Skip to main content
Version: main 🚧
Supported Configurations
Running the control plane as a container with:

What is vCluster pod creation?

In a vCluster, pod creation is not a direct process like in a standard Kubernetes cluster. Instead, it involves a unique mechanism that bridges your tenant cluster with the underlying control plane cluster.

Imagine a vCluster as a virtual layer on top of a physical Kubernetes cluster. When you create a pod, it doesn't magically appear in the control plane cluster. Instead, it goes through a process that ensures your tenant cluster remains isolated while still using the resources of the control plane cluster.

A pod in a vCluster isn't created directly in the control plane cluster but follows a well-defined process. This document explains the behind-the-scenes mechanism of pod creation in vCluster.

Key components​

The crucial components involved in vCluster pod creation are:

  • Kube-apiserver (control plane cluster): Manages resources in the underlying physical cluster.
  • Kube-apiserver (vCluster): Handles API requests within the tenant cluster.
  • Syncer: Bridges communication between vCluster and control plane cluster.

  1. Pod Creation in vCluster

    Create a pod by making an API call to the vCluster kube-apiserver. The API server stores the pod in the vCluster backend storage (etcd).

    Example:

    kubectl create -f my-pod.yaml -n my-vcluster

  2. Syncer synchronization.

    The syncer monitors events from the vCluster kube-apiserver. It communicates with the control plane cluster kube-apiserver to synchronize the pod creation.

    Key actions:

    • Watch vCluster events.
    • Translate vCluster pod configuration.
    • Initiate pod creation in control plane cluster.

  3. Control plane cluster pod deployment.

    The control plane cluster processes the pod creation request:

    • Brings the pod up using standard Kubernetes procedures.
    • Sets the pod state to ready.
    • Treats the pod like any other cluster pod.

    Verification:

    kubectl get pods -n host-cluster-namespace

  4. Status synchronization.

    After the pod reaches state=ready, the syncer:

    • Copies the pod's status from the control plane cluster.
    • Applies the status to the corresponding pod in the vCluster namespace.

    Status check:

    kubectl describe pod <pod-name> -n my-vcluster