v0.8.0
Service Mapping
vcluster now supports mapping services between host and virtual cluster. You can specify which services from the host cluster should be available inside the vcluster and which services inside the vcluster should be synced with the host cluster. You can configure this in the helm chart via the new section mapServices
:
mapServices:
# Services that should get mapped from the
# virtual cluster to the host cluster.
# vcluster will make sure to sync the service
# ip to the host cluster automatically as soon
# as the service exists.
fromVirtual:
- from: my-virtual-namespace/my-virtual-service
to: my-host-service
# Same as from virtual, but instead sync services
# from the host cluster into the virtual cluster.
# If the namespace does not exist, vcluster will
# also create the namespace for the service.
fromHost:
- from: my-host-namespace/my-host-service
to: my-virtual-namespace/my-virtual-service
For more information, please take a look at the vcluster docs
Init Manifests
vcluster now supports creation with manifests that will be applied as soon as the vcluster has started. This can be useful to configure and deploy virtual cluster with certain resources that are then deployed into vcluster itself. You can configure these manifests inside the helm values:
init:
manifests: |-
apiVersion: v1
kind: Service
...
---
apiVersion: v1
kind: ConfigMap
...
vcluster Scheduler
vcluster now supports running a scheduler inside the virtual cluster. This is especially useful if you need to label and taint nodes within the vcluster and do not want to label or taint the actual host nodes. The scheduler can be enabled via:
sync:
nodes:
enabled: true
syncAllNodes: true # or use nodeSelector
enableScheduler: true
This will tell vcluster to now start the scheduler inside vcluster and will only sync pods that have a node assigned. For more information, please take a look at the vcluster docs.
Changes
- cli: Warn if the patch version is passed in kubernetes version flag (#414)
- cli: New
vcluster version
command - syncer: vcluster will now rewrite certain ingress annotations
- syncer: vcluster will now set the annotation
cluster-autoscaler.kubernetes.io/daemonset-pod
on pods that belong to a daemon set inside the virtual cluster - syncer: Fixed an issue where vcluster would not migrate managed endpoints to Kubernetes managed endpoints correctly
- syncer: Fixed an issue with service type change from ExternalName type to other types
- syncer: Fixed an issue where default/kubernetes EndpointSlices content should match default/kubernetes Endpoints - add the missing ports
- syncer: Syncer should not set pods nodeSelector when the scheduler is used.
- syncer: Use the vcluster service label selector for creating a fake kubelet service instead of finding out the pod label selector
- syncer: vcluster will now sync service selectors by default for better compatibility and reduced permission surface of vcluster instead of syncing all endpoints. vcluster will still sync endpoints for services that have no selector
- syncer: Fixed an issue where vcluster would not sync the increased persistent volume size back to the virtual cluster
- syncer: Fixed an issue where vcluster wouldn't sync ClusterIP to LoadBalancer change correctly
- syncer: vcluster will now recreate a PVC inside the virtual cluster if there is a corresponding host PVC with a different volume name
- syncer: Fixed an issue where
default/kubernetes
Endpoints object was referencing incorrect IPs in k8s and eks flavors. - syncer: vcluster will now try to reapply the kube config secret periodically
- syncer: Fixed an issue where vcluster would try to bind a virtual pod multiple times to a node
- syncer: Use the vcluster service label selector for creating a fake kubelet service instead of finding out the pod label selector
- syncer: Update vcluster default go runtime to 1.18
- syncer: Fixed an issue where vcluster now will be able to pull images from a private registry.
- chart: coredns is service type and external IP can be now easily overridden through helm values (thanks @olljanat)
- chart: Add
isolation.namespace
- chart: Enable CoreDNS multi-replica deployments via .coredns.replicas helm value
- chart: Add RFC6598 address space to network policy (thanks @desponda)