Networking
Ingress traffic
Ingress to Service
The vCluster has the option to enable Ingress resources synchronization. That means that you can create an ingress in a vCluster to make a service in this vCluster available via a hostname/domain. However, instead of having to run a separate ingress controller in each vCluster, the ingress resource will be synchronized to the underlying cluster (when enabled) which means that the vCluster can use a shared ingress controller that is running in the host cluster. This helps to share resources across different vClusters and is easier for users of vClusters because otherwise, they would need to install an ingress controller and manually configure DNS for each vCluster.
From inside a virtual cluster
Pod in the virtual cluster to Pod in the same virtual cluster
Pods run inside the underlying host cluster. vCluster's syncer component syncs Pods between host and virtual cluster. These synced Pods have cluster-internal IP addresses and can communicate with each other via IP-based networking.
No additional configuration is required for Pod to Pod networking in the same virtual cluster.
Pod in the virtual cluster to Service in the same virtual cluster
To allow pods to communicate with services, vCluster also synchronizes Service objects, while stripping away unnecessary information from the resource. However, instead of using the DNS names of the Services inside the host cluster, vCluster has its own DNS service which allows virtual cluster pods to use much more intuitive DNS mappings, just as in a regular cluster.
No additional configuration is required for Pod to Service networking in the same virtual cluster.
Pod in the virtual cluster to Service in the host cluster
See Host cluster to virtual cluster.
Pod in the virtual cluster to Service in a different virtual cluster
See Mapping services across vCluster instances.
From the host cluster
Pod in the host cluster to Service in the virtual cluster
See Virtual cluster to host cluster
Config reference
networking required object pro
Networking options related to the virtual cluster.
networking required object proreplicateServices required object pro
ReplicateServices allows replicating services from the host within the virtual cluster or the other way around.
replicateServices required object protoHost required object[] pro
ToHost defines the services that should get synced from virtual cluster to the host cluster. If services are
synced to a different namespace than the virtual cluster is in, additional permissions for the other namespace
are required.
toHost required object[] profromHost required object[] pro
FromHost defines the services that should get synced from the host to the virtual cluster.
fromHost required object[] proresolveDNS required object[] pro
ResolveDNS allows to define extra DNS rules. This only works if embedded coredns is configured.
resolveDNS required object[] prohostname required string pro
Hostname is the hostname within the vCluster that should be resolved from.
hostname required string proservice required string pro
Service is the virtual cluster service that should be resolved from.
service required string pronamespace required string pro
Namespace is the virtual cluster namespace that should be resolved from.
namespace required string protarget required object pro
Target is the DNS target that should get mapped to
target required object prohostname required string pro
Hostname to use as a DNS target
hostname required string proip required string pro
IP to use as a DNS target
ip required string prohostService required string pro
HostService to target, format is hostNamespace/hostService
hostService required string prohostNamespace required string pro
HostNamespace to target
hostNamespace required string provClusterService required string pro
VClusterService format is hostNamespace/vClusterName/vClusterNamespace/vClusterService
vClusterService required string proadvanced required object pro
Advanced holds advanced network options.
advanced required object proclusterDomain required string pro
ClusterDomain is the Kubernetes cluster domain to use within the virtual cluster.
clusterDomain required string profallbackHostCluster required boolean false pro
FallbackHostCluster allows to fallback dns to the host cluster. This is useful if you want to reach host services without
any other modification. You will need to provide a namespace for the service, e.g. my-other-service.my-other-namespace
fallbackHostCluster required boolean false proproxyKubelets required object pro
ProxyKubelets allows rewriting certain metrics and stats from the Kubelet to "fake" this for applications such as
prometheus or other node exporters.
proxyKubelets required object probyHostname required boolean false pro
ByHostname will add a special vCluster hostname to the nodes where the node can be reached at. This doesn't work
for all applications, e.g. Prometheus requires a node IP.
byHostname required boolean false probyIP required boolean false pro
ByIP will create a separate service in the host cluster for every node that will point to virtual cluster and will be used to
route traffic.
byIP required boolean false pro