Deploy vCluster AddOns
Configure addons
vCluster supports addons that extend the capabilities of your tenant cluster. You can configure these addons during deployment to adjust networking, observability, and other features for your environment and requirements.
Metrics Server
vCluster can install the Kubernetes Metrics Server into the tenant cluster. Enable it when you need kubectl top output or want the Horizontal Pod Autoscaler to use CPU and memory metrics.
deploy:
metricsServer:
enabled: true
CNI
vCluster installs Flannel as the Container Network Interface (CNI) by default. You can disable it and install your own CNI.
deploy:
cni:
flannel:
enabled: false
When you disable Flannel, you are responsible for installing and operating a CNI in the tenant cluster. vCluster support does not cover the configuration or behavior of user-managed CNI installations.
Kube proxy
vCluster installs kube-proxy by default to configure services on worker nodes. If your CNI implements its own service proxy (for example, Cilium in kube-proxy replacement mode), you can disable it.
deploy:
kubeProxy:
enabled: false
To customize kube-proxy behavior without disabling it, use the config field. Values merge into the default KubeProxyConfiguration. See the Kubernetes kube-proxy config API reference for available fields.
deploy:
kubeProxy:
config:
mode: ipvs
ipvs:
scheduler: rr
Use extraArgs to pass additional flags directly to the kube-proxy binary.
MetalLB
vCluster can install MetalLB into the tenant cluster. Enable this with the following YAML:
deploy:
metallb:
enabled: true
ipAddressPool:
addresses:
- 10.X.X.1-10.X.X.100 # your IPs here
Local Path Provisioner
vCluster installs the Local Path Provisioner by default to provide a default StorageClass for stateful workloads. If you bring your own storage solution, you can disable it.
deploy:
localPathProvisioner:
enabled: false
When you disable the Local Path Provisioner and replace it with your own StorageClass, vCluster support does not cover your storage configuration. Replacing the provisioner does not affect existing PersistentVolumes, However, new PersistentVolumeClaims do not bind until a replacement provisioner is available.
Control plane components
CoreDNS and Konnectivity are control plane components, not deploy addons. Configure them under controlPlane in your vcluster.yaml:
- CoreDNS: see CoreDNS configuration
- Konnectivity: configure or disable under
controlPlane.advanced.konnectivity
Config reference
deploy required object
Deploy holds configuration for the deployment of vCluster.
deploy required object kubeProxy required object
KubeProxy holds dedicated kube proxy configuration.
kubeProxy required object enabled required boolean true
Enabled defines if the kube proxy should be enabled.
enabled required boolean true image required string
Image is the image for the kube-proxy.
image required string imagePullPolicy required string
ImagePullPolicy is the policy how to pull the image.
imagePullPolicy required string nodeSelector required object {}
NodeSelector is the node selector for the kube-proxy.
nodeSelector required object {} priorityClassName required string
PriorityClassName is the priority class name for the kube-proxy.
priorityClassName required string tolerations required object[] []
Tolerations is the tolerations for the kube-proxy.
tolerations required object[] [] extraEnv required object[] []
ExtraEnv is the extra environment variables for the kube-proxy.
extraEnv required object[] [] extraArgs required string[] []
ExtraArgs are additional arguments to pass to the kube-proxy.
extraArgs required string[] [] config required object {}
Config is the config for the kube-proxy that will be merged into the default kube-proxy config. More information can be found here:
https://kubernetes.io/docs/reference/config-api/kube-proxy-config.v1alpha1/#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConfiguration
config required object {} metallb required object
Metallb holds dedicated metallb configuration.
metallb required object enabled required boolean false
Enabled defines if metallb should be enabled.
enabled required boolean false controllerImage required string
ControllerImage is the image for metallb controller.
controllerImage required string speakerImage required string
SpeakerImage is the image for metallb speaker.
speakerImage required string ipAddressPool required object
IPAddressPool is the IP address pool to use for metallb.
ipAddressPool required object cni required object
CNI holds dedicated CNI configuration.
cni required object flannel required object
Flannel holds dedicated Flannel configuration.
flannel required object enabled required boolean true
Enabled defines if Flannel should be enabled.
enabled required boolean true image required string
Image is the image for Flannel main container.
image required string initImage required string
InitImage is the image for Flannel init container.
initImage required string imagePullPolicy required string
ImagePullPolicy is the policy how to pull the image.
imagePullPolicy required string localPathProvisioner required object
LocalPathProvisioner holds dedicated local path provisioner configuration.
localPathProvisioner required object enabled required boolean true
Enabled defines if LocalPathProvisioner should be enabled.
enabled required boolean true image required string
Image is the image for local path provisioner.
image required string imagePullPolicy required string
ImagePullPolicy is the policy how to pull the image.
imagePullPolicy required string nodePath required string
NodePath is the path on the node where to create the persistent volume directories.
nodePath required string ingressNginx required object
IngressNginx holds dedicated ingress-nginx configuration.
Deprecated: We do not deploy ingress nginx and the project is being deprecated.
ingressNginx required object