Skip to content

loft-demos/lambda-app

BranchesTags

Repository files navigation

vCluster Platform Demo Repository

This repo is the GitOps and use-case template for vCluster Platform demos.

Use one of these entrypoints:

If you want the shortest path, use vind:

LICENSE_TOKEN="$TOKEN" bash vind-demo-cluster/bootstrap-self-contained.sh

Default vind values:

Main repo areas:

Available Use Cases

vCP Free below is based on the official feature comparison and free-tier overview:

Yes means the use case maps to features explicitly called out as available in the Free plan. Enterprise means it depends on features documented outside the Free plan. Depends means the repo example is mostly built from apps, templates, or external tooling and is not mapped cleanly to one specific line item in the pricing table.

Use case What it demos vCP Free vind Details / docs
argocd-in-vcluster Installs a dedicated Argo CD instance inside selected vCluster instances and feeds it Git-based values. Enterprise Yes Repo, vCP Argo CD integration
argocd-vcluster-add-ons Applies environment-specific add-ons to imported Argo CD clusters based on cluster labels like dev, qa, and prod. Enterprise TBD Repo, vCP Argo CD integration
argocd-vcluster-pull-request-environments Creates ephemeral pull request environments with Argo CD, including preview apps and vCluster instances per PR. Enterprise TBD Repo, vCP Argo CD integration
auto-nodes-aws Auto-provisions AWS EC2-backed worker nodes for vCluster instances using the vCluster Platform Auto Nodes feature and a Terraform NodeProvider. Enterprise Yes Repo
auto-snapshots Automatic backup and restore of vCluster instances to S3-compatible storage (MinIO for vind). Enterprise No* Repo, Snapshots
central-admission-control Centralized policy enforcement with Kyverno and host-level admission control for virtual clusters. Enterprise TBD Repo
connected-host-cluster Registers another cluster, or another vCluster instance, as an additional host cluster for vCluster Platform. Yes TBD Repo, Connect a cluster
continuous-promotion Uses Kargo, Argo CD, sleeping vCluster instances, and a shared-node pre-prod gate where the app can consume host-managed ESO-backed config before promotion. Depends Yes Repo, Kargo
crossplane Crossplane providers, compositions, and claims used for webhook automation and PR environment orchestration. Depends TBD Repo
custom-resource-definitions Reserved area for CRD-focused demos and examples that depend on installing or exposing custom resource definitions. Depends TBD Repo
custom-resource-sync Syncs CloudNative PG Cluster resources from a vCluster to a host-side CNPG operator. Yes TBD Repo, Custom resources to host
database-connector Uses the vCluster Platform database connector with CloudNative PG as an external backing store for vCluster instances. Enterprise TBD Repo, Database connector
external-secrets-operator Installs ESO and shows how to integrate external secret delivery into vCluster and Platform flows. Enterprise TBD Repo, External Secrets integration
flux Flux Operator, Flux-managed vCluster instances, and Flux-based pull request environments. Depends TBD Repo
kai-scheduler Runs vCluster workloads against a host-installed KAI scheduler instead of the default scheduling path. Depends TBD Repo
namespace-sync Namespace sync plus Argo CD Application sync back to the host cluster. Yes TBD Repo, Namespace sync
pod-identity EKS Pod Identity with synced PodIdentityAssociation resources for AWS access from workloads in a vCluster. Depends TBD Repo
pod-security-standards Enforces Pod Security Standards inside the vCluster API server with an admission configuration. Depends TBD Repo
private-nodes Manual Private Nodes flow for attaching dedicated external compute to a vCluster instance, including an OrbStack VM path for vind. Yes Yes Repo
rancher-integration Rancher integration examples for deploying and wiring Rancher alongside vCluster Platform. Depends TBD Repo
resolve-dns Cross-vCluster DNS resolution with embedded CoreDNS and resolveDNS mappings. Yes TBD Repo, Resolve DNS
tenant-observability Tenant-scoped Grafana, Loki, and Prometheus inside each vCluster using Central HostPath Mapper plus Promtail for log collection. Enterprise Yes Repo, Central HostPath Mapper
virtual-scheduler Enables the Kubernetes scheduler, or other schedulers, inside a vCluster. Depends TBD Repo, Sync nodes from host
vnode-with-vcluster Uses vNode with vCluster for stronger workload isolation and breakout demos. Enterprise TBD Repo, vNode docs

vind above is the current self-contained OrbStack-backed path:

  • Yes means the use case has been validated on vind
  • TBD means it has not been fully validated on vind yet
  • No* means the overlay code exists but the use case is temporarily disabled due to an upstream blocker

Enable Use Cases Directly with cluster-local

Both the Demo Generator path and the self-contained vind path use the Argo CD cluster secret named cluster-local in namespace argocd to decide which use-case ApplicationSets should match the local management cluster.

That means you can enable or disable use cases directly with kubectl label without rerunning the full bootstrap.

Example:

kubectl -n argocd label secret cluster-local \
  eso=true \
  autoSnapshots=true \
  flux=true \
  crossplane=false \
  rancher=false \
  --overwrite

Disable a use case:

kubectl -n argocd label secret cluster-local customResourceSync=false --overwrite

Enable a few more use cases with the exact label keys:

kubectl -n argocd label secret cluster-local \
  argoCdInVcluster=true \
  customResourceSync=true \
  cnpg=true \
  connectedHostCluster=true \
  namespaceSync=true \
  privateNodes=true \
  resolveDNS=true \
  tenantObservability=true \
  virtualScheduler=true \
  --overwrite

Typical flow:

  1. connect kubectl to the demo environment management cluster
  2. update one or more labels on argocd/cluster-local
  3. wait for Argo CD to refresh the matching ApplicationSets and Applications

The label keys currently used by the repo are:

Use case cluster-local label
argocd-in-vcluster argoCdInVcluster
auto-nodes autoNodes
auto-snapshots autoSnapshots
connected-host-cluster connectedHostCluster
continuous-promotion continuousPromotion
crossplane crossplane
custom-resource-sync customResourceSync
eso eso
flux flux
kyverno kyverno
database-connector databaseConnector
namespace-sync namespaceSync
private-nodes privateNodes
rancher rancher
resolve-dns resolveDNS
tenant-observability tenantObservability
virtual-scheduler virtualScheduler
vnode vnode

Additional behavior toggle:

Purpose cluster-local label
install the shared host-side CNPG operator for database-connector and custom-resource-sync cnpg
opt into the legacy Argo CD-managed Kargo install for continuous-promotion legacyArgoKargo

Notes:

  • on the vind path, the bootstrap --use-cases flag writes these labels for you
  • on the vind path, cnpg is derived automatically when either database-connector or custom-resource-sync is enabled
  • if you edit argocd/cluster-local manually, set cnpg=true whenever either databaseConnector=true or customResourceSync=true
  • on the vind self-contained path, legacyArgoKargo is derived automatically when continuous-promotion is enabled without flux, so you do not need to set that label by hand
  • on the Demo Generator path, the initial values usually come from template parameters and the generated cluster secret
  • changing the secret directly is the fastest way to test another combination after the environment already exists

For the self-contained path, the Argo CD root app is:

The self-contained Git overlay is:

About

vCluster Platform Demo repository used for vCluster Platform GitOps and demo examples

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

Generated from loft-demos/vcluster-platform-demo-app-template