Skip to main content
Version: main 🚧

Experimental

warning

The following features are experimental. They might have breaking changes or be deprecated.

Experimental features​

vCluster provides several experimental features that extend its capabilities:

Available features​

Configure experimental features​

Experimental features are configured under the experimental section of your vCluster configuration. These features might change between releases, so use them with caution in production environments.

Config reference​

experimental required object ​

Experimental features for vCluster. Configuration here might change, so be careful with this.

deploy required object ​

Deploy allows you to configure manifests and Helm charts to deploy within the host or virtual cluster.

host required object ​

Host defines what manifests to deploy into the host cluster

manifests required string ​

Manifests are raw Kubernetes manifests that should get applied within the host cluster.

manifestsTemplate required string ​

ManifestsTemplate is a Kubernetes manifest template that will be rendered with vCluster values before applying it within the host cluster.

vcluster required object ​

VCluster defines what manifests and charts to deploy into the vCluster

manifests required string ​

Manifests are raw Kubernetes manifests that should get applied within the virtual cluster.

manifestsTemplate required string ​

ManifestsTemplate is a Kubernetes manifest template that will be rendered with vCluster values before applying it within the virtual cluster.

helm required object[] ​

Helm are Helm charts that should get deployed into the virtual cluster

chart required object ​

Chart defines what chart should get deployed.

name required string ​
repo required string ​
insecure required boolean ​
version required string ​
username required string ​
password required string ​
release required object ​

Release defines what release should get deployed.

name required string ​

Name of the release

namespace required string ​

Namespace of the release

values required string ​

Values defines what values should get used.

timeout required string ​

Timeout defines the timeout for Helm

bundle required string ​

Bundle allows to compress the Helm chart and specify this instead of an online chart

syncSettings required object ​

SyncSettings are advanced settings for the syncer controller.

targetNamespace required string ​

TargetNamespace is the namespace where the workloads should get synced to. Deprecated: Removed in 0.29.0.

setOwner required boolean true ​

SetOwner specifies if vCluster should set an owner reference on the synced objects to the vCluster service. This allows for easy garbage collection.

hostMetricsBindAddress required string ​

HostMetricsBindAddress is the bind address for the local manager

virtualMetricsBindAddress required string ​

VirtualMetricsBindAddress is the bind address for the virtual manager

virtualClusterKubeConfig required object ​

VirtualClusterKubeConfig allows you to override distro specifics and specify where vCluster will find the required certificates and vCluster config. Deprecated: Removed in 0.29.0.

kubeConfig required string ​

KubeConfig is the virtual cluster kubeconfig path.

serverCAKey required string ​

ServerCAKey is the server ca key path.

serverCACert required string ​

ServerCAKey is the server ca cert path.

clientCACert required string ​

ServerCAKey is the client ca cert path.

requestHeaderCACert required string ​

RequestHeaderCACert is the request header ca cert path.

denyProxyRequests required object[] ​

DenyProxyRequests denies certain requests in the vCluster proxy.

name required string ​

The name of the check.

namespaces required string[] ​

Namespace describe a list of namespaces that will be affected by the check. An empty list means that all namespaces will be affected. In case of ClusterScoped rules, only the Namespace resource is affected.

rules required object[] ​

Rules describes on which verbs and on what resources/subresources the webhook is enforced. The webhook is enforced if it matches any Rule. The version of the request must match the rule version exactly. Equivalent matching is not supported.

apiGroups required string[] ​

APIGroups is the API groups the resources belong to. '*' is all groups.

apiVersions required string[] ​

APIVersions is the API versions the resources belong to. '*' is all versions.

resources required string[] ​

Resources is a list of resources this rule applies to.

scope required string ​

Scope specifies the scope of this rule.

operations required string[] ​

Verb is the kube verb associated with the request for API requests, not the http verb. This includes things like list and watch. For non-resource requests, this is the lowercase http verb. If '*' is present, the length of the slice must be one.

excludedUsers required string[] ​

ExcludedUsers describe a list of users for which the checks will be skipped. Impersonation attempts on these users will still be subjected to the checks.