Kubernetes Cluster backed by vcluster
A vcluster is an alternative to NKE-backed Kubernetes clusters with different use-cases and limitations. It makes use of vcluster to provide Kubernetes clusters at a lower price point with some drawbacks in terms of availability guarantees and managed add-ons. As vclusters are running on top of NKE, it has access to the same compute infrastructure.
This comparison table should give an overview of most of the differences:
| NKE | vcluster | |
|---|---|---|
| Service type load balancer | ✓ | ✓ |
| Persistent storage (RWO/RWX) | ✓ | ✓ |
| Ingress | ✓ | ✓ |
| Autoscaling | ✓ | ✓ |
| Argo CD integration | ✓ | ✓ |
| NKE machine types | ✓ | ✓ |
| Dedicated worker nodes | ✓ | ✓ |
| Dedicated HA control-plane nodes | ✓ | ✗ |
| Cluster add-ons | ✓ | ✗ |
| Automatic backup | ✓ | ✗ |
| Uptime guarantees (SLA) | ✓ | ✗ |
| Cluster fee | ✓ | ✗ |
| Fast creation time (< ~2 min) | ✗ | ✓ |
| Cluster admin | ✗ | ✓ |
Getting started
To get started with vclusters you need a login to access our Cockpit. Then simply select Managed Kubernetes from our products overview and use Add Cluster and choose the vcluster option. To access the cluster, have a look at our cluster login article.
For more information on the available node types, load balancing and storage refer to the main NKE documentation.
Use cases for a vcluster
- CI/CD: Because of the fast creation and deletion times of a vcluster, as well as their low cost, they lend themselves to be used in CI/CD pipelines to test deployments of your apps end-to-end.
- Testing new Kubernetes API versions: We try to always provide the latest Kubernetes releases within vcluster so you can test your apps against new API versions early.
- Well isolated and cost effective environments: Staging and development environments can use their own vcluster to be better isolated from production instead of using multiple namespaces on a single NKE cluster.
ArgoCD
If you want to use ArgoCD for deploying onto your vcluster, the steps documented in the ArgoCD article are not enough.
Since vclusters are not fully managed clusters, you will need to give permissions to the ArgoCD service account yourself.
First, you will need to find the name of the ArgoCD service account:
$ kubectl get serviceaccounts -n default
argocd-xyz 1 188d
Then you will need to create a clusterrolebinding and give the ArgoCD cluster-admin permissions:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argocd
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: argocd-xyz
namespace: default
Ingress
Because of the design of vcluster, the Ingress controller of the host cluster can be reused. This means there is no need to deploy an Ingress controller in your vcluster. You can find the IngressClass and Host of the predefined Ingress in the cluster details in Cockpit or in the status of the API.
For more information on how to use Ingress, refer to our dedicated documentation.