vCluster - Fully virtual kubernetes clusters #118
Description
vCluster is a tool with which you can create fully encapsulated and isolated kubernetes clusters on top of a single host cluster. This brings with it a wealth of operational and security benefits.
Key benefits listed:
- Fully isolated k8s cluster within a single host cluster namespace
- Lightweight and efficient due to clever utilization of kunernetes components
- Natively works with helm, kubectl etc.
What does it solve:
- Assuming vCluster is truthful about its offerings, it will reduce a lot of both operational complexity and utilization problems, potentially facilitating huge cost savings and making life a lot easier for platform teams.
Research questions:
- Can it actually decrease complexity?
- Does it truly isolate clusters?
- How does data- and compute-level isolation work, if any?
- Are there any security concerns falling between the cracks? (specfifically trust boundaries, access restriction in regards to isolation)
- Can this potentially be utilized in an academy context? (Future advanced K8S courses or the like)