README.md
</picture>
Website โข Quickstart โข Documentation โข Blog โข Slack
<a href="https://www.cncf.io/training/certification/software-conformance/"></a> ย ย ย ย <a href="https://github.com/cncf/k8s-ai-conformance/tree/main/v1.35/vcluster-private-nodes"></a>
CNCF Certified Kubernetes โ Distribution ยท Kubernetes AI Conformant
</div>vCluster creates Tenant Clusters โ fully isolated Kubernetes environments that run on top of a Control Plane Cluster or standalone on dedicated infrastructure or bare metal. Each tenant gets its own API server, CRDs, and RBAC, with a cluster experience indistinguishable from a dedicated Kubernetes cluster.
Built for production. Trusted in production. 40M+ Tenant Clusters deployed by teams at Adobe, CoreWeave, NVIDIA, Lintasarta, Atlan, Deloitte, and hundreds of AI clouds, AI factories, and Fortune 500 platform organizations.
CNCF Certified Kubernetes โ Distribution and Kubernetes AI Conformant โ every Tenant Cluster is upstream Kubernetes with no vendor lockโin, validated for portable AI/ML workloads (training, inference, agentic).
<div align="center"> </div>The public-cloud experience, on your own infrastructure. Give every team the Kubernetes they need โ with strict isolation, hardware-aware scheduling, and zero tenant sprawl โ whether you run one region or 100K GPUs.
# Install vCluster CLI
brew install loft-sh/tap/vcluster
# Create a Tenant Cluster
vcluster create my-vcluster --namespace team-x
# Use kubectl as usual โ you're now in your Tenant Cluster
kubectl get namespaces
Prerequisites: A running Kubernetes cluster and kubectl configured.
No Kubernetes cluster? Run vCluster directly on Docker with vind (vCluster in Docker) โ like kind, but with the full vCluster feature set (UI, sleep/resume, LoadBalancer, image cache):
vcluster create my-vcluster --driver docker
kubectl get namespaces
Real usage, not a gated demo. Unlimited Tenant Clusters up to 64 CPUs / 32 GPUs, plus the full vCluster Platform UI โ for free. Get Started Free โ
| Version | Feature | Description |
|---|---|---|
| v0.34 | Multi-Region Platform & Standalone Snapshots | Active/active vCluster Platform across regions (Route 53 + RDS), Standalone snapshots (S3 / OCI / local), first-class template parameters |
| v0.33 | Enterprise Reliability & Storage | Automatic leaf-cert regeneration, Azure Blob snapshot destinations, workload-level sleep annotations |
| v0.32 | Docker Driver & DRA | Run vCluster on Docker, Dynamic Resource Allocation (DRA) for GPU workloads, in-place pod resizing |
| v0.31 | Snapshots & Cross-Cluster APIs | Expanded snapshot/restore lifecycle, PDBs for Tenant Cluster control planes, cross-cluster resource proxying |
| v0.30 | vCluster VPN & Netris Integration | Tailscale-powered overlay networking and automated hardware isolation via Netris |
| v0.27โv0.29 | Architecture Foundations | Private Nodes (v0.27, CNI/CSI isolation), Auto Nodes (v0.28, Karpenter autoscaling), Standalone Mode (v0.29, no Control Plane Cluster โ dedicated infrastructure or bare metal) |
๐ Full Changelog
| Use Case | Description | Learn More |
|---|---|---|
| AI Factory | Run AI on-prem where your data and GPUs live. Give every team the GPU access they need without multiplying infrastructure. | View โ |
| AI Cloud Providers | Launch a hyperscaler-like Kubernetes experience for your GPU customers. Isolated, production-grade, in minutes. | View โ |
| Internal GPU Platform | Maximize GPU utilization without sacrificing isolation. Self-service Kubernetes for AI/ML teams. | View โ |
| Bare Metal Kubernetes | Run production Kubernetes on bare metal with zero VMs. Isolation without expensive virtualization overhead. | View โ |
| Software Vendors | Ship Kubernetes-native products. Each customer gets their own isolated Tenant Cluster. | View โ |
| Environments & Cost Savings | Consolidate clusters, pause idle workloads with sleep mode, and cut Kubernetes cost at scale. | View โ |
vCluster supports multiple deployment architectures. Each builds on the previous, offering progressively stronger isolation โ from dense shared infrastructure to fully standalone deployments on dedicated infrastructure or bare metal.
| Shared Nodes | Dedicated Nodes | Private Nodes | Standalone | |
|---|---|---|---|---|
| Control Plane Cluster | Required | Required | Required | Not Required |
| Node Isolation | โ | โ | โ | โ |
| CNI/CSI Isolation | โ | โ | โ | โ |
| Bare Metal Ready | โ | โ | โ | โ |
| Best For | Dev/test, density | Production tenants | Compliance, GPU | AI factories, edge |
sync:
fromHost:
nodes:
enabled: false # Uses pseudo nodes
sync:
fromHost:
nodes:
enabled: true
selector:
labels:
tenant: my-tenant
privateNodes:
enabled: true
controlPlane:
service:
spec:
type: NodePort
controlPlane:
standalone:
enabled: true
joinNode:
enabled: true
privateNodes:
enabled: true
autoNodes:
enabled: true
nodeProvider: <provider>
privateNodes:
enabled: true
| Feature | Description |
|---|---|
| ๐๏ธ Isolated Virtual Control Plane | Each Tenant Cluster gets its own API server, controller manager, and data store โ complete Kubernetes API isolation |
| ๐ Shared Platform Stack (Shared / Dedicated Nodes) | Leverage the Control Plane Cluster's CNI, CSI, ingress, and other infrastructure โ no duplicate platform components |
| ๐ Strong Tenant Isolation | Tenants get admin access inside their Tenant Cluster while having minimal permissions on the Control Plane Cluster |
| ๐ Resource Syncing (Shared / Dedicated Nodes) | Bidirectional sync of any Kubernetes resource โ pods, services, secrets, configmaps, CRDs, and more |
| ๐ค Sleep Mode | Pause inactive Tenant Clusters to save resources. Instant wake when needed |
| ๐ฅ๏ธ Standalone Deployment | Run without a Control Plane Cluster on dedicated infrastructure or bare metal โ purpose-built for AI factories and on-prem GPU fleets |
| ๐งฉ Integrations | Native support for cert-manager, external-secrets, KubeVirt, Istio, and metrics-server (host-side integrations apply in Shared / Dedicated Nodes modes) |
| ๐ High Availability | Multiple replicas with leader election. Embedded etcd or external databases (PostgreSQL, MySQL, RDS) |
Shared Platform Stack, Resource Syncing, and host-cluster integrations apply only in Shared and Dedicated Nodes modes, where the Tenant Cluster shares the Control Plane Cluster's CNI, CSI, and platform stack. Private Nodes and Standalone deployments bring their own CNI, CSI, and platform components.
vCluster is the foundation of a broader platform for running production Kubernetes and AI infrastructure on your own hardware โ from a single rack to 100K-GPU supercomputers.
| Product | What it does |
|---|---|
| vCluster | Tenant Clusters โ Virtual Control Planes with API, data, and (optionally) network isolation |
| vNode | Runtime-level isolation. Kernel-enforced boundaries (seccomp, cgroups, namespaces, AppArmor) without VM overhead |
| vMetal | Zero-touch bare metal provisioning for GPU fleets. Turns GPU racks into a cloud platform |
| Netris (integration) | Hardware-enforced network isolation via programmatic VLANs, VRFs, and ACLs |
Together these provide a complete foundation for AI factories โ certified Kubernetes stacks, isolated Tenant Clusters, runtime workload sandboxing, and GPU infrastructure operations โ the same pattern used to run production AI on hundreds of AI clouds and Fortune 500 on-prem platforms.
Also used by: NVIDIA, ABBYY, Precisely, Shipwire, and many more โ with 50+ GPU clouds and Fortune 500s running vCluster in production.
| Event | Speaker | Title | Link |
|---|---|---|---|
| KubeCon NA 2025 (Keynote) | Lukas Gentele | Autoscaling GPU Clusters Anywhere โ Hyperscalers, Neoclouds & Baremetal | Watch |
| Platform Engineering Day NA 2025 (Keynote) | Saiyam Pathak | AI-Ready Platforms: Scaling Teams Without Scaling Costs | Watch |
| Rejekts NA 2025 | Hrittik Roy, Saiyam Pathak | Beyond the Default Scheduler: Navigating GPU MultiTenancy in AI Era | Watch |
| KubeCon EU 2025 | Paco Xu, Saiyam Pathak | A Huge Cluster or Multi-Clusters? Identifying the Bottleneck | Watch |
| HashiConf 2025 | Scott McAllister | GPU sharing done right: Secrets, security, and scaling with Vault and vCluster | Watch |
| FOSDEM 2025 | Hrittik Roy, Saiyam Pathak | Accelerating CI Pipelines: Rapid Kubernetes Testing with vCluster | Watch |
| KubeCon India 2024 (Keynote) | Saiyam Pathak | From Outage To Observability: Lessons From a Kubernetes Meltdown | Watch |
| CNCF Book Club 2024 | Marc Boorshtein | Kubernetes - An Enterprise Guide (vCluster) | Watch |
| KCD NYC 2024 | Lukas Gentele | Tenant Autonomy & Isolation In Multi-Tenant Kubernetes Clusters | Watch |
| KubeCon EU 2023 | Ilia Medvedev, Kostis Kapelonis | How We Securely Scaled Multi-Tenancy with VCluster, Crossplane, and Argo CD | Watch |
| KubeCon NA 2022 | Joseph Sandoval, Dan Garfield | How Adobe Planned For Scale With Argo CD, Cluster API, And VCluster | Watch |
| KubeCon NA 2022 | Whitney Lee, Mauricio Salatino | What a RUSH! Let's Deploy Straight to Production! | Watch |
| TGI Kubernetes 2022 | TGI | TGI Kubernetes 188: vCluster | Watch |
| Mirantis Tech Talks 2022 | Mirantis | Multi-tenancy & Isolation using Virtual Clusters (vCluster) in K8s | Watch |
| Solo Webinar 2022 | Rich Burroughs, Fabian Keller | Speed your Istio development environment with vCluster | Watch |
| KubeCon NA 2021 | Lukas Gentele | Beyond Namespaces: Virtual Clusters are the Future of Multi-Tenancy | Watch |
| Channel | Speaker | Title | Link |
|---|---|---|---|
| TeKanAid 2024 | TeKanAid | Getting Started with vCluster: Build Your IDP with Backstage, Crossplane, and ArgoCD | Watch |
| Rawkode 2021 | David McKay, Lukas Gentele | Hands on Introduction to vCluster | Watch |
| Kubesimplify 2021 | Saiyam Pathak, Lukas Gentele | Let's Learn vCluster | Watch |
| TechWorld with Nana 2021 | Nana | Build your Self-Service Kubernetes Platform with Virtual Clusters | Watch |
| DevOps Toolkit 2021 | Viktor Farcic | How To Create Virtual Kubernetes Clusters | Watch |
๐ YouTube Channel โข Blog
We welcome contributions! Check out our Contributing Guide to get started.
vCluster is licensed under the Apache 2.0 License.
ยฉ 2026 Loft Labs. All rights reserved.
Made with โค๏ธ by the vCluster community.
โญ Star us on GitHub โ it helps!
</div>