Nodes from the Host Cluster
This feature is only available when using the following worker node types:
By default, when creating a virtual cluster, the available worker nodes for the virtual cluster are the worker nodes in the host cluster that the vCluster is deployed on. These type of nodes are host nodes as they are part of the host cluster.
If you start with host nodes, you cannot change the worker node pool to use private nodes after the vCluster is deployed.
Understand how host nodes are reported in vCluster​
When running kubectl get nodes in the virtual cluster kubecontext, host nodes only show up as nodes in the virtual cluster when there are
pods from the virtual cluster deployed onto those nodes.
There is one exception where you can view all of the host nodes regardless if pods are scheduled on to them, but only if you sync them and select all of them.
Pseudo nodes (Default)​
By default, the host nodes are not synced from the host cluster to the virtual cluster and are considered pseudo nodes. Pseudo nodes have real values for name, but everything else is randomly generated.
When you run kubectl get nodes, the only nodes that show up are the ones that have pods scheduled on them. Any information besides the name is randomly generated.
If there are no more pods on that host node, vCluster deletes the pseudo node in the virtual cluster.
Real nodes (Synced from the host cluster)​
If you want accurate node information, you can sync the host nodes from the host cluster to the virtual cluster, but syncing real nodes requires a cluster role to access node information. vCluster automatically deploys this cluster role when nodes are synced.
By default, vCluster obfuscates node IP addresses when syncing real nodes to protect sensitive information. Learn how to control node IP visibility for your use case.
When you run kubectl get nodes, the only nodes that show up are the ones that have pods scheduled on them. All information about the nodes is correct except for IP addresses.
If there are no more pods on a node, vCluster deletes the node in the virtual cluster.
sync:
fromHost:
nodes:
enabled: true
Read more about other options when syncing nodes.
Determine which host nodes to use​
Shared nodes​
By default, vCluster can use any node in the host cluster to deploy pods and resources on. This means that all the nodes in the host cluster can be used, but they will only show up as a node in the vCluster if a pod is deployed on it.
View all host nodes in the virtual cluster kubecontext​
If you want to see all available nodes in the host cluster regardless if a pod is scheduled onto it, then you sync all the host nodes as well as specify that you want all of them selected.
sync:
fromHost:
nodes:
enabled: true
selector:
all: true
Dedicated nodes​
Instead of being able to schedule onto any host node in the vCluster, you can specify a set of worker nodes that are available for the vCluster to schedule pods and resources to. This means that even though vCluster is deployed on a host cluster, there can be some isolation achieved by only allowing specific worker nodes to be used by a vCluster.
are on a host cluster, you scheduled onto. Set labels on the worker nodes on the shared host cluster before using label selectors to select those nodes.
Use cases to only select a set of nodes include:
- Restrict vCluster to nodes in a specific region.
- Target nodes with a particular architecture.
- Using only spot or preemptible instances.
- Prevent vCluster workloads from running on critical infrastructure nodes.
Select nodes with a label selector​
By adding a label selector in the vcluster.yaml, nodes from the host cluster that have the matching labels can be used to schedule pods and resources.
This can be used for pseudo nodes or real nodes.
Pseudo Nodes
sync:
fromHost:
nodes:
# Pseudo Nodes
enabled: false
# Select which nodes the vCluster can see
selector:
labels:
environment: production
team: backend
Real Nodes
sync:
fromHost:
nodes:
# Sync real node information
enabled: true
# Select which nodes the vCluster can see
selector:
labels:
environment: production
team: backend