.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`selector` required object

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

`matchLabels` required object

`matchExpressions` required object[]

`key` required string

`operator` required string

`values` required string[]

`runtimeClasses` required object

RuntimeClasses defines if runtime classes should get synced from the host cluster to the virtual cluster, but not back.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`selector` required object

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

`matchLabels` required object

`matchExpressions` required object[]

`key` required string

`operator` required string

`values` required string[]

`priorityClasses` required object

PriorityClasses defines if priority classes classes should get synced from the host cluster to the virtual cluster, but not back.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`selector` required object

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

`matchLabels` required object

`matchExpressions` required object[]

`key` required string

`operator` required string

`values` required string[]

`storageClasses` required object

StorageClasses defines if storage classes should get synced from the host cluster to the virtual cluster, but not back. If auto, is automatically enabled when the virtual scheduler is enabled.

`enabled` required string|boolean auto

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`selector` required object

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

`matchLabels` required object

`matchExpressions` required object[]

`key` required string

`operator` required string

`values` required string[]

`csiNodes` required object

CSINodes defines if csi nodes should get synced from the host cluster to the virtual cluster, but not back. If auto, is automatically enabled when the virtual scheduler is enabled.

`enabled` required string|boolean auto

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`csiDrivers` required object

CSIDrivers defines if csi drivers should get synced from the host cluster to the virtual cluster, but not back. If auto, is automatically enabled when the virtual scheduler is enabled.

`enabled` required string|boolean auto

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`csiStorageCapacities` required object

CSIStorageCapacities defines if csi storage capacities should get synced from the host cluster to the virtual cluster, but not back. If auto, is automatically enabled when the virtual scheduler is enabled.

`enabled` required string|boolean auto

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`customResources` required {key: object}

CustomResources defines what custom resources should get synced read-only to the virtual cluster from the host cluster. vCluster will automatically add any required RBAC to the vCluster cluster role.

`enabled` required boolean

Enabled defines if this option should be enabled.

`scope` required string

Scope defines the scope of the resource

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`mappings` required object

Mappings for Namespace and Object

`byName` required object

ByName is a map of host-object-namespace/host-object-name: virtual-object-namespace/virtual-object-name. There are several wildcards supported:

To match all objects in host namespace and sync them to different namespace in vCluster: byName: "foo/": "foo-in-virtual/"
To match specific object in the host namespace and sync it to the same namespace with the same name: byName: "foo/my-object": "foo/my-object"
To match specific object in the host namespace and sync it to the same namespace with different name: byName: "foo/my-object": "foo/my-virtual-object"
To match all objects in the vCluster host namespace and sync them to a different namespace in vCluster: byName: "": "my-virtual-namespace/*"
To match specific objects in the vCluster host namespace and sync them to a different namespace in vCluster: byName: "/my-object": "my-virtual-namespace/my-object"

`volumeSnapshotClasses` required object

VolumeSnapshotClasses defines if volume snapshot classes created within the virtual cluster should get synced to the host cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`configMaps` required object

ConfigMaps defines if config maps in the host should get synced to the virtual cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`mappings` required object

Mappings for Namespace and Object

`byName` required object {}

ByName is a map of host-object-namespace/host-object-name: virtual-object-namespace/virtual-object-name. There are several wildcards supported:

To match all objects in host namespace and sync them to different namespace in vCluster: byName: "foo/": "foo-in-virtual/"
To match specific object in the host namespace and sync it to the same namespace with the same name: byName: "foo/my-object": "foo/my-object"
To match specific object in the host namespace and sync it to the same namespace with different name: byName: "foo/my-object": "foo/my-virtual-object"
To match all objects in the vCluster host namespace and sync them to a different namespace in vCluster: byName: "": "my-virtual-namespace/*"
To match specific objects in the vCluster host namespace and sync them to a different namespace in vCluster: byName: "/my-object": "my-virtual-namespace/my-object"

`secrets` required object

Secrets defines if secrets in the host should get synced to the virtual cluster.

`enabled` required boolean false

Enabled defines if this option should be enabled.

`patches` required object[]

Patches patch the resource according to the provided specification.

`path` required string

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

`expression` required string

Expression transforms the value according to the given JavaScript expression.

`reverseExpression` required string

ReverseExpression transforms the value according to the given JavaScript expression.

`reference` required object

`apiVersion` required string

APIVersion is the apiVersion of the referenced object.

`apiVersionPath` required string

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

`kind` required string

Kind is the kind of the referenced object.

`kindPath` required string

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

`namePath` required string

NamePath is the optional relative path to the reference name within the object.

`namespacePath` required string

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

`labels` required object

Labels treats the path value as a labels selector.

`mappings` required object

Mappings for Namespace and Object

`byName` required object {}

ByName is a map of host-object-namespace/host-object-name: virtual-object-namespace/virtual-object-name. There are several wildcards supported:

To match all objects in host namespace and sync them to different namespace in vCluster: byName: "foo/": "foo-in-virtual/"
To match specific object in the host namespace and sync it to the same namespace with the same name: byName: "foo/my-object": "foo/my-object"
To match specific object in the host namespace and sync it to the same namespace with different name: byName: "foo/my-object": "foo/my-virtual-object"
To match all objects in the vCluster host namespace and sync them to a different namespace in vCluster: byName: "": "my-virtual-namespace/*"
To match specific objects in the vCluster host namespace and sync them to a different namespace in vCluster: byName: "/my-object": "my-virtual-namespace/my-object"

How does syncing work?​

Syncing labels to the host cluster​

Resources available to sync from virtual cluster to host cluster​

Enabled by default​

Disabled by default​

Bidirectional syncing​

Additional fields that support bidirectional sync​

Resources available to sync from host cluster to virtual cluster​

Enabled by default​

Disabled by default​

No bi-directional syncing​

Config reference​

sync required object ​

toHost required object ​

pods required object ​

enabled required boolean true ​

translateImage required object {} ​

enforceTolerations required string[] [] ​

useSecretsForSATokens required boolean false ​

runtimeClassName required string ​

priorityClassName required string ​

rewriteHosts required object ​

enabled required boolean true ​

initContainer required object ​

image required object ​

registry required string mirror.gcr.io ​

repository required string library/alpine ​

tag required string 3.20 ​

resources required object ​

limits required object map[cpu:30m memory:64Mi] ​

requests required object map[cpu:30m memory:64Mi] ​

patches required object[] ​

path required string ​

expression required string ​

reverseExpression required string ​

reference required object ​

apiVersion required string ​

apiVersionPath required string ​

kind required string ​

kindPath required string ​

namePath required string ​

namespacePath required string ​

labels required object ​

hybridScheduling required object ​

enabled required boolean false ​

hostSchedulers required string[] [] ​

secrets required object ​

enabled required boolean true ​

all required boolean false ​

patches required object[] ​

path required string ​

expression required string ​

reverseExpression required string ​

reference required object ​

apiVersion required string ​

apiVersionPath required string ​

kind required string ​

kindPath required string ​

namePath required string ​

namespacePath required string ​

labels required object ​

configMaps required object ​

enabled required boolean true ​

all required boolean false ​

patches required object[] ​

path required string ​

expression required string ​

reverseExpression required string ​

reference required object ​

apiVersion required string ​

apiVersionPath required string ​

kind required string ​

kindPath required string ​

namePath required string ​

namespacePath required string ​

labels required object ​

ingresses required object ​

enabled required boolean false ​

patches required object[] ​

path required string ​

How does syncing work?

Syncing labels to the host cluster

Resources available to sync from virtual cluster to host cluster

Enabled by default

Disabled by default

Bidirectional syncing

Additional fields that support bidirectional sync

Resources available to sync from host cluster to virtual cluster

Enabled by default

Disabled by default

No bi-directional syncing

Config reference

`sync` required object

`toHost` required object

`pods` required object

`enabled` required boolean true

`translateImage` required object {}

`enforceTolerations` required string[] []

`useSecretsForSATokens` required boolean false

`runtimeClassName` required string

`priorityClassName` required string

`rewriteHosts` required object

`enabled` required boolean true

`initContainer` required object

`image` required object

`registry` required string mirror.gcr.io

`repository` required string library/alpine

`tag` required string 3.20

`resources` required object

`limits` required object map[cpu:30m memory:64Mi]

`requests` required object map[cpu:30m memory:64Mi]

`patches` required object[]

`path` required string

`expression` required string

`reverseExpression` required string

`reference` required object

`apiVersion` required string

`apiVersionPath` required string

`kind` required string

`kindPath` required string

`namePath` required string

`namespacePath` required string

`labels` required object

`hybridScheduling` required object

`enabled` required boolean false

`hostSchedulers` required string[] []

`secrets` required object

`enabled` required boolean true

`all` required boolean false

`patches` required object[]

`path` required string

`expression` required string

`reverseExpression` required string

`reference` required object

`apiVersion` required string

`apiVersionPath` required string

`kind` required string

`kindPath` required string

`namePath` required string

`namespacePath` required string

`labels` required object

`configMaps` required object

`enabled` required boolean true

`all` required boolean false

`patches` required object[]

`path` required string

`expression` required string

`reverseExpression` required string

`reference` required object

`apiVersion` required string

`apiVersionPath` required string

`kind` required string

`kindPath` required string

`namePath` required string

`namespacePath` required string

`labels` required object

`ingresses` required object

`enabled` required boolean false

`patches` required object[]

`path` required string