Skip to main content
Version: main 🚧

External etcd

When using this backing store option, etcd is deployed on the host cluster in the same namespace as the vCluster control plane pod. vCluster deploys etcd with a StatefulSet, Service, and headless Service.

controlPlane:
  backingStore:
    etcd:
      deploy:
        enabled: true

Customize the resources​

You can customize the resources that is deployed for etcd. Here are some basic examples, but more options exist in the configuration.

Set resource requests for the StatefulSet​

controlPlane:
  backingStore:
    etcd:
      deploy:
        enabled: true
        statefulSet:
          resources:
            requests:
              cpu: 20m
              memory: 150Mi

Add annotations to each etcd component​

controlPlane:
  backingStore:
    etcd:
      deploy:
        enabled: true
        statefulSet:
          annotations:
            app.kubernetes.io/part-of: "etcd"
            cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
        service:
          annotations:
            app.kubernetes.io/part-of: "etcd"
        headlessService:
          annotations:
            app.kubernetes.io/part-of: "etcd"

Set the security context of the StatefulSet​

controlPlane:
  backingStore:
    etcd:
      deploy:
        enabled: true
        statefulSet:
          security:
            podSecurityContext:
              allowPrivilegeEscalation: false

Migration options​

Migrate to embedded etcd​

Enterprise-Only Feature

This feature is an Enterprise feature. See our pricing plans or contact our sales team for more information.

There is an option to migrate from a deployed etcd to the embedded etcd option. Replace your current backing store with this option and upgrade your virtual cluster.

vcluster.yaml
controlPlane:
  backingStore:
    etcd:
      embedded:
        enabled: true
        migrateFromDeployedEtcd: true

Deploying with migrateFromDeployedEtcd: true retains the external etcd StatefulSet to perform the migration. After a successful migration, you should see the Successfully migrated etcd database to embedded etcd log message in vCluster. To remove the external etcd after migration, delete migrateFromDeployedEtcd: true from the vcluster.yaml:

vcluster.yaml after etcd migration
controlPlane:
  backingStore:
    etcd:
      embedded:
        enabled: true

Config reference​

deploy required object ​

Deploy defines to use an external etcd that is deployed by the helm chart

enabled required boolean false ​

Enabled defines that an external etcd should be deployed.

statefulSet required object ​

StatefulSet holds options for the external etcd statefulSet.

enabled required boolean true ​

Enabled defines if the statefulSet should be deployed

EnableServiceLinks for the StatefulSet pod

image required object ​

Image is the image to use for the external etcd statefulSet

registry required string registry.k8s.io ​

Registry is the registry of the container image, e.g. my-registry.com or ghcr.io. This setting can be globally overridden via the controlPlane.advanced.defaultImageRegistry option. Empty means docker hub.

repository required string etcd ​

Repository is the repository of the container image, e.g. my-repo/my-image

tag required string 3.5.21-0 ​

Tag is the tag of the container image, and is the default version.

imagePullPolicy required string ​

ImagePullPolicy is the pull policy for the external etcd image

env required object[] [] ​

Env are extra environment variables

extraArgs required string[] [] ​

ExtraArgs are appended to the etcd command.

resources required object ​

Resources the etcd can consume

limits required object ​

Limits are resource limits for the container

requests required object map[cpu:20m memory:150Mi] ​

Requests are minimal resources that will be consumed by the container

pods required object ​

Pods defines extra metadata for the etcd pods.

annotations required object {} ​

Annotations are extra annotations for this resource.

labels required object {} ​

Labels are extra labels for this resource.

highAvailability required object ​

HighAvailability are high availability options

replicas required integer 1 ​

Replicas are the amount of pods to use.

scheduling required object ​

Scheduling options for the etcd pods.

nodeSelector required object {} ​

NodeSelector is the node selector to apply to the pod.

affinity required object {} ​

Affinity is the affinity to apply to the pod.

tolerations required object[] [] ​

Tolerations are the tolerations to apply to the pod.

priorityClassName required string ​

PriorityClassName is the priority class name for the the pod.

podManagementPolicy required string Parallel ​

PodManagementPolicy is the statefulSet pod management policy.

topologySpreadConstraints required object[] [] ​

TopologySpreadConstraints are the topology spread constraints for the pod.

security required object ​

Security options for the etcd pods.

podSecurityContext required object {} ​

PodSecurityContext specifies security context options on the pod level.

containerSecurityContext required object {} ​

ContainerSecurityContext specifies security context options on the container level.

persistence required object ​

Persistence options for the etcd pods.

volumeClaim required object ​

VolumeClaim can be used to configure the persistent volume claim.

enabled required boolean true ​

Enabled enables deploying a persistent volume claim.

accessModes required string[] [ReadWriteOnce] ​

AccessModes are the persistent volume claim access modes.

retentionPolicy required string Retain ​

RetentionPolicy is the persistent volume claim retention policy.

size required string 5Gi ​

Size is the persistent volume claim storage size.

storageClass required string ​

StorageClass is the persistent volume claim storage class.

volumeClaimTemplates required object[] [] ​

VolumeClaimTemplates defines the volumeClaimTemplates for the statefulSet

addVolumes required object[] [] ​

AddVolumes defines extra volumes for the pod

addVolumeMounts required object[] ​

AddVolumeMounts defines extra volume mounts for the container

name required string ​

This must match the Name of a Volume.

readOnly required boolean ​

Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.

mountPath required string ​

Path within the container at which the volume should be mounted. Must not contain ':'.

subPath required string ​

Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).

mountPropagation required string ​

mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.

subPathExpr required string ​

Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.

annotations required object {} ​

Annotations are extra annotations for this resource.

labels required object {} ​

Labels are extra labels for this resource.

service required object ​

Service holds options for the external etcd service.

enabled required boolean true ​

Enabled defines if the etcd service should be deployed

annotations required object {} ​

Annotations are extra annotations for the external etcd service

headlessService required object ​

HeadlessService holds options for the external etcd headless service.

annotations required object {} ​

Annotations are extra annotations for the external etcd headless service