# vcluster - Virtual Kubernetes Clusters

<https://www.vcluster.com/>

![](/files/u0HrzOStRcayb7MViR4l)

## Get Started

Automatically creates a kube-context on your local machine, so you can now use kubectl with your virtual cluster

Install vcluster CLI

\*\*# amd64 (intel mac)\*\*curl -L -o vcluster "<https://github.com/loft-sh/vcluster/releases/latest/download/vcluster-darwin-amd64>" && chmod +x vcluster;

sudo mv vcluster /usr/local/bin;

\*\*# arm64 (silicon mac)\*\*curl -L -o vcluster "<https://github.com/loft-sh/vcluster/releases/latest/download/vcluster-darwin-arm64>" && chmod +x vcluster;

sudo mv vcluster /usr/local/bin;

**Create vcluster**

vcluster create vcluster-1

**Use the vcluster**

kubectl create namespace ns-inside-vcluster

helm install ./chart

kubectl get pods --all-namespaces

### Full Admin Access

You may not be admin inside the host cluster, but inside the vcluster, you can do anything you want:

* Create namespaces
* Configure RBAC permissions
* Install CRDs and deploy controllers
* Test a new ingress controller
* ...

[Get Started](https://www.vcluster.com/docs/getting-started/setup)

[vcluster%20-%20Virtual%20Kubernetes%20Clusters/60d402bf1770078626f61f9c\_6079d04fdb9fa152e8bfc6a3\_vcluster-launch-30second-preview-transcode.mp4](https://gitlab.com/johnmkane/tech-recipe-book/-/blob/main/Book/Architect/Kubernetes/Isolation/vcluster%20-%20Virtual%20Kubernetes%20Clusters/vcluster%20-%20Virtual%20Kubernetes%20Clusters/60d402bf1770078626f61f9c_6079d04fdb9fa152e8bfc6a3_vcluster-launch-30second-preview-transcode.mp4)

## How does it work?

Virtual clusters run inside namespaces of other clusters. They have a separate API server and a separate data store, so every Kubernetes object you create in the vcluster only exists inside the vcluster.

First, let's create a few namespaces inside our new vcluster:

kubectl create namespace ns-1

Now, we can deploy something into one of the namespaces of our vcluster:

kubectl create deployment nginx --image=nginx -n ns-1

The controller manager of our vcluster will create the pods for this deployment.

kubectl get pods -n ns-1

We can see pods being scheduled inside the vcluster although the vcluster does *not* have a scheduler and does not have any real nodes.

BUT, where do these pods get scheduled to?

If we are checking the underlying host namespace where our vcluster is running ...

kubectl get pods -n host-namespace-1

... then we can see that the pods are actually running inside the underlying cluster while every other high-level Kubernetes resource such as deployments or CRDs exist only inside the vcluster.

[Try it yourself](https://www.vcluster.com/docs/getting-started/setup)

## No Admin Privileges Required

As long as you can create a deployment inside a single namespace, you will be able to create a virtual cluster and become admin of this virtual cluster.

## vclusters supports a variety of use cases

## vcluster uses k3s as its API server to make virtual clusters super lightweight & cost-efficient

### 100% API compliant

vclusters use the k3s API server, a certified Kubernetes distribution, so when you are working with a vcluster, it will act the same as a regular cluster.

### Single Namespace

The vcluster and all of its workloads will be hosted in a single underlying host namespace. Delete the namespace and everything will cleanly be gone.

### Lightweight Architecture With Very Low Overhead

vclusters are super lightweight (1 pod), consume very few resources and run on any Kubernetes cluster without requiring privileged access to the underlying cluster.

### Highly Configurable

vcluster expose all k8s control plane options and you can even run different k8s versions in your vclusters or enable alpha and beta flags.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://book.konstantinsecurity.com/readme/architect/kubernetes/isolation/vcluster-virtual-kubernetes-clusters.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.