A Virtual Kubelet provider that enables Kubernetes to schedule container workloads on Cisco Catalyst series switches and other IOS-XE devices with App-Hosting capabilities.
This provider allows Kubernetes pods to be deployed as containers directly on Cisco devices, enabling edge computing scenarios where compute workloads run on network infrastructure. The provider communicates with Cisco devices via RESTCONF APIs to manage the container lifecycle.
- Native Kubernetes Integration: Deploy containers to Cisco devices using standard
kubectlcommands - Driver-Based Architecture: Extensible driver pattern currently supporting IOS-XE devices
- Full Lifecycle Management: Create, monitor, and delete containers via RESTCONF
- Health Monitoring: Continuous node health checks and status reporting
- Resource Management: CPU, memory, and storage allocation per container
- Flexible Networking: Support both DHCP IP allocation via Virtual Port Groups or AppGigabitEthernet
- DHCP Integration: Automatic IP discovery from device operational data or ARP tables
- Cisco Catalyst 8000V virtual routers
- Cisco Catalyst 9000 switches
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Kubernetes Cluster β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Kubernetes API Server β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β
β βββββββββββββββββΌββββββββββββββββ β
β βΌ βΌ βΌ β
β βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ β
β β VK Provider β β VK Provider β β VK Provider β β
β β (Device 1) β β (Device 2) β β (Device N) β β
β ββββββββββ¬βββββββββ ββββββββββ¬βββββββββ ββββββββββ¬βββββββββ β
βββββββββββββΌββββββββββββββββββββΌββββββββββββββββββββΌβββββββββββββ
β RESTCONF β RESTCONF β RESTCONF
βΌ βΌ βΌ
βββββββββββββββββ βββββββββββββββββ βββββββββββββββββ
β Cisco IOS-XE β β Cisco IOS-XE β β Cisco IOS-XE β
β βββββββββββ β β βββββββββββ β β βββββββββββ β
β βContainerβ β β βContainerβ β β βContainerβ β
β βββββββββββ β β βββββββββββ β β βββββββββββ β
βββββββββββββββββ βββββββββββββββββ βββββββββββββββββ
- A Kubernetes cluster
helmv3- Cisco IOS-XE device with:
- IOx enabled (
ioxconfiguration) - RESTCONF enabled
- App-hosting support
- Container image (tar file) on device flash
- IOx enabled (
The controller watches CiscoDevice CRs and automatically creates a VK pod per device. Deploy it via the included Helm chart.
# Build
docker build -t <your-registry>/cisco-vk:latest .
# Push
docker push <your-registry>/cisco-vk:latest# Install CRDs and the controller into the cvk-system namespace
helm install cvk ./charts/cisco-virtual-kubelet \
--namespace cvk-system --create-namespace \
--set image.repository=<your-registry>/cisco-vk \
--set image.tag=latestBoth the controller pod and the VK pods it spawns use the same image by default. To use different images:
helm install cvk ./charts/cisco-virtual-kubelet \
--namespace cvk-system --create-namespace \
--set controllerImage.repository=<your-registry>/cisco-vk-controller \
--set controllerImage.tag=latest \
--set vkImage.repository=<your-registry>/cisco-vk \
--set vkImage.tag=latestOnce the controller is running, create a CiscoDevice resource to provision a VK node:
apiVersion: cisco.vk/v1alpha1
kind: CiscoDevice
metadata:
name: cat9000-1
namespace: default
spec:
driver: XE
address: "192.168.1.100"
port: 443
username: admin
password: cisco123
tls:
enabled: true
insecureSkipVerify: true
xe:
networking:
interface:
type: VirtualPortGroup
virtualPortGroup:
dhcp: true
interface: "0"
guestInterface: 0The controller will create a VK deployment and a matching Kubernetes node. Pods scheduled to that node are deployed to the device via AppHosting.
- Configuration Reference - Configuration options and device setup
- Architecture - Technical architecture details
- API Reference - RESTCONF API details
cisco-virtual-kubelet/
βββ api/
β βββ v1alpha1/ # CRD API types (DeviceSpec, CiscoDevice)
βββ cmd/
β βββ cisco-vk/ # Unified binary entry point
β βββ main.go # cobra root command
β βββ run.go # 'run' subcommand β standalone VK provider
β βββ manager.go # 'manager' subcommand β CRD controller manager
βββ charts/
β βββ cisco-virtual-kubelet/ # Helm chart for controller deployment
β βββ crds/ # CRD (synced from config/crd by make generate)
β βββ templates/ # RBAC, Deployment (role.yaml auto-generated)
βββ config/
β βββ crd/ # Generated CRDs (source of truth for make generate)
βββ internal/
β βββ config/ # YAML/viper config loader
β βββ controller/ # CiscoDevice reconciler (+kubebuilder:rbac markers)
β βββ provider/ # Virtual Kubelet provider implementation
β βββ drivers/ # Device driver implementations (XE, fake)
βββ examples/
βββ dev/ # Development configs and test resources
βββ docs/
βββ Makefile
βββ go.mod
βββ README.md
For local development and testing, the VK provider can be run directly against a cluster without deploying it to Kubernetes.
- Go 1.23 or later
make build
cisco-vk run \
--config dev/deviceConfig.yaml \
--kubeconfig ~/.kube/config \
--nodename my-test-nodeThe device config file follows the same schema as the CiscoDevice CR spec. See examples for interface/networking options.
Runtime flags:
| Flag | Env Var | Default | Description |
|---|---|---|---|
--nodename |
VKUBELET_NODE_NAME |
cisco-virtual-kubelet |
Kubernetes node name |
--config / -c |
- | /etc/virtual-kubelet/config.yaml |
Path to device config file |
--kubeconfig |
KUBECONFIG |
(in-cluster) | Path to kubeconfig file |
--log-level |
LOG_LEVEL |
info |
Log level: debug, info, warn, error |
# Regenerates CRDs β config/crd, RBAC β chart templates, syncs CRDs into chart
make generateContributions are welcome! Please read our Contributing Guide for details on our code of conduct and the process for submitting pull requests.
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
- GitHub Issues: For bug reports and feature requests
- Cisco DevNet: developer.cisco.com
- Virtual Kubelet project
- Cisco IOS-XE and IOx teams