100% API Conformance
This is a big milestone for vcluster as vcluster now passes 100% of Kubernetes conformance tests for Kubernetes version v1.20 🚀. Check conformance on how to reproduce the test result.
Support for etcd, mysql & postgresql datastorage
vcluster now officially supports data storage backends such as etcd, mysql & postgresql instead of the default sqlite storage. Take a look at the vcluster docs for more information.
Fake Kubelet Endpoints
By default, vcluster will now create a service for each node which redirects incoming traffic from within the vcluster to the node kubelet to vcluster itself. This means that if workloads within the vcluster try to scrape node metrics the traffic reaches vcluster first. Vcluster will redirect the incoming request to the host cluster and rewrite the response (pod names, pod namespaces etc) and return it to the requester.
This makes it possible to use Kubernetes features such as metrics-server, prometheus operator or HorizontalPodAutoscaler within the vcluster.
Labels Sync
vcluster will now sync labels of resources. In order to avoid conflicts in the host namespace, vcluster will rewrite them to be uniquely identifiable in the host cluster.
This makes it possible to use features like downwardAPI fields like metadata.labels['my-label'] and pod topology constraints in the vcluster.
Other
- vcluster now calls the virtual admission webhooks for the requests pods/exec, pods/attach & pods/portforward
- vcluster will now use the virtual cluster k3s version as fake node version
- New
--serverflag invcluster connectto create kube configs for vclusters that use a NodePort, LoadBalancer or Ingress
- New
--extra-values/-fflag invcluster createto allow specification of additional value files that will be merged with the default ones
- New flag
--enable-priority-classesto sync priority classes from vcluster to the host cluster
- New flag
--fake-kubeletsto disable fake kubelet endpoints
- vcluster now supports switching service type from ExternalName to NodePort / ClusterIP
- vcluster will now set the actual allocatable resources for synced nodes if
--fake-nodes=false
- Secrets, endpoints and configmaps are now synced without "applying" changes. This has the advantage that synced resources do not need to store the original configuration anymore and differences between virtual and physical objects can be calculated more precisely
- Added a new flag
--sync-node-changesthat will sync the node resources, taints & labels from the virtual cluster to the host cluster if enabled.
- Added leader election to the syncer pod
- Fixed an issue where
vcluster connect --update-currentwould not work correctly
- vcluster can now be used without specifying a persistent volume claim
- volumes can now be configured in the vcluster chart
- replicas can now be configured in the vcluster chart
- New
--create-cluster-roleflag forvcluster createto tell vcluster to create a cluster role
- New
--k3s-imageflag forvcluster createto specify the k3s image version