Experimentation, learning, and early development for individuals
SQLite is the most lightweight backing store which is hosted inside a file within the virtual cluster pod (typically in a PV).
Core Resources sync ensures that essential Kubernetes resources, like ConfigMaps and Secrets, are seamlessly synchronized between the host and virtual clusters.
User & Access Management handles all access control and credential management for users in your company.
Kube-Config Management simplifies access control by securely managing and distributing Kubernetes configuration files for virtual clusters.
Templates enable organizations to codify best practices and enforce security standards across platform users and teams.
Plugin SDK provides a programming interface for extending and customizing the behavior of a virtual cluster.
ClusterAPI Integration lets you create virtual clusters with the CRDs from the CAPI provider for virtual clusters.
Terraform Integration enables the provisioning and management of environments with Terraform Providers.
Service Monitor allows you to use Prometheus to collect metrics about the state of the virtual cluster control plane.
Metrics Server integration enables virtual clusters to gather and display resource metrics, such as CPU and memory usage, for workloads running inside the cluster.
Effortless management of enterprise-grade virtual clusters
Embedded etcd is as lightweight as k3s+sqlite but optimized for HA and scalability designed for production workloads.
Sleep Mode puts idle environments to sleep after a period of inactivity or according to a cron schedule.
Custom Resources (CRDs) sync ensures that user-defined Kubernetes resources and their definitions are properly synchronized between the host and virtual clusters for seamless operation.
Single Sign-On (SSO) for central authentication via SAML2, OIDC, LDAP, oAuth, GitHub, GitLab, etc.
Templates enable organizations to codify best practices and enforce security standards on a platform-level.
Quotas allow admins to configure resource limits for users and teams within a project to allow for fair use and to control spend.
Argo CD Integration automates the import of environments as deployment targets into Argo CD including permission sync.
Vault Integration lets users retrieve, distribute and rotate secrets from HashiCorp Vault to their environments.
Cert Manager integration automates the issuance and renewal of TLS certificates for secure communication within virtual clusters.
Central HostPath Mapper is useful for collecting metrics about workloads that run inside of the virtual cluster.
Advanced control and scalability for large fleets of virtual clusters
External Database allows you to store a virtual cluster’s state in an external database, such as MySQL or Postgres (e.g. in RDS).
Sync Patches provide an option to alter the vCluster sync process by defining patches applied to objects during sync.
Custom DNS Entries enable virtual clusters to define and manage custom DNS configurations for precise control over internal and external domain resolution.
Audit Logging writes a central log of all user interactions with their environments and the underlying platform itself.
UI Customizations let companies customize the appearance of the user interface (e.g. custom logo, colors, nav links, etc.).
Pod Identity Integration enables virtual clusters on EKS and GKE to authenticate with cloud services using IAM roles, eliminating the need for static credentials.
External Secrets Operator automates syncing secrets from external secret stores, like AWS Secrets Manager or Vault, into virtual clusters.
Rancher Integration allows vCluster management inside Rancher plus permission/user sync between both systems.
Customization and compliance for mission-critical infrastructure
External Database Connector automates the provisioning, credential handling, and cleanup of databases for virtual clusters.
FIPS Compliant Images provide vCluster users with secure, certified container images that adhere to federal cryptographic standards for enhanced data protection.
UI Customizations let companies customize the appearance of the user interface (e.g. custom logo, colors, nav links, etc.).
Custom Terms are tailored agreements to meet unique legal, compliance, and procurement requirements.
KubeVirt integration allows virtual clusters to run and manage virtual machines alongside Kubernetes workloads seamlessly.
Platform as OIDC Provider enables companies to connect other systems to the Platform’s SSO mechanism via OIDC.
Air-Gapped Mode allows to launch the platform with an offline license key, so no connection to our license API is required.
Multi-Region Mode reduces latency when running the platform in multiple regions and even cloud providers.
HA Mode allows to run the central platform components in HA mode with leader election to ensure uptime and reduce downtime.
User & Access Management handles all access control and credential management for users in your company.
Kube-Config Management simplifies access control by securely managing and distributing Kubernetes configuration files for virtual clusters.
Templates enable organizations to codify best practices and enforce security standards across platform users and teams.
Template Versioning allows rolling out security patches faster and allows to implement sophisticated upgrade flows at scale.
Quotas allow admins to configure resource limits for users and teams within a project to allow for fair use and to control spend.
UI Customizations let companies customize the appearance of the user interface (e.g. custom logo, colors, nav links, etc.).
Sleep Mode puts idle environments to sleep after a period of inactivity (e.g. no kubectl commands) or according to a schedule.
Auto Wakeup resumes any sleeping environment in real-time when a request comes in (e.g. kubectl commands or ingress).
Auto Delete destroys idle environments after a period of inactivity or according to a cron schedule.
SQLite is the most lightweight backing store which is hosted inside a file within the virtual cluster pod (typically in a PV).
Self-Managed etcd means that you either deploy etcd in the host cluster or externally and use it as the backing store.
Embedded etcd is as lightweight as k3s+sqlite but optimized for HA and scalability designed for production workloads.
External Database allows you to store a virtual cluster’s state in an external database, such as MySQL or Postgres (e.g. in RDS).
External Database Connector automates the provisioning, credential handling, and cleanup of databases for virtual clusters.
Core Resources sync ensures that essential Kubernetes resources, like ConfigMaps and Secrets, are seamlessly synchronized between the host and virtual clusters.
Custom Resources (CRDs) sync ensures that user-defined Kubernetes resources and their definitions are properly synchronized between the host and virtual clusters for seamless operation.
Sync Patches provide an option to alter the vCluster sync process by defining patches applied to objects during sync.
Custom DNS Entries enable virtual clusters to define and manage custom DNS configurations for precise control over internal and external domain resolution.
Plugin SDK provides a programming interface for extending and customizing the behavior of a virtual cluster.
ClusterAPI Integration lets you create virtual clusters with the CRDs from the CAPI provider for virtual clusters.
Terraform Integration enables the provisioning and management of environments with Terraform Providers.
Service Monitor allows you to use Prometheus to collect metrics about the state of the virtual cluster control plane.
Metrics Server integration enables virtual clusters to gather and display resource metrics, such as CPU and memory usage, for workloads running inside the cluster.
Central HostPath Mapper is useful for collecting metrics about workloads that run inside of the virtual cluster.
Argo CD Integration automates the import of environments as deployment targets into Argo CD including permission sync.
Vault Integration lets users retrieve, distribute and rotate secrets from HashiCorp Vault to their environments.
Cert Manager integration automates the issuance and renewal of TLS certificates for secure communication within virtual clusters.
Pod Identity Integration enables virtual clusters on EKS and GKE to authenticate with cloud services using IAM roles, eliminating the need for static credentials.
External Secrets Operator automates syncing secrets from external secret stores, like AWS Secrets Manager or Vault, into virtual clusters.
Rancher Integration allows vCluster management inside Rancher plus permission/user sync between both systems.
KubeVirt integration allows virtual clusters to run and manage virtual machines alongside Kubernetes workloads seamlessly.
Platform as OIDC Provider enables companies to connect other systems to the Platform’s SSO mechanism via OIDC.
Single Sign-On (SSO) for central authentication via SAML2, OIDC, LDAP, oAuth, GitHub, GitLab, etc.
Zero-Day Alerts offer instructions for security patches before a vulnerability is disclosed to the public in our OSS repos.
Security Review ensures that vCluster meets your organization’s security and compliance standards through a thorough evaluation of architecture, access controls, and data handling.
Audit Logging writes a central log of all user interactions with their environments and the underlying platform itself.
FIPS Compliant Images provide vCluster users with secure, certified container images that adhere to federal cryptographic standards for enhanced data protection.
Custom Terms are tailored agreements to meet unique legal, compliance, and procurement requirements.
Email Support via our unified support email address support@loft.sh
Private Shared Channel allows admins to chat with our team from within your company’s Slack or MS Teams workspace.
Phone + Video Support offers hands-on assistance for customers who want to interact directly with our engineers.
Custom SLA is a paid add-on for guaranteed response times of our support staff for any mission-critical use of our software.
Technical Account Manager supports admins hands-on with anything from the initial setup and rollout to upgrades.