Skip to main content
Version: main 🚧

Experimental

warning

These features are experimental! They may have breaking changes or be deprecated.

Config reference​

experimental required object pro​

Experimental features for vCluster. Configuration here might change, so be careful with this.

deploy required object pro​

Deploy allows you to configure manifests and Helm charts to deploy within the virtual cluster.

host required object pro​

Host defines what manifests to deploy into the host cluster

manifests required string pro​

Manifests are raw Kubernetes manifests that should get applied within the virtual cluster.

manifestsTemplate required string pro​

ManifestsTemplate is a Kubernetes manifest template that will be rendered with vCluster values before applying it within the virtual cluster.

vcluster required object pro​

VCluster defines what manifests and charts to deploy into the vCluster

manifests required string pro​

Manifests are raw Kubernetes manifests that should get applied within the virtual cluster.

manifestsTemplate required string pro​

ManifestsTemplate is a Kubernetes manifest template that will be rendered with vCluster values before applying it within the virtual cluster.

helm required object[] pro​

Helm are Helm charts that should get deployed into the virtual cluster

chart required object pro​

Chart defines what chart should get deployed.

name required string pro​
repo required string pro​
insecure required boolean pro​
version required string pro​
username required string pro​
password required string pro​
release required object pro​

Release defines what release should get deployed.

name required string pro​

Name of the release

namespace required string pro​

Namespace of the release

values required string pro​

Values defines what values should get used.

timeout required string pro​

Timeout defines the timeout for Helm

bundle required string pro​

Bundle allows to compress the Helm chart and specify this instead of an online chart

syncSettings required object pro​

SyncSettings are advanced settings for the syncer controller.

disableSync required boolean false pro​

DisableSync will not sync any resources and disable most control plane functionality.

rewriteKubernetesService required boolean false pro​

RewriteKubernetesService will rewrite the Kubernetes service to point to the vCluster service if disableSync is enabled

targetNamespace required string pro​

TargetNamespace is the namespace where the workloads should get synced to.

setOwner required boolean true pro​

SetOwner specifies if vCluster should set an owner reference on the synced objects to the vCluster service. This allows for easy garbage collection.

hostMetricsBindAddress required string pro​

HostMetricsBindAddress is the bind address for the local manager

virtualMetricsBindAddress required string pro​

VirtualMetricsBindAddress is the bind address for the virtual manager

genericSync required object pro​

GenericSync holds options to generically sync resources from virtual cluster to host.

version required string pro​

Version is the config version

export required object[] pro​

Exports syncs a resource from the virtual cluster to the host

apiVersion required string pro​

APIVersion of the object to sync

kind required string pro​

Kind of the object to sync

optional required boolean pro​
replaceOnConflict required boolean pro​

ReplaceWhenInvalid determines if the controller should try to recreate the object if there is a problem applying

patches required object[] pro​

Patches are the patches to apply on the virtual cluster objects when syncing them from the host cluster

op required string pro​

Operation is the type of the patch

fromPath required string pro​

FromPath is the path from the other object

path required string pro​

Path is the path of the patch

namePath required string pro​

NamePath is the path to the name of a child resource within Path

namespacePath required string pro​

NamespacePath is path to the namespace of a child resource within Path

value required object pro​

Value is the new value to be set to the path

regex required string pro​

Regex - is regular expresion used to identify the Name, and optionally Namespace, parts of the field value that will be replaced with the rewritten Name and/or Namespace

conditions required object[] pro​

Conditions are conditions that must be true for the patch to get executed

path required string pro​

Path is the path within the object to select

subPath required string pro​

SubPath is the path below the selected object to select

equal required object pro​

Equal is the value the path should be equal to

notEqual required object pro​

NotEqual is the value the path should not be equal to

empty required boolean pro​

Empty means that the path value should be empty or unset

ignore required boolean pro​

Ignore determines if the path should be ignored if handled as a reverse patch

sync required object pro​

Sync defines if a specialized syncer should be initialized using values from the rewriteName operation as Secret/Configmap names to be synced

secret required boolean pro​
configmap required boolean pro​
reversePatches required object[] pro​

ReversePatches are the patches to apply to host cluster objects after it has been synced to the virtual cluster

op required string pro​

Operation is the type of the patch

fromPath required string pro​

FromPath is the path from the other object

path required string pro​

Path is the path of the patch

namePath required string pro​

NamePath is the path to the name of a child resource within Path

namespacePath required string pro​

NamespacePath is path to the namespace of a child resource within Path

value required object pro​

Value is the new value to be set to the path

regex required string pro​

Regex - is regular expresion used to identify the Name, and optionally Namespace, parts of the field value that will be replaced with the rewritten Name and/or Namespace

conditions required object[] pro​

Conditions are conditions that must be true for the patch to get executed

path required string pro​

Path is the path within the object to select

subPath required string pro​

SubPath is the path below the selected object to select

equal required object pro​

Equal is the value the path should be equal to

notEqual required object pro​

NotEqual is the value the path should not be equal to

empty required boolean pro​

Empty means that the path value should be empty or unset

ignore required boolean pro​

Ignore determines if the path should be ignored if handled as a reverse patch

sync required object pro​

Sync defines if a specialized syncer should be initialized using values from the rewriteName operation as Secret/Configmap names to be synced

secret required boolean pro​
configmap required boolean pro​
selector required object pro​

Selector is a label selector to select the synced objects in the virtual cluster. If empty, all objects will be synced.

labelSelector required object pro​

LabelSelector are the labels to select the object from

import required object[] pro​

Imports syncs a resource from the host cluster to virtual cluster

apiVersion required string pro​

APIVersion of the object to sync

kind required string pro​

Kind of the object to sync

optional required boolean pro​
replaceOnConflict required boolean pro​

ReplaceWhenInvalid determines if the controller should try to recreate the object if there is a problem applying

patches required object[] pro​

Patches are the patches to apply on the virtual cluster objects when syncing them from the host cluster

op required string pro​

Operation is the type of the patch

fromPath required string pro​

FromPath is the path from the other object

path required string pro​

Path is the path of the patch

namePath required string pro​

NamePath is the path to the name of a child resource within Path

namespacePath required string pro​

NamespacePath is path to the namespace of a child resource within Path

value required object pro​

Value is the new value to be set to the path

regex required string pro​

Regex - is regular expresion used to identify the Name, and optionally Namespace, parts of the field value that will be replaced with the rewritten Name and/or Namespace

conditions required object[] pro​

Conditions are conditions that must be true for the patch to get executed

path required string pro​

Path is the path within the object to select

subPath required string pro​

SubPath is the path below the selected object to select

equal required object pro​

Equal is the value the path should be equal to

notEqual required object pro​

NotEqual is the value the path should not be equal to

empty required boolean pro​

Empty means that the path value should be empty or unset

ignore required boolean pro​

Ignore determines if the path should be ignored if handled as a reverse patch

sync required object pro​

Sync defines if a specialized syncer should be initialized using values from the rewriteName operation as Secret/Configmap names to be synced

secret required boolean pro​
configmap required boolean pro​
reversePatches required object[] pro​

ReversePatches are the patches to apply to host cluster objects after it has been synced to the virtual cluster

op required string pro​

Operation is the type of the patch

fromPath required string pro​

FromPath is the path from the other object

path required string pro​

Path is the path of the patch

namePath required string pro​

NamePath is the path to the name of a child resource within Path

namespacePath required string pro​

NamespacePath is path to the namespace of a child resource within Path

value required object pro​

Value is the new value to be set to the path

regex required string pro​

Regex - is regular expresion used to identify the Name, and optionally Namespace, parts of the field value that will be replaced with the rewritten Name and/or Namespace

conditions required object[] pro​

Conditions are conditions that must be true for the patch to get executed

path required string pro​

Path is the path within the object to select

subPath required string pro​

SubPath is the path below the selected object to select

equal required object pro​

Equal is the value the path should be equal to

notEqual required object pro​

NotEqual is the value the path should not be equal to

empty required boolean pro​

Empty means that the path value should be empty or unset

ignore required boolean pro​

Ignore determines if the path should be ignored if handled as a reverse patch

sync required object pro​

Sync defines if a specialized syncer should be initialized using values from the rewriteName operation as Secret/Configmap names to be synced

secret required boolean pro​
configmap required boolean pro​

hooks required object pro​

Hooks are hooks that can be used to inject custom patches before syncing

hostToVirtual required object[] pro​

HostToVirtual is a hook that is executed before syncing from the host to the virtual cluster

apiVersion required string pro​

APIVersion of the object to sync

kind required string pro​

Kind of the object to sync

verbs required string[] pro​

Verbs are the verbs that the hook should mutate

patches required object[] pro​

Patches are the patches to apply on the object to be synced

op required string pro​

Operation is the type of the patch

fromPath required string pro​

FromPath is the path from the other object

path required string pro​

Path is the path of the patch

namePath required string pro​

NamePath is the path to the name of a child resource within Path

namespacePath required string pro​

NamespacePath is path to the namespace of a child resource within Path

value required object pro​

Value is the new value to be set to the path

regex required string pro​

Regex - is regular expresion used to identify the Name, and optionally Namespace, parts of the field value that will be replaced with the rewritten Name and/or Namespace

conditions required object[] pro​

Conditions are conditions that must be true for the patch to get executed

path required string pro​

Path is the path within the object to select

subPath required string pro​

SubPath is the path below the selected object to select

equal required object pro​

Equal is the value the path should be equal to

notEqual required object pro​

NotEqual is the value the path should not be equal to

empty required boolean pro​

Empty means that the path value should be empty or unset

ignore required boolean pro​

Ignore determines if the path should be ignored if handled as a reverse patch

sync required object pro​

Sync defines if a specialized syncer should be initialized using values from the rewriteName operation as Secret/Configmap names to be synced

secret required boolean pro​
configmap required boolean pro​
virtualToHost required object[] pro​

VirtualToHost is a hook that is executed before syncing from the virtual to the host cluster

apiVersion required string pro​

APIVersion of the object to sync

kind required string pro​

Kind of the object to sync

verbs required string[] pro​

Verbs are the verbs that the hook should mutate

patches required object[] pro​

Patches are the patches to apply on the object to be synced

op required string pro​

Operation is the type of the patch

fromPath required string pro​

FromPath is the path from the other object

path required string pro​

Path is the path of the patch

namePath required string pro​

NamePath is the path to the name of a child resource within Path

namespacePath required string pro​

NamespacePath is path to the namespace of a child resource within Path

value required object pro​

Value is the new value to be set to the path

regex required string pro​

Regex - is regular expresion used to identify the Name, and optionally Namespace, parts of the field value that will be replaced with the rewritten Name and/or Namespace

conditions required object[] pro​

Conditions are conditions that must be true for the patch to get executed

path required string pro​

Path is the path within the object to select

subPath required string pro​

SubPath is the path below the selected object to select

equal required object pro​

Equal is the value the path should be equal to

notEqual required object pro​

NotEqual is the value the path should not be equal to

empty required boolean pro​

Empty means that the path value should be empty or unset

ignore required boolean pro​

Ignore determines if the path should be ignored if handled as a reverse patch

sync required object pro​

Sync defines if a specialized syncer should be initialized using values from the rewriteName operation as Secret/Configmap names to be synced

secret required boolean pro​
configmap required boolean pro​

clusterRole required object pro​

extraRules required object[] [] pro​

role required object pro​

extraRules required object[] [] pro​

multiNamespaceMode required object pro​

MultiNamespaceMode tells virtual cluster to sync to multiple namespaces instead of a single one. This will map each virtual cluster namespace to a single namespace in the host cluster.

enabled required boolean false pro​

Enabled specifies if multi namespace mode should get enabled

namespaceLabels required object pro​

NamespaceLabels are extra labels that will be added by vCluster to each created namespace.

isolatedControlPlane required object pro​

IsolatedControlPlane is a feature to run the vCluster control plane in a different Kubernetes cluster than the workloads themselves.

enabled required boolean pro​

Enabled specifies if the isolated control plane feature should be enabled.

headless required boolean false pro​

Headless states that Helm should deploy the vCluster in headless mode for the isolated control plane.

kubeConfig required string pro​

KubeConfig is the path where to find the remote workload cluster kubeconfig.

namespace required string pro​

Namespace is the namespace where to sync the workloads into.

service required string pro​

Service is the vCluster service in the remote cluster.

virtualClusterKubeConfig required object pro​

VirtualClusterKubeConfig allows you to override distro specifics and specify where vCluster will find the required certificates and vCluster config.

kubeConfig required string pro​

KubeConfig is the virtual cluster kubeconfig path.

serverCAKey required string pro​

ServerCAKey is the server ca key path.

serverCACert required string pro​

ServerCAKey is the server ca cert path.

clientCACert required string pro​

ServerCAKey is the client ca cert path.

requestHeaderCACert required string pro​

RequestHeaderCACert is the request header ca cert path.

denyProxyRequests required object[] pro​

DenyProxyRequests denies certain requests in the vCluster proxy.

name required string pro​

The name of the check.

namespaces required string[] pro​

Namespace describe a list of namespaces that will be affected by the check. An empty list means that all namespaces will be affected. In case of ClusterScoped rules, only the Namespace resource is affected.

rules required object[] pro​

Rules describes on which verbs and on what resources/subresources the webhook is enforced. The webhook is enforced if it matches any Rule. The version of the request must match the rule version exactly. Equivalent matching is not supported.

apiGroups required string[] pro​

APIGroups is the API groups the resources belong to. '*' is all groups.

apiVersions required string[] pro​

APIVersions is the API versions the resources belong to. '*' is all versions.

resources required string[] pro​

Resources is a list of resources this rule applies to.

scope required string pro​

Scope specifies the scope of this rule.

operations required string[] pro​

Verb is the kube verb associated with the request for API requests, not the http verb. This includes things like list and watch. For non-resource requests, this is the lowercase http verb. If '*' is present, the length of the slice must be one.

excludedUsers required string[] pro​

ExcludedUsers describe a list of users for which the checks will be skipped. Impersonation attempts on these users will still be subjected to the checks.