StatefulSet
The vCluster control plane is deployed as a StatefulSet, since vCluster requires a PersistentVolume resource to store data across restarts. When you configure statefulSet.persistence.volumeClaim.enabled: false or you don't configure statefulSet.persistence.volumeClaimTemplates, vCluster is deployed as a Deployment.
High availability​
- The
highAvailabilitysettings let you run more than one pod for the vCluster control plane, with one running as the leader. - If the leader crashes, is unhealthy, or restarts, more pods take over leadership, depending on the number of replicas.
- Adjusting the leaseDuration / renewDeadline / retryPeriod changes the leader election behavior (how often a leader is renewed & retries when it cannot be renewed)
Scheduling​
scheduling configures various scheduler behavior for different purposes. Examples of each follow:
nodeSelector: Matches labels on nodes to make the scheduler "prefer" scheduling the virtual cluster pods on certain nodes. Do this to:- Target nodes in a region.
- Target a specific architecture or machine class.
affinity: Value can be affinity (attract the pod) or anti-affinity (repel the pod).- Use anti-affinity to spread pods away from each other. A common technique is to make virtual cluster pods repel each other so that they are not scheduled on the same nodes. This increases resiliency in the event a node is scaled down or replaced by a cloud provider.
- Use affinity to group certain pods together to reduce network latency for critical services
tolerations: Another method of influencing where the scheduler places pods. A common use is to "taint" nodes for non-virtual-cluster workloads and make virtual cluster workloads "tolerate" the taint. This results in separating critical apps from the more ephemeral vCluster instances.priorityClassName: See Pod Priority and Preemption.podManagementPolicy: See Pod Management Policies.topologySpreadConstraints: See Pod Topology Spread Constraints.- Similar to podAffinity & podAntiAffinity in some ways. See Comparison with podAffinity and podAntiAffinity.
Re-using existing PersistenceVolumeClaim​
It is possible to pre-provision a PersistenceVolumeClaim, and then configure vCluster to use it.
To do that, set existing claim name in the chart values controlPlane.statefulSet.persistence.dataVolume under persistenceVolumeClaim.claimName.
controlPlane:
statefulSet:
persistence:
dataVolume:
- name: data
persistentVolumeClaim:
claimName: my-existing-pvc
vCluster image options​
There are currently 3 vCluster image builds you can use in statefulSet.image.repository:
- loft-sh/vcluster-pro: The default image for the Helm chart, this image works for all use-cases.
- loft-sh/vcluster-oss: A purely open-source build of vCluster
- loft-sh/vcluster: Deprecated. Use
loft-sh/vcluster-ossas a replacement.
Config reference​
statefulSet required object pro​
StatefulSet defines options for vCluster statefulSet deployed by Helm.
statefulSet required object pro​highAvailability required object pro​
HighAvailability holds options related to high availability.
highAvailability required object pro​replicas required integer 1 pro​
Replicas is the amount of replicas to use for the statefulSet.
replicas required integer 1 pro​leaseDuration required integer 60 pro​
LeaseDuration is the time to lease for the leader.
leaseDuration required integer 60 pro​renewDeadline required integer 40 pro​
RenewDeadline is the deadline to renew a lease for the leader.
renewDeadline required integer 40 pro​retryPeriod required integer 15 pro​
RetryPeriod is the time until a replica will retry to get a lease.
retryPeriod required integer 15 pro​resources required object pro​
Resources are the resource requests and limits for the statefulSet container.
resources required object pro​scheduling required object pro​
Scheduling holds options related to scheduling.
scheduling required object pro​nodeSelector required object {} pro​
NodeSelector is the node selector to apply to the pod.
nodeSelector required object {} pro​affinity required object {} pro​
Affinity is the affinity to apply to the pod.
affinity required object {} pro​tolerations required object[] [] pro​
Tolerations are the tolerations to apply to the pod.
tolerations required object[] [] pro​priorityClassName required string pro​
PriorityClassName is the priority class name for the the pod.
priorityClassName required string pro​podManagementPolicy required string Parallel pro​
PodManagementPolicy is the statefulSet pod management policy.
podManagementPolicy required string Parallel pro​topologySpreadConstraints required object[] [] pro​
TopologySpreadConstraints are the topology spread constraints for the pod.
topologySpreadConstraints required object[] [] pro​security required object pro​
Security defines pod or container security context.
security required object pro​podSecurityContext required object {} pro​
PodSecurityContext specifies security context options on the pod level.
podSecurityContext required object {} pro​containerSecurityContext required object map[allowPrivilegeEscalation:false runAsGroup:0 runAsUser:0] pro​
ContainerSecurityContext specifies security context options on the container level.
containerSecurityContext required object map[allowPrivilegeEscalation:false runAsGroup:0 runAsUser:0] pro​probes required object pro​
Probes enables or disables the main container probes.
probes required object pro​livenessProbe required object pro�​
LivenessProbe specifies if the liveness probe for the container should be enabled
livenessProbe required object pro�​enabled required boolean true pro​
Enabled defines if this option should be enabled.
enabled required boolean true pro​persistence required object pro​
Persistence defines options around persistence for the statefulSet.
persistence required object pro​volumeClaim required object pro​
VolumeClaim can be used to configure the persistent volume claim.
volumeClaim required object pro​enabled required string|boolean auto pro​
Enabled enables deploying a persistent volume claim. If auto, vCluster will automatically determine
based on the chosen distro and other options if this is required.
enabled required string|boolean auto pro​accessModes required string[] [ReadWriteOnce] pro​
AccessModes are the persistent volume claim access modes.
accessModes required string[] [ReadWriteOnce] pro​retentionPolicy required string Retain pro​
RetentionPolicy is the persistent volume claim retention policy.
retentionPolicy required string Retain pro​size required string 5Gi pro​
Size is the persistent volume claim storage size.
size required string 5Gi pro​storageClass required string pro​
StorageClass is the persistent volume claim storage class.
storageClass required string pro​volumeClaimTemplates required object[] [] pro​
VolumeClaimTemplates defines the volumeClaimTemplates for the statefulSet
volumeClaimTemplates required object[] [] pro​dataVolume required object[] [] pro​
Allows you to override the dataVolume. Only works correctly if volumeClaim.enabled=false.
dataVolume required object[] [] pro​binariesVolume required object[] [map[emptyDir:map[] name:binaries]] pro​
BinariesVolume defines a binaries volume that is used to retrieve
distro specific executables to be run by the syncer controller.
This volume doesn't need to be persistent.
binariesVolume required object[] [map[emptyDir:map[] name:binaries]] pro​addVolumes required object[] [] pro​
AddVolumes defines extra volumes for the pod
addVolumes required object[] [] pro​addVolumeMounts required object[] pro​
AddVolumeMounts defines extra volume mounts for the container
addVolumeMounts required object[] pro​name required string pro​
This must match the Name of a Volume.
name required string pro​readOnly required boolean pro​
Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.
readOnly required boolean pro​mountPath required string pro​
Path within the container at which the volume should be mounted. Must
not contain ':'.
mountPath required string pro​subPath required string pro​
Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).
subPath required string pro​mountPropagation required string pro​
mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
mountPropagation required string pro​subPathExpr required string pro​
Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.
subPathExpr required string pro​enableServiceLinks required boolean true pro​
EnableServiceLinks for the StatefulSet pod
enableServiceLinks required boolean true pro​annotations required object {} pro​
Annotations are extra annotations for this resource.
annotations required object {} pro​labels required object {} pro​
Labels are extra labels for this resource.
labels required object {} pro​pods required object pro​
Additional labels or annotations for the statefulSet pods.
pods required object pro​image required object pro​
Image is the image for the controlPlane statefulSet container
image required object pro​registry required string ghcr.io pro​
Configure the registry of the container image, e.g. my-registry.com or ghcr.io
It defaults to ghcr.io and can be overriding either by using this field or controlPlane.advanced.defaultImageRegistry
registry required string ghcr.io pro​repository required string loft-sh/vcluster-pro pro​
Configure the repository of the container image, e.g. my-repo/my-image.
It defaults to the vCluster pro repository that includes the optional pro modules that are turned off by default.
If you still want to use the pure OSS build, use 'loft-sh/vcluster-oss' instead.
repository required string loft-sh/vcluster-pro pro​tag required string pro​
Tag is the tag of the container image, e.g. latest
tag required string pro​imagePullPolicy required string pro​
ImagePullPolicy is the policy how to pull the image.
imagePullPolicy required string pro​workingDir required string pro​
WorkingDir specifies in what folder the main process should get started.
workingDir required string pro​command required string[] [] pro​
Command allows you to override the main command.
command required string[] [] pro​args required string[] [] pro​
Args allows you to override the main arguments.
args required string[] [] pro​env required object[] [] pro​
Env are additional environment variables for the statefulSet container.
env required object[] [] pro​dnsPolicy required string pro​
Set DNS policy for the pod.
dnsPolicy required string pro​dnsConfig required object pro​
Specifies the DNS parameters of a pod.
dnsConfig required object pro​nameservers required string[] pro​
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
Duplicated nameservers will be removed.
nameservers required string[] pro​searches required string[] pro​
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
Duplicated search paths will be removed.
searches required string[] pro​options required object[] pro​
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Duplicated entries will be removed. Resolution options given in Options
will override those that appear in the base DNSPolicy.
options required object[] pro​