Skip to main content
Version: v0.35 Stable

Sync from host to virtual

Supported Configurations
Running the control plane as a container with:

Read more about how syncing works before deciding which resources to sync from the control plane cluster to the tenant cluster.

vCluster can sync certain resources from the control plane cluster to make them available inside the tenant cluster, but when these resources are synced, they are only synced in read-only mode. No changes to the resource in the tenant cluster syncs back to the control plane cluster as the resources are shared across the control plane cluster.

A good example would be nodes, which are nice to view inside the tenant cluster and can be also used to enabled certain features such as scheduling inside the vCluster, but you wouldn't want your tenant cluster to change the node itself. Another benefit of only syncing from the control plane cluster is that vCluster itself only requires read-only RBAC permissions.

vCluster also lets you sync custom resources with the custom resource definitions syncer

There are a couple of labels that are created on the control plane cluster by vCluster that never get synced to the tenant cluster resource. These labels are:

  • release (Label is needed to avoid conflicts with the vCluster pods themselves).
  • vcluster.loft.sh/namespace
  • vcluster.loft.sh/managed-by
  • vcluster.loft.sh/controlled-by
  • vcluster.loft.sh/ns-label-* These labels are added as management labels when synching from the tenant cluster to the control plane cluster, but skipped when syncing from the control plane cluster to the tenant cluster to prevent sync loops.

Resource creation behavior​

Cluster-scoped resources​

The following resources are not created during sync if they don’t already exist in the tenant cluster:

The following resouces are created in the tenant cluster as read-only if they don't already exist during the sync:

Namespaced resources​

Namespaced resources are automatically created in the tenant cluster if they do not already exist. Before synchronization occurs, the mapping between the control plane cluster source namespace name and the corresponding tenant cluster target namespace name must be defined. This applies to:

For CSIStorageCapacities, synchronization occurs only when a corresponding mapping exists between the physical StorageClass name in the control plane cluster and the StorageClass name in the tenant cluster and the capacity aligns with the associated physical node:

Enabled by default​

Disabled by default​

No bi-directional syncing​

Since syncing resources from the control plane cluster is in read only mode and changes in the tenant cluster do not get applied to the resource in the control plane cluster, bi-directional syncing does not exist across these resources.

Config reference​

fromHost object ​

Configure what resources vCluster should sync from the host cluster to the virtual cluster.

nodes object ​

Nodes defines if nodes should get synced from the host cluster to the virtual cluster, but not back.

enabled boolean false ​

Enabled specifies if syncing real nodes should be enabled. If this is disabled, vCluster will create fake nodes instead.

syncBackChanges boolean false ​

SyncBackChanges enables syncing labels and taints from the virtual cluster to the host cluster. If this is enabled someone within the virtual cluster will be able to change the labels and taints of the host cluster node.

clearImageStatus boolean false ​

ClearImageStatus will erase the image status when syncing a node. This allows to hide images that are pulled by the node.

selector object ​

Selector can be used to define more granular what nodes should get synced from the host cluster to the virtual cluster.

all boolean false ​

All specifies if all nodes should get synced by vCluster from the host to the virtual cluster or only the ones where pods are assigned to.

labels object {} ​

Labels are the node labels used to sync nodes from host cluster to virtual cluster. This will also set the node selector when syncing a pod from virtual cluster to host cluster to the same value.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

events object ​

Events defines if events should get synced from the host cluster to the virtual cluster, but not back.

enabled boolean true ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

ingressClasses object ​

IngressClasses defines if ingress classes should get synced from the host cluster to the virtual cluster, but not back.

enabled boolean false ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

selector object ​

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

matchLabels object ​
matchExpressions object[] ​
key string ​
operator string ​
values string[] ​

gatewayClasses object ​

GatewayClasses defines if gateway classes should get synced from the control plane cluster to the tenant cluster, but not back.

enabled boolean false ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

selector object ​

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

matchLabels object ​
matchExpressions object[] ​
key string ​
operator string ​
values string[] ​

gateways object ​

Gateways defines if selected control plane Gateways should get synced from the control plane cluster to the tenant cluster, but not back.

enabled boolean false ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

selector object ​

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

matchLabels object ​
matchExpressions object[] ​
key string ​
operator string ​
values string[] ​

mappings object ​

Mappings define control plane Gateway namespace/name to tenant-facing namespace/name placement.

byName object {} ​

ByName is a map of control-plane-object-namespace/control-plane-object-name: tenant-object-namespace/tenant-object-name. There are several wildcards supported:

  1. To match all objects in a control plane namespace and sync them to a different namespace in the tenant cluster: byName: "foo/": "foo-in-virtual/"
  2. To match a specific object in the control plane namespace and sync it to the same namespace with the same name: byName: "foo/my-object": "foo/my-object"
  3. To match a specific object in the control plane namespace and sync it to the same namespace with a different name: byName: "foo/my-object": "foo/my-virtual-object"
  4. To match all objects in the vCluster namespace and sync them to a different namespace in the tenant cluster: byName: "": "my-virtual-namespace/*"
  5. To match specific objects in the vCluster namespace and sync them to a different namespace in the tenant cluster: byName: "/my-object": "my-virtual-namespace/my-object"

allowedRoutes object ​

AllowedRoutes configures the tenant-facing allowedRoutes policy shown on imported Gateways and enforced for Routes.

defaultVirtualNamespacePolicy object ​
from string ​
selector object ​
matchLabels object ​
matchExpressions object[] ​
key string ​
operator string ​
values string[] ​
overrides object[] ​
hostNamespace string ​
name string ​
virtualNamespacePolicy object ​
from string ​
selector object ​
matchLabels object ​
matchExpressions object[] ​
key string ​
operator string ​
values string[] ​
allowedHostnames string[] ​

status object ​

Status configures how Gateway status is mirrored.

exposeAddresses boolean false ​

metadata object ​

Metadata configures imported Gateway metadata visibility.

exposeSourceGateway boolean false ​

sanitize object ​

Sanitize configures sensitive control plane field sanitization.

certificateRefs boolean true ​
infrastructure boolean true ​

runtimeClasses object ​

RuntimeClasses defines if runtime classes should get synced from the host cluster to the virtual cluster, but not back.

enabled boolean false ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

selector object ​

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

matchLabels object ​
matchExpressions object[] ​
key string ​
operator string ​
values string[] ​

priorityClasses object ​

PriorityClasses defines if priority classes classes should get synced from the host cluster to the virtual cluster, but not back.

enabled boolean false ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

selector object ​

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

matchLabels object ​
matchExpressions object[] ​
key string ​
operator string ​
values string[] ​

storageClasses object ​

StorageClasses defines if storage classes should get synced from the host cluster to the virtual cluster, but not back. If auto, is automatically enabled when the virtual scheduler is enabled.

enabled string|boolean auto ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

selector object ​

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

matchLabels object ​
matchExpressions object[] ​
key string ​
operator string ​
values string[] ​

csiNodes object ​

CSINodes defines if csi nodes should get synced from the host cluster to the virtual cluster, but not back. If auto, is automatically enabled when the virtual scheduler is enabled.

enabled string|boolean auto ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

csiDrivers object ​

CSIDrivers defines if csi drivers should get synced from the host cluster to the virtual cluster, but not back. If auto, is automatically enabled when the virtual scheduler is enabled.

enabled string|boolean auto ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

csiStorageCapacities object ​

CSIStorageCapacities defines if csi storage capacities should get synced from the host cluster to the virtual cluster, but not back. If auto, is automatically enabled when the virtual scheduler is enabled.

enabled string|boolean auto ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

customResources {key: object} ​

CustomResources defines what custom resources should get synced read-only to the virtual cluster from the host cluster. vCluster will automatically add any required RBAC to the vCluster cluster role.

enabled required boolean ​

Enabled defines if this option should be enabled.

scope required string ​

Scope defines the scope of the resource

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

mappings object ​

Mappings for Namespace and Object

byName object ​

ByName is a map of control-plane-object-namespace/control-plane-object-name: tenant-object-namespace/tenant-object-name. There are several wildcards supported:

  1. To match all objects in a control plane namespace and sync them to a different namespace in the tenant cluster: byName: "foo/": "foo-in-virtual/"
  2. To match a specific object in the control plane namespace and sync it to the same namespace with the same name: byName: "foo/my-object": "foo/my-object"
  3. To match a specific object in the control plane namespace and sync it to the same namespace with a different name: byName: "foo/my-object": "foo/my-virtual-object"
  4. To match all objects in the vCluster namespace and sync them to a different namespace in the tenant cluster: byName: "": "my-virtual-namespace/*"
  5. To match specific objects in the vCluster namespace and sync them to a different namespace in the tenant cluster: byName: "/my-object": "my-virtual-namespace/my-object"

volumeSnapshotClasses object ​

VolumeSnapshotClasses defines if volume snapshot classes created within the virtual cluster should get synced to the host cluster.

enabled boolean false ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

configMaps object ​

ConfigMaps defines if config maps in the host should get synced to the virtual cluster.

enabled boolean false ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

mappings object ​

Mappings for Namespace and Object

byName object {} ​

ByName is a map of control-plane-object-namespace/control-plane-object-name: tenant-object-namespace/tenant-object-name. There are several wildcards supported:

  1. To match all objects in a control plane namespace and sync them to a different namespace in the tenant cluster: byName: "foo/": "foo-in-virtual/"
  2. To match a specific object in the control plane namespace and sync it to the same namespace with the same name: byName: "foo/my-object": "foo/my-object"
  3. To match a specific object in the control plane namespace and sync it to the same namespace with a different name: byName: "foo/my-object": "foo/my-virtual-object"
  4. To match all objects in the vCluster namespace and sync them to a different namespace in the tenant cluster: byName: "": "my-virtual-namespace/*"
  5. To match specific objects in the vCluster namespace and sync them to a different namespace in the tenant cluster: byName: "/my-object": "my-virtual-namespace/my-object"

secrets object ​

Secrets defines if secrets in the host should get synced to the virtual cluster.

enabled boolean false ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

mappings object ​

Mappings for Namespace and Object

byName object {} ​

ByName is a map of control-plane-object-namespace/control-plane-object-name: tenant-object-namespace/tenant-object-name. There are several wildcards supported:

  1. To match all objects in a control plane namespace and sync them to a different namespace in the tenant cluster: byName: "foo/": "foo-in-virtual/"
  2. To match a specific object in the control plane namespace and sync it to the same namespace with the same name: byName: "foo/my-object": "foo/my-object"
  3. To match a specific object in the control plane namespace and sync it to the same namespace with a different name: byName: "foo/my-object": "foo/my-virtual-object"
  4. To match all objects in the vCluster namespace and sync them to a different namespace in the tenant cluster: byName: "": "my-virtual-namespace/*"
  5. To match specific objects in the vCluster namespace and sync them to a different namespace in the tenant cluster: byName: "/my-object": "my-virtual-namespace/my-object"

deviceClasses object ​

DeviceClasses defines if device classes in the host should get synced to the virtual cluster

enabled boolean false ​

Enabled defines if this option should be enabled.

patches object[] ​

Patches patch the resource according to the provided specification.

path required string ​

Path is the path within the patch to target. If the path is not found within the patch, the patch is not applied.

expression string ​

Expression transforms the value according to the given JavaScript expression.

reverseExpression string ​

ReverseExpression transforms the value according to the given JavaScript expression.

reference object ​

Reference treats the path value as a reference to another object and will rewrite it based on the chosen mode automatically. In single-namespace mode this will translate the name to "vxxxxxxxxx" to avoid conflicts with other names, in multi-namespace mode this will not translate the name.

apiVersion required string ​

APIVersion is the apiVersion of the referenced object.

apiVersionPath string ​

APIVersionPath is optional relative path to use to determine the kind. If APIVersionPath is not found, will fallback to apiVersion.

kind required string ​

Kind is the kind of the referenced object.

kindPath string ​

KindPath is the optional relative path to use to determine the kind. If KindPath is not found, will fallback to kind.

namePath string ​

NamePath is the optional relative path to the reference name within the object.

namespacePath string ​

NamespacePath is the optional relative path to the reference namespace within the object. If omitted or not found, namespacePath equals to the metadata.namespace path of the object.

labels object ​

Labels treats the path value as a labels selector.

selector object ​

Selector defines the selector to use for the resource. If not set, all resources of that type will be synced.

matchLabels object ​
matchExpressions object[] ​
key string ​
operator string ​
values string[] ​