Observability
Monitoring
You can monitor your virtual cluster either from the host cluster or from within the virtual cluster.
vCluster is able to rewrite node stats and metrics. This means monitoring a virtual cluster works similar to monitoring a regular Kubernetes cluster.
By default, vCluster creates a service for each node that redirects incoming traffic from within the virtual cluster to the node kubelet to vCluster itself. This means that traffic reaches vCluster first if workloads within the virtual cluster try to scrape node metrics. vCluster redirects the incoming request to the host cluster and rewrites the response (pod names, pod namespaces etc) and returns it to the requester.
vCluster needs RBAC permissions to access host Node metrics from within the virtual cluster. You enable these permissions when you enable real nodes synchronization.
Virtual cluster workloads
You have the following monitoring options:
- Proxy the metrics server in the host cluster to the virtual cluster by configuring
observability.metrics.proxy
. - Install a metrics server in the virtual cluster.
vCluster control plane
vCluster exposes the following metrics endpoints:
- vCluster syncer metrics:
https://0.0.0.0:8443/metrics
- Kubernetes metrics:
https://0.0.0.0:6444/metrics
To scrape those metrics, send an Authorization
header with a valid virtual cluster ServiceAccount token that has permissions to access the /metrics
endpoint within the virtual cluster.
vCluster Platform
Use the vCluster Platform UI to configure monitoring. See these guides:
Config reference
observability
required object pro
Observability holds options to proxy metrics from the host cluster into the virtual cluster.
observability
required object pro