Sync
A virtual cluster does not have actual worker nodes or a network. Instead, the vCluster syncer component replicates the pods that are created within the virtual cluster to the host cluster. Subsequently, the host cluster schedules the pods, and the syncer keeps the virtual cluster pods and host cluster pods in sync.
By default, vCluster runs with a minimal set of RBAC permissions to allow execution in restricted environments. Certain resources require extra permissions to sync, which will automatically be given to the vCluster ServiceAccount if you enable the resource sync with the associated config value.
Sync from Virtual Cluser to Host Cluster
Enabled by Default
Disabled by Default
- Ingresses
- NetworkPolicies
- PersistentVolumes
- VolumeSnapshots
- StorageClasses
- ServiceAccounts
- PodDisruptionBudgets
- PriorityClasses
Config reference
sync required object pro
Sync describes how to sync resources from the virtual cluster to host cluster and back.
sync required object protoHost required object pro
Configure resources to sync from the virtual cluster to the host cluster.
toHost required object propods required object pro
Pods defines if pods created within the virtual cluster should get synced to the host cluster.
pods required object proenabled required boolean pro
Enabled defines if pod syncing should be enabled.
enabled required boolean protranslateImage required object pro
TranslateImage maps an image to another image that should be used instead. For example this can be used to rewrite
a certain image that is used within the virtual cluster to be another image on the host cluster
translateImage required object proenforceTolerations required string[] pro
EnforceTolerations will add the specified tolerations to all pods synced by the virtual cluster.
enforceTolerations required string[] prouseSecretsForSATokens required boolean pro
UseSecretsForSATokens will use secrets to save the generated service account tokens by virtual cluster instead of using a
pod annotation.
useSecretsForSATokens required boolean prorewriteHosts required object pro
RewriteHosts is a special option needed to rewrite statefulset containers to allow the correct FQDN. virtual cluster will add
a small container to each stateful set pod that will initially rewrite the /etc/hosts file to match the FQDN expected by
the virtual cluster.
rewriteHosts required object prosecrets required object pro
Secrets defines if secrets created within the virtual cluster should get synced to the host cluster.
secrets required object proconfigMaps required object pro
ConfigMaps defines if config maps created within the virtual cluster should get synced to the host cluster.
configMaps required object proingresses required object pro
Ingresses defines if ingresses created within the virtual cluster should get synced to the host cluster.
ingresses required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean proservices required object pro
Services defines if services created within the virtual cluster should get synced to the host cluster.
services required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean proendpoints required object pro
Endpoints defines if endpoints created within the virtual cluster should get synced to the host cluster.
endpoints required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean pronetworkPolicies required object pro
NetworkPolicies defines if network policies created within the virtual cluster should get synced to the host cluster.
networkPolicies required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean propersistentVolumeClaims required object pro
PersistentVolumeClaims defines if persistent volume claims created within the virtual cluster should get synced to the host cluster.
persistentVolumeClaims required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean propersistentVolumes required object pro
PersistentVolumes defines if persistent volumes created within the virtual cluster should get synced to the host cluster.
persistentVolumes required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean provolumeSnapshots required object pro
VolumeSnapshots defines if volume snapshots created within the virtual cluster should get synced to the host cluster.
volumeSnapshots required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean prostorageClasses required object pro
StorageClasses defines if storage classes created within the virtual cluster should get synced to the host cluster.
storageClasses required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean proserviceAccounts required object pro
ServiceAccounts defines if service accounts created within the virtual cluster should get synced to the host cluster.
serviceAccounts required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean profromHost required object pro
Configure what resources vCluster should sync from the host cluster to the virtual cluster.
fromHost required object pronodes required object pro
Nodes defines if nodes should get synced from the host cluster to the virtual cluster, but not back.
nodes required object proenabled required boolean pro
Enabled specifies if syncing real nodes should be enabled. If this is disabled, vCluster will create fake nodes instead.
enabled required boolean prosyncBackChanges required boolean pro
SyncBackChanges enables syncing labels and taints from the virtual cluster to the host cluster. If this is enabled someone within the virtual cluster will be able to change the labels and taints of the host cluster node.
syncBackChanges required boolean proclearImageStatus required boolean pro
ClearImageStatus will erase the image status when syncing a node. This allows to hide images that are pulled by the node.
clearImageStatus required boolean proselector required object pro
Selector can be used to define more granular what nodes should get synced from the host cluster to the virtual cluster.
selector required object proall required boolean pro
All specifies if all nodes should get synced by vCluster from the host to the virtual cluster or only the ones where pods are assigned to.
all required boolean prolabels required object pro
Labels are the node labels used to sync nodes from host cluster to virtual cluster. This will also set the node selector when syncing a pod from virtual cluster to host cluster to the same value.
labels required object proevents required object pro
Events defines if events should get synced from the host cluster to the virtual cluster, but not back.
events required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean proingressClasses required object pro
IngressClasses defines if ingress classes should get synced from the host cluster to the virtual cluster, but not back.
ingressClasses required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean prostorageClasses required object pro
StorageClasses defines if storage classes should get synced from the host cluster to the virtual cluster, but not back.
storageClasses required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean procsiNodes required object pro
CSINodes defines if csi nodes should get synced from the host cluster to the virtual cluster, but not back.
csiNodes required object proenabled required boolean pro
Enabled defines if this option should be enabled.
enabled required boolean pro