Skip to main content

Deploy vclusters

Let's create a virtual cluster vcluster-1 in namespace host-namespace-1:

# Create a vcluster that can be accessed through port forwarding
vcluster create vcluster-1 -n host-namespace-1
# OR: Use --expose to create a vcluster with an externally accessible LoadBalancer
vcluster create vcluster-1 -n host-namespace-1 --expose
# OR: Use -f to use an additional helm values.yaml with extra chart options to deploy vcluster
vcluster create vcluster-1 -n host-namespace-1 -f values.yaml
# OR: Use --distro to specify either k0s or vanilla k8s as backing virtual cluster
vcluster create vcluster-1 -n host-namespace-1 --distro k8s
Host Namespace

No matter if we are creating namespaces within the virtual cluster, everything will be encapsulated inside the host namespace that the virtual cluster runs inside.

Air-gapped Clusters

If you want to deploy vclusters in an air-gapped environment, you can set the following option in the values.yaml used to deploy vcluster:

defaultImageRegistry: my-private-registry:5000/vcluster/

This will tell vcluster to prepend the above image registry to all images used by vcluster, such as syncer, k3s, coredns etc. So for example rancher/k3s:v1.22.2-k3s1 will become my-private-registry:5000/vcluster/rancher/k3s:v1.22.2-k3s1

You can find a list of all needed images by vcluster in the file vcluster-images.txt at the releases page, as well as two scripts (download-images.sh & push-images.sh) to pull and push those to your private registry.

Admin Permissions Required?#

One of the biggest benefits of vcluster compared to other virtual cluster approaches is that it does not require any special permissions. Even if you are not cluster-admin and only have access to deploy applications to one specific namespace, you will very likely be able to spin up a virtual cluster.

Check out the kubectl tab above to see what vcluster create is actually deploying to the host-namespace.