Multi-Tenancy For Managed Software Products

Hosting separate instances of your software in the same Kubernetes cluster is challenging

Fix Weak Tenant Isolation With Virtual Clusters

Most service providers choose namespaces to isolate their tenants since separate clusters would be too expensive but namespaces provide a very weak level of isolation.

Reduce Risk When Upgrading Software

Whether upgrading single tenants or even patching the underlying cluster, any of these changes are hard to manage in a multi-tenant Kubernetes cluster. Separate control planes with Loft can fix this.

Resolve Conflicing
Tenant Requirements

If one tenants needs a certain version of a cluster-wide component or a Kubernetes CRD than another one, you will quickly be hitting the limits of namespace-based Kubernetes multi-tenancy.

Virtual Kubernetes Clusters
For Better Tenant Isolation With Great Unit Economics

Better Isolated Than Namespaces

  • Virtual clusters have a separate control plane (API server, data store, controller manager)

  • CRDs and all higher level resources (e.g. Deployments) live only inside the virtual control plane and don't ever reach the underlying cluster.

  • Only the pods of the virtual clusters will be scheduled on the underlying host cluster.

Much Cheaper Than "Real" Clusters

  • Virtual clusters run inside the namespaces of another Kubernetes cluster.

  • Virtual clusters run with k3s which makes them incredibly lightweight and easy to spin or dispose.

  • Virtual clusters do not need dedicated node pools because their pods run inside the underlying host cluster.

Powered By Our Open-Source Project vcluster

vcluster

vcluster allows you to spin up lightweight, virtual Kubernetes clusters inside the namespaces of a regular Kubernetes cluster.