VCluster

Virtual K8S Clusters

"látszólagos fürt"
a rezsicsökkentett fölhő

Október - Papp Lajos

What does it mean?
Use-cases
How does it work ?
Under the hood

lalyos

mar az ovodaban in balna volt a jelem
Cofounder of SequenceIQ (docker + bigdata + felho)
BanzaiCloud in early times
long time dev (java/golang) (since 1998)
trainer/consultant (hire me!)

VCluster

A virtual k8s cluster which runs
in a namespace of a hosting cluster

Issues with k8s?

[dev] You got restricted acces

Issues with k8s?

[dev] You got restricted acces
[dev] Don't want to chage existing apps

Issues with k8s?

[dev] You got restricted acces
[dev] Don't want to chage existing apps
[ops] Want less clusters to maintain

Real clusters

Moves

moves-4b

Virtual Clusters

Issues with k8s?

[dev] You got restricted acces
[dev] Don't want to chage existing apps
[ops] Want less clusters to maintain
[ops] Want Restrict acces by namspace

Issues with k8s?

[dev] You got restricted acces
[dev] Don't want to chage existing apps
[ops] Want less clusters to maintain
[ops] Want Restrict acces by namspace
[ops] Parallely run different versoins of …

Issues with k8s?

[dev] You got restricted acces
[dev] Don't want to chage existing apps
[ops] Want less clusters to maintain
[ops] Want Restrict acces by namspace
[ops] Parallely run different versoins of …
… more …

cloud provider APIServer customization ???
Stop under-utilized clusters
save costs (megvedjuk a magyar …)
Everybody gets a cluster

Usage

vcluster cli
collect CIDR addr
generate KUBECONFIG
helm

RBAC: be able to start a pod

Exposing

internal only
NodePort
Loadbalancer
Ingress

Accessing a VCluster

$ > vcluster connect my-vcluster

generates KUBECONFIG yaml

How?

Vcluster has its own ctrl-plane

APIServer
Controller mgr
Storage (etcd/kine)
Scheduler ???

How k8s works normally:

training slides - thanks jpetazzo

KINE

Part/Subproject of K3S.io

Kine Is Not Etcd

Run Kubernetes on MySQL, Postgres, sqlite, dqlite, not etcd.

sqlite + litestream + s3 => dirt cheap,

Scheduler

By default you delegate it to the host cluster. But…

Labeling nodes inside has no effect
Draining or tainting nodes inside
You cannot use custom schedulers inside

vcluster supports running a scheduler inside

DNS - Network

service mapping is configurable

Nodes

supports multiple sync modes:

Fake Nodes (def)
Real Nodes
Real Nodes All
Real Nodes Label Selector

daemonsets?

Synched Resources

pods, services, configmaps, secrets, events (other way), PVCs, Ingresses

configurable

sdk for custom resource syncers plugins (depl,sts,ns)

Extra Features

Pausing & Resuming
High Availability
Distro choise: k3s/k0s/vanillia k8s
Backup & Restore (Velero)

DinD / KinK

Keep in touch

http://hwsw.lalyo.sh/

Syntax	Example	Reference
# Header	Header	基本排版
- Unordered List	Unordered List
1. Ordered List	Ordered List
- [ ] Todo List	Todo List
> Blockquote	Blockquote
Bold font	Bold font
Italics font	Italics font
~~Strikethrough~~	~~Strikethrough~~
19^th^	19^th
H~2~O	H₂O
++Inserted text++	Inserted text
==Marked text==	Marked text
[link text](https:// "title")	Link
![image alt](https:// "title")	Image
`Code`	`Code`	在筆記中貼入程式碼
```javascript var i = 0; ```	`var i = 0;`	在筆記中貼入程式碼
:smile:		Emoji list
{%youtube youtube_id %}	Externals
$L^aT_eX$	L^aT_eX
:::info This is a alert area. :::	This is a alert area.