External etcd
This feature is only available when using the following worker node types:
When using this backing store option, etcd is deployed on the host cluster in the same namespace as the vClustervClusterAn open-source software product that creates and manages virtual Kubernetes clusters inside a host Kubernetes cluster. vCluster improves isolation and multi-tenancy capabilities while reducing infrastructure costs. control plane pod. vCluster deploys etcd with a StatefulSet, Service, and headless Service.
controlPlane:
backingStore:
etcd:
deploy:
enabled: true
Customize the resources​
You can customize the resources that is deployed for etcd. Here are some basic examples, but more options exist in the configuration.
Set resource requests for the StatefulSet​
controlPlane:
backingStore:
etcd:
deploy:
enabled: true
statefulSet:
resources:
requests:
cpu: 20m
memory: 150Mi
Add annotations to each etcd component​
controlPlane:
backingStore:
etcd:
deploy:
enabled: true
statefulSet:
annotations:
app.kubernetes.io/part-of: "etcd"
cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
service:
annotations:
app.kubernetes.io/part-of: "etcd"
headlessService:
annotations:
app.kubernetes.io/part-of: "etcd"
Set the security context of the StatefulSet​
controlPlane:
backingStore:
etcd:
deploy:
enabled: true
statefulSet:
security:
podSecurityContext:
allowPrivilegeEscalation: false
Migration options​
Migrate to embedded etcd​
This feature is an Enterprise feature. See our pricing plans or contact our sales team for more information.
You can migrate from deployed etcdetcdA distributed key-value store that provides reliable storage for Kubernetes cluster data. In vCluster, etcd can be deployed externally or embedded within the vCluster pod. to embedded etcd without data loss. This migration simplifies your deployment and reduces resource consumption.
For step-by-step instructions on migrating from deployed to embedded etcd while preserving all your data, see the complete migration guide.
controlPlane:
backingStore:
etcd:
embedded:
enabled: true
migrateFromDeployedEtcd: true
Deploying with migrateFromDeployedEtcd: true retains the external etcd StatefulSet to perform the migration. After a successful migration, you should see the Successfully migrated etcd database to embedded etcd log message in vCluster.
To remove the external etcd after migration, delete migrateFromDeployedEtcd: true from the vcluster.yaml:
controlPlane:
backingStore:
etcd:
embedded:
enabled: true
Config reference​
deploy required object ​
Deploy defines to use an external etcd that is deployed by the helm chart
deploy required object ​enabled required boolean false ​
Enabled defines that an external etcd should be deployed.
enabled required boolean false ​statefulSet required object ​
StatefulSet holds options for the external etcd statefulSet.
statefulSet required object ​enabled required boolean true ​
Enabled defines if the statefulSet should be deployed
enabled required boolean true ​enableServiceLinks required boolean true ​
EnableServiceLinks for the StatefulSet pod
enableServiceLinks required boolean true ​image required object ​
Image is the image to use for the external etcd statefulSet
image required object ​registry required string registry.k8s.io ​
Registry is the registry of the container image, e.g. my-registry.com or ghcr.io. This setting can be globally
overridden via the controlPlane.advanced.defaultImageRegistry option. Empty means docker hub.
registry required string registry.k8s.io ​repository required string etcd ​
Repository is the repository of the container image, e.g. my-repo/my-image
repository required string etcd ​tag required string 3.5.21-0 ​
Tag is the tag of the container image, and is the default version.
tag required string 3.5.21-0 ​imagePullPolicy required string ​
ImagePullPolicy is the pull policy for the external etcd image
imagePullPolicy required string ​env required object[] [] ​
Env are extra environment variables
env required object[] [] ​extraArgs required string[] [] ​
ExtraArgs are appended to the etcd command.
extraArgs required string[] [] ​resources required object ​
Resources the etcd can consume
resources required object ​pods required object ​
Pods defines extra metadata for the etcd pods.
pods required object ​highAvailability required object ​
HighAvailability are high availability options
highAvailability required object ​replicas required integer 1 ​
Replicas are the amount of pods to use.
replicas required integer 1 ​scheduling required object ​
Scheduling options for the etcd pods.
scheduling required object ​nodeSelector required object {} ​
NodeSelector is the node selector to apply to the pod.
nodeSelector required object {} ​affinity required object {} ​
Affinity is the affinity to apply to the pod.
affinity required object {} ​tolerations required object[] [] ​
Tolerations are the tolerations to apply to the pod.
tolerations required object[] [] ​priorityClassName required string ​
PriorityClassName is the priority class name for the the pod.
priorityClassName required string ​podManagementPolicy required string Parallel ​
PodManagementPolicy is the statefulSet pod management policy.
podManagementPolicy required string Parallel ​topologySpreadConstraints required object[] [] ​
TopologySpreadConstraints are the topology spread constraints for the pod.
topologySpreadConstraints required object[] [] ​security required object ​
Security options for the etcd pods.
security required object ​persistence required object ​
Persistence options for the etcd pods.
persistence required object ​volumeClaim required object ​
VolumeClaim can be used to configure the persistent volume claim.
volumeClaim required object ​enabled required boolean true ​
Enabled enables deploying a persistent volume claim.
enabled required boolean true ​accessModes required string[] [ReadWriteOnce] ​
AccessModes are the persistent volume claim access modes.
accessModes required string[] [ReadWriteOnce] ​retentionPolicy required string Retain ​
RetentionPolicy is the persistent volume claim retention policy.
retentionPolicy required string Retain ​size required string 5Gi ​
Size is the persistent volume claim storage size.
size required string 5Gi ​storageClass required string ​
StorageClass is the persistent volume claim storage class.
storageClass required string ​volumeClaimTemplates required object[] [] ​
VolumeClaimTemplates defines the volumeClaimTemplates for the statefulSet
volumeClaimTemplates required object[] [] ​addVolumes required object[] [] ​
AddVolumes defines extra volumes for the pod
addVolumes required object[] [] ​addVolumeMounts required object[] ​
AddVolumeMounts defines extra volume mounts for the container
addVolumeMounts required object[] ​name required string ​
This must match the Name of a Volume.
name required string ​readOnly required boolean ​
Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.
readOnly required boolean ​mountPath required string ​
Path within the container at which the volume should be mounted. Must
not contain ':'.
mountPath required string ​subPath required string ​
Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).
subPath required string ​mountPropagation required string ​
mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
mountPropagation required string ​subPathExpr required string ​
Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.
subPathExpr required string ​annotations required object {} ​
Annotations are extra annotations for this resource.
annotations required object {} ​labels required object {} ​
Labels are extra labels for this resource.
labels required object {} ​service required object ​
Service holds options for the external etcd service.
service required object ​