{"id":13509056,"url":"https://github.com/loft-sh/loft","last_synced_at":"2026-02-04T12:13:43.487Z","repository":{"id":37250264,"uuid":"265079366","full_name":"loft-sh/loft","owner":"loft-sh","description":"Namespace \u0026 Virtual Cluster Manager for Kubernetes - Lightweight Virtual Clusters, Self-Service Provisioning for Engineers and 70% Cost Savings with Sleep Mode","archived":false,"fork":false,"pushed_at":"2026-01-30T22:43:26.000Z","size":144552,"stargazers_count":820,"open_issues_count":11,"forks_count":74,"subscribers_count":9,"default_branch":"master","last_synced_at":"2026-01-31T01:55:55.563Z","etag":null,"topics":["dev","development","devops","environment","gitops","isolation","kubernetes","multi-tenancy","namespaces","sandboxing"],"latest_commit_sha":null,"homepage":"https://loft.sh/docs/introduction","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/loft-sh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-05-18T22:36:25.000Z","updated_at":"2026-01-30T23:14:29.000Z","dependencies_parsed_at":"2025-11-28T18:09:01.692Z","dependency_job_id":null,"html_url":"https://github.com/loft-sh/loft","commit_stats":null,"previous_names":[],"tags_count":786,"template":false,"template_full_name":null,"purl":"pkg:github/loft-sh/loft","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/loft-sh%2Floft","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/loft-sh%2Floft/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/loft-sh%2Floft/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/loft-sh%2Floft/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/loft-sh","download_url":"https://codeload.github.com/loft-sh/loft/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/loft-sh%2Floft/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29084104,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-04T03:31:03.593Z","status":"ssl_error","status_checked_at":"2026-02-04T03:29:50.742Z","response_time":62,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dev","development","devops","environment","gitops","isolation","kubernetes","multi-tenancy","namespaces","sandboxing"],"created_at":"2024-08-01T02:01:02.377Z","updated_at":"2026-02-04T12:13:43.462Z","avatar_url":"https://github.com/loft-sh.png","language":"Go","readme":"# vCluster Platform\n\n**A powerful Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing**\n\nvCluster Platform provides a single pane of glass that lets you connect your clusters, deploy virtual clusters, configure user access, and reduce operational costs. Built on top of Kubernetes, it enables teams to efficiently share cluster resources while maintaining strong isolation and self-service capabilities.\n\n## 🚀 Features\n\n### Core Platform Features\n\n- **Projects**: Highest organizational unit for logically grouping resources by team or division with role-based access controls (RBAC)\n- **Clusters**: Connect to and manage multiple physical Kubernetes clusters, deploying spaces, virtual clusters, and apps as needed\n- **Virtual Clusters**: Lightweight virtual Kubernetes clusters that run inside a namespace within the host physical cluster - ideal for development, testing, and production workloads\n- **Apps**: Define and deploy applications with configurable parameters across clusters, spaces, and virtual clusters using Kubernetes Manifests, bash scripts, Helm charts, and more\n- **Cost Reduction Tools**: \n  - **Sleep Mode**: Put Kubernetes namespaces to sleep (sets `replicas: 0` for all replica-controlled resources), reducing cloud costs by up to 70%\n  - **Auto Delete**: Configure auto-deletion for inactive virtual clusters\n  - **Inactivity Detection**: Automatically detect and respond to namespace inactivity\n- **Multi-Tenancy**: Granular RBAC at project, space, and virtual cluster levels\n- **GitOps Ready**: All resources are defined as Custom Resource Definitions (CRDs) for GitOps workflows\n- **RESTful API**: Comprehensive OpenAPI 3.0-compliant API for programmatic access and automation\n\n## 📋 Table of Contents\n\n- [Quick Start](#quick-start)\n- [Architecture](#architecture)\n- [Installation \u0026 Configuration](#installation--configuration)\n- [API Documentation](#api-documentation)\n- [Helm Charts](#helm-charts)\n- [Configuration](#configuration)\n- [Automatic Synchronization](#automatic-synchronization)\n- [Testing](#testing)\n- [Contributing](#contributing)\n- [License](#license)\n- [Resources](#resources)\n- [Support](#support)\n- [Next Steps](#next-steps)\n\n\u003ca id=\"quick-start\"\u003e\u003c/a\u003e\n## 🏃 Quick Start\n\n### Prerequisites\n\n- **Kubernetes cluster** (v1.20+) with administrator access\n- **Helm v3.10+** installed ([Helm Installation Guide](https://helm.sh/docs/intro/install/))\n- **kubectl** installed and configured ([Install kubectl](https://kubernetes.io/docs/tasks/tools/))\n- **License Key**: A LoftLabs license key is required (contact [sales@loft.sh](mailto:sales@loft.sh) for a license or trial)\n\n### Resource Requirements\n\n- **Pod Resources**:\n  - Requests: `memory: 256Mi`, `cpu: 200m`\n  - Limits: `memory: 4Gi`, `cpu: 2`\n- **Network Ports**: Ensure the following ports are open:\n  - `8443` – API service extension for cluster communication (`v1.cluster.loft.sh`)\n  - `9443` – Webhook validation and enforcement (`loft webhook`)\n  - `9444` – Management API for platform administration (`v1.management.loft.sh`)\n  - `9090` – Prometheus metrics proxy for cost monitoring\n- **Egress Traffic**: Allow egress to `https://admin.loft.sh/*` (HTTPS, port 443) for license retrieval and validation\n\n### Installation Methods\n\n#### Option 1: Using vCluster CLI (Recommended)\n\nThe vCluster CLI is the preferred method for deploying the platform. See the [Quick Start Guide](https://www.vcluster.com/docs/platform/install/quick-start-guide) for detailed instructions.\n\n```bash\n# Download and install vCluster CLI\n# macOS (Intel/AMD)\ncurl -L -o vcluster \"https://github.com/loft-sh/vcluster/releases/latest/download/vcluster-darwin-amd64\" \u0026\u0026 \\\n  sudo install -c -m 0755 vcluster /usr/local/bin \u0026\u0026 rm -f vcluster\n\n# Verify installation\nvcluster --version\n\n# Deploy the platform\nvcluster platform start\n```\n\nThe CLI automatically opens the UI in your browser and logs you in. You'll be prompted to create an administrator user.\n\n#### Option 2: Using Helm\n\nSee the [Helm Installation Guide](https://www.vcluster.com/docs/platform/install/helm) for detailed instructions.\n\n```bash\n# Add the Loft Helm repository\nhelm repo add loft https://charts.loft.sh\nhelm repo update\n\n# Deploy vCluster Platform\nRELEASE_NAME=vcluster-platform\nRELEASE_NAMESPACE=vcluster-platform\n\nhelm upgrade $RELEASE_NAME vcluster-platform \\\n  --install \\\n  --repo https://charts.loft.sh/ \\\n  --namespace $RELEASE_NAMESPACE \\\n  --create-namespace \\\n  --set admin.username=admin \\\n  --set admin.password=your-secure-password\n```\n\n#### Option 3: Using ArgoCD (GitOps)\n\nFor GitOps deployments, see the [ArgoCD Installation Guide](https://www.vcluster.com/docs/platform/install/gitops) for managing the platform deployment with ArgoCD or other GitOps tools.\n\n### Access the Platform\n\nAfter installation, you can access the platform in several ways:\n\n1. **Loft Router** (Default): If `loftHost` is not configured, a random domain is automatically provisioned. Retrieve it with:\n   ```bash\n   kubectl get secret loft-router-domain \\\n     -n vcluster-platform \\\n     -o jsonpath=\"{.data.domain}\" | base64 --decode\n   ```\n\n2. **Custom Ingress**: If you configured an ingress, access via your custom domain\n\n3. **Port Forward**: For local access:\n   ```bash\n   kubectl port-forward -n vcluster-platform svc/vcluster-platform 8080:80\n   ```\n\n### Default Credentials\n\nIf not set in your values.yaml, the default credentials are:\n- **Username**: `admin`\n- **Password**: `my-password`\n\n\u003e **⚠️ Security Note**: It is strongly recommended to change these default credentials immediately after first login.\n\n\u003ca id=\"architecture\"\u003e\u003c/a\u003e\n## 🏗️ Architecture\n\nvcluster Platform consists of several key components:\n\n- **Platform Controller**: Core orchestration engine managing virtual clusters, accounts, and resources\n- **API Server**: RESTful API server exposing OpenAPI-compliant endpoints\n- **Webhook Server**: Validating and mutating webhooks for resource management\n- **Agent**: Lightweight agent deployed to managed clusters for multi-cluster operations\n\n```\n┌─────────────────────────────────────────────────────────┐\n│                  vcluster Platform                      │\n│                                                          │\n│  ┌──────────────┐  ┌──────────────┐  ┌──────────────┐ │\n│  │   API Server │  │  Controller  │  │   Webhook    │ │\n│  └──────────────┘  └──────────────┘  └──────────────┘ │\n│                                                          │\n│  ┌──────────────────────────────────────────────────┐   │\n│  │         Virtual Cluster Management               │   │\n│  │  • Create/Delete Virtual Clusters                │   │\n│  │  • Sleep/Wake Operations                         │   │\n│  │  • Resource Quotas \u0026 Limits                      │   │\n│  └──────────────────────────────────────────────────┘   │\n│                                                          │\n│  ┌──────────────────────────────────────────────────┐   │\n│  │         Multi-Tenancy \u0026 Isolation                │   │\n│  │  • Account Management                            │   │\n│  │  • Namespace Templates                           │   │\n│  │  • RBAC \u0026 Security Policies                      │   │\n│  └──────────────────────────────────────────────────┘   │\n└─────────────────────────────────────────────────────────┘\n```\n\n\u003ca id=\"installation--configuration\"\u003e\u003c/a\u003e\n## 📦 Installation \u0026 Configuration\n\n### Recommended Configuration\n\nWhen deploying with Helm, it's recommended to explicitly set these values:\n\n```yaml\nadmin:\n  username: my-own-username\n  password: my-secure-password\n\nconfig:\n  audit:\n    enabled: true\n  loftHost: vcluster-platform.mytld.com  # Publicly resolvable hostname\n\ningress:\n  enabled: true\n  host: vcluster-platform.mytld.com\n  tls:\n    enabled: true\n\n# Environment variables for proxy configuration (if needed)\nenv:\n  NO_PROXY: localhost,127.0.0.1,.svc,.svc.cluster.local,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16\n  no_proxy: localhost,127.0.0.1,.svc,.svc.cluster.local,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16\n```\n\n### Loft Router\n\nvCluster Platform provides a hosted domain service called **Loft Router** that enables you to trial the platform using a hosted domain. This is enabled by default and particularly useful when you cannot use your own DNS.\n\nTo disable Loft Router, either:\n- Explicitly set `config.loftHost` and `config.devPodSubDomain`, or\n- Set the environment variable `DISABLE_LOFT_ROUTER=true`\n\n### Air-Gapped Installation\n\nFor environments without internet access, see the [Air-Gapped Installation Guide](https://www.vcluster.com/docs/platform/install/advanced/air-gapped) for detailed instructions on:\n- Setting up a private OCI-compliant registry\n- Populating the registry with container images and Helm charts\n- Configuring vCluster Platform and agents for offline use\n\nSee `chart/values.yaml` for all available configuration options.\n\n\u003ca id=\"api-documentation\"\u003e\u003c/a\u003e\n## 📚 API Documentation\n\nvCluster Platform exposes a comprehensive RESTful API that is fully **OpenAPI 3.0 compliant**. The API documentation is automatically generated and synced to this repository.\n\n### API Specs\n\n- **OpenAPI Specification**: [`api/openapi-spec/openapi.yaml`](api/openapi-spec/openapi.yaml)\n- **Swagger JSON**: [`api/openapi-spec/swagger.json`](api/openapi-spec/swagger.json)\n- **Swagger Paths**: [`api/openapi-spec/swagger.paths.json`](api/openapi-spec/swagger.paths.json)\n\n### API Endpoints\n\nThe API provides endpoints for:\n\n- **Management API** (`/apis/management.loft.sh/v1/`): Core platform management operations\n- **Cluster API** (`/apis/v1.cluster.loft.sh/`): Cluster communication and management\n- **Virtual Cluster API**: Virtual cluster lifecycle management\n- **Project API**: Project and resource management\n- **User \u0026 Access API**: User management and access control\n\n### Using the API\n\n```bash\n# Get API versions\ncurl https://your-vcluster-platform/api/apis/\n\n# List virtual clusters\ncurl -H \"Authorization: Bearer $TOKEN\" \\\n  https://your-vcluster-platform/api/apis/management.loft.sh/v1/virtualclusters\n```\n\nFor complete API reference, see the [API Documentation](https://www.vcluster.com/docs/platform/reference/api) in the official docs.\n\n\u003ca id=\"helm-charts\"\u003e\u003c/a\u003e\n## 📊 Helm Charts\n\nThe Helm charts for vCluster Platform are **automatically synced** to this repository. The chart includes:\n\n- **Deployment**: Main platform controller and API server\n- **Service**: Kubernetes service for accessing the platform\n- **Ingress**: Optional ingress configuration with TLS support\n- **RBAC**: Service accounts, roles, and role bindings\n- **Webhooks**: Validating and mutating webhooks for resource management\n- **Certificates**: TLS certificate management with cert-manager integration\n- **Monitoring**: ServiceMonitor for Prometheus integration\n- **Pod Disruption Budget**: High availability configuration\n- **Persistent Volume Claims**: Optional persistence for platform data\n\n### Chart Structure\n\n```\nchart/\n├── Chart.yaml              # Chart metadata\n├── values.yaml             # Default configuration values\n├── templates/              # Kubernetes manifests\n│   ├── deployment.yaml\n│   ├── service.yaml\n│   ├── ingress.yaml\n│   ├── ingress-wakeup-service.yaml\n│   ├── rbac/\n│   │   └── clusterrolebinding.yaml\n│   ├── webhook.yaml\n│   ├── apiservice.yaml\n│   ├── servicemonitor.yaml\n│   ├── pdb.yaml\n│   ├── pvc.yaml\n│   ├── secret.yaml\n│   ├── serviceaccount.yaml\n│   └── cert-issuer/\n│       └── issuer.yaml\n└── tests/                  # Chart tests\n    ├── deployment_test.yaml\n    ├── pdb_test.yaml\n    └── secret_test.yaml\n```\n\n### Finding Chart Versions\n\nTo retrieve all available versions of the platform Helm chart:\n\n```bash\nhelm search repo loft/vcluster-platform --versions\n```\n\n### Customizing the Installation\n\nYou can customize your installation by creating a custom values file:\n\n```yaml\n# custom-values.yaml\nadmin:\n  username: myadmin\n  password: mypassword\n\nconfig:\n  loftHost: vcluster-platform.example.com\n  audit:\n    enabled: true\n\ningress:\n  enabled: true\n  host: vcluster-platform.example.com\n  tls:\n    enabled: true\n\nresources:\n  limits:\n    memory: 8Gi\n    cpu: \"4\"\n```\n\nThen install with:\n\n```bash\nhelm upgrade vcluster-platform vcluster-platform \\\n  --install \\\n  --repo https://charts.loft.sh/ \\\n  --namespace vcluster-platform \\\n  --create-namespace \\\n  --values custom-values.yaml\n```\n\n\u003e **Note**: vCluster Platform exclusively supports the default secret backend for storing Helm releases. Alternative HELM_DRIVER configurations (such as configmap or sql) are not supported.\n\n\u003ca id=\"configuration\"\u003e\u003c/a\u003e\n## ⚙️ Configuration\n\n### Platform Configuration\n\nPlatform configuration can be managed via the `config` section in `values.yaml` or through the UI under **Admin \u003e Config**. Key configuration options include:\n\n```yaml\nconfig:\n  audit:\n    enabled: true\n  loftHost: vcluster-platform.example.com  # Publicly resolvable hostname\n  # Additional configuration options\n```\n\nFor a detailed list of all available configuration options, see the [Configuration Documentation](https://www.vcluster.com/docs/platform/configure/config).\n\n### Environment Variables\n\nvCluster Platform can be configured via environment variables in the `env` section:\n\n```yaml\nenv:\n  # Proxy configuration (if using proxies)\n  NO_PROXY: localhost,127.0.0.1,.svc,.svc.cluster.local,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16\n  no_proxy: localhost,127.0.0.1,.svc,.svc.cluster.local,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16\n  HTTPS_PROXY: \"https://proxy.example.com:8080\"\n  HTTP_PROXY: \"http://proxy.example.com:8080\"\n  \n  # Disable Loft Router\n  DISABLE_LOFT_ROUTER: \"true\"\n```\n\n### GitOps Deployment\n\nvCluster Platform can be managed via GitOps tools like ArgoCD. Export your Helm configuration and store it in a Git repository for version-controlled deployments.\n\n\u003ca id=\"automatic-synchronization\"\u003e\u003c/a\u003e\n## 🔄 Automatic Synchronization\n\nThis repository automatically syncs:\n\n- **API Documentation**: OpenAPI specifications are automatically generated and updated\n- **Helm Charts**: Chart templates and values are kept in sync with the platform releases\n- **Swagger Specs**: Swagger JSON and path definitions are regenerated on updates\n\nThese components are maintained automatically, ensuring the repository always reflects the latest platform capabilities.\n\n\u003ca id=\"testing\"\u003e\u003c/a\u003e\n## 🧪 Testing\n\nThe Helm chart includes test templates that can be executed:\n\n```bash\n# Run chart tests\nhelm test vcluster-platform -n vcluster-platform\n```\n\n\u003ca id=\"contributing\"\u003e\u003c/a\u003e\n## 🤝 Contributing\n\nContributions are welcome! Please see our contributing guidelines for details on:\n\n- Code of conduct\n- Development setup\n- Pull request process\n- Issue reporting\n\n\u003ca id=\"license\"\u003e\u003c/a\u003e\n## 📄 License\n\nSee [LICENSE](LICENSE) file for details.\n\n\u003ca id=\"resources\"\u003e\u003c/a\u003e\n## 🔗 Resources\n\n- **Official Documentation**: [vCluster Platform Docs](https://www.vcluster.com/docs/platform/)\n- **Installation Guides**:\n  - [Quick Start Guide (CLI)](https://www.vcluster.com/docs/platform/install/quick-start-guide)\n  - [Using Helm](https://www.vcluster.com/docs/platform/install/helm)\n  - [Using ArgoCD (GitOps)](https://www.vcluster.com/docs/platform/install/gitops)\n  - [Air-Gapped Installation](https://www.vcluster.com/docs/platform/install/advanced/air-gapped)\n- **API Reference**: See `api/openapi-spec/` directory or [Use API Documentation](https://www.vcluster.com/docs/platform/api/use-api)\n- **Helm Chart**: See `chart/` directory or [GitHub Repository](https://github.com/loft-sh/loft)\n- **Configuration Reference**: [Configuration Options](https://www.vcluster.com/docs/platform/configure/config)\n\n\u003ca id=\"support\"\u003e\u003c/a\u003e\n## 🆘 Support\n\nFor questions, issues, or feature requests:\n\n- **Documentation**: Check the [official documentation](https://www.vcluster.com/docs/platform/)\n- **Troubleshooting**: See the [TSNet Connectivity Troubleshooting Guide](https://www.vcluster.com/docs/platform/troubleshoot/tsnet-connectivity)\n- **API Reference**: Review the API specifications in `api/openapi-spec/`\n- **License \u0026 Sales**: Contact [sales@loft.sh](mailto:sales@loft.sh) for licensing questions\n\n\u003ca id=\"next-steps\"\u003e\u003c/a\u003e\n## 🎯 Next Steps\n\nAfter installing vCluster Platform:\n\n1. **Create Virtual Clusters**: Start creating virtual clusters immediately - you're automatically part of a project called \"Default Project\"\n2. **Learn About Projects**: Understand how resources can be grouped together into different projects\n3. **Explore Templates**: Learn how to use templates to control what type of resources can be created\n4. **Add Host Clusters**: Connect additional host clusters to the platform\n5. **Configure Sleep Mode**: Set up sleep and wakeup functionality to reduce costs\n\nFor detailed guides, see the [official documentation](https://www.vcluster.com/docs/platform/).\n\n---\n\n**Note**: This repository contains automatically synced API documentation and Helm charts. The platform codebase is maintained separately. All API specs, Swagger definitions, and Helm chart templates are kept up-to-date automatically to reflect the latest platform capabilities.\n","funding_links":[],"categories":["Go","kubernetes","Kubernetes"],"sub_categories":["Kubernetes // Development environments"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Floft-sh%2Floft","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Floft-sh%2Floft","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Floft-sh%2Floft/lists"}