Skip to main content
Version: v0.27 Stable
Limited vCluster Tenancy Configuration Support

This feature is only available when using the following worker node types:

  • Host Nodes

    • What is vCluster pod creation?

    In a vCluster, pod creation is not a direct process like in a standard Kubernetes cluster. Instead, it involves a unique mechanism that bridges your virtual cluster with the underlying host cluster.

    Imagine a vCluster as a virtual layer on top of a physical Kubernetes cluster. When you create a pod, it doesn't magically appear in the host cluster. Instead, it goes through a process that ensures your virtual cluster remains isolated while still using the resources of the host cluster.

    A pod in a vCluster isn't created directly in the host cluster but follows a well-defined process. This document explains the behind-the-scenes mechanism of pod creation in vCluster.

    Key components​

    The crucial components involved in vCluster pod creation are:

    • Kube-apiserver (host cluster): Manages resources in the underlying physical cluster.
    • Kube-apiserver (vCluster): Handles API requests within the virtual cluster.
    • Syncer: Bridges communication between vCluster and host cluster.

    1. Pod Creation in vCluster

      Create a pod by making an API call to the vCluster kube-apiserver. The API server stores the pod in the vCluster backend storage (etcd).

      Example:

      kubectl create -f my-pod.yaml -n my-vcluster

    2. Syncer synchronization.

      The syncer monitors events from the vCluster kube-apiserver. It communicates with the host cluster kube-apiserver to synchronize the pod creation.

      Key actions:

      • Watch vCluster events.
      • Translate vCluster pod configuration.
      • Initiate pod creation in host cluster.

    3. Host cluster pod deployment.

      The host cluster processes the pod creation request:

      • Brings the pod up using standard Kubernetes procedures.
      • Sets the pod state to ready.
      • Treats the pod like any other cluster pod.

      Verification:

      kubectl get pods -n host-cluster-namespace

    4. Status synchronization.

      After the pod reaches state=ready, the syncer:

      • Copies the pod's status from the host cluster.
      • Applies the status to the corresponding pod in the vCluster namespace.

      Status check:

      kubectl describe pod <pod-name> -n my-vcluster