1. Docs
  2. Reference
  3. Platform API
  4. Cluster app charts
  5. cluster-vsphere

Last modified March 3, 2026

cluster-vsphere chart reference

The cluster-vsphere chart templates all the VMware infrastructure resources that are necessary to create a Cluster API vSphere cluster.

Chart configuration reference

Cluster

.cluster.kubernetesVersion

Type: string

Kubernetes version:

Connectivity

.connectivity.network

Type: object

Network:

.connectivity.network.allowAllEgress

Type: boolean

Allow all egress:

Default: false

.connectivity.network.containerRegistries

Type: object

Container registries:

Endpoints and credentials configuration for container registries.

Default: {}

.connectivity.network.containerRegistries.*

Type: array

.connectivity.network.containerRegistries.*[*]

Type: object

.connectivity.network.containerRegistries.*[*].credentials

Type: object

Credentials:

Credentials for the endpoint.

.connectivity.network.containerRegistries.*[*].credentials.auth

Type: string

Auth:

Base64-encoded string from the concatenation of the username, a colon, and the password.

.connectivity.network.containerRegistries.*[*].credentials.identitytoken

Type: string

Identity token:

Used to authenticate the user and obtain an access token for the registry.

.connectivity.network.containerRegistries.*[*].credentials.password

Type: string

Password:

Used to authenticate for the registry with username/password.

.connectivity.network.containerRegistries.*[*].credentials.username

Type: string

Username:

Used to authenticate for the registry with username/password.

.connectivity.network.containerRegistries.*[*].endpoint

Type: string

Endpoint:

Endpoint for the container registry.

.connectivity.network.controlPlaneEndpoint

Type: object

Endpoint:

Kubernetes API configuration.

.connectivity.network.controlPlaneEndpoint.host

Type: string

Host:

IP for access to the Kubernetes API.

.connectivity.network.controlPlaneEndpoint.ipPoolName

Type: string

Ip Pool Name:

Ip for control plane will be drawn from this GlobalInClusterIPPool resource.

Value pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$

Default: "wc-cp-ips"

.connectivity.network.controlPlaneEndpoint.port

Type: integer

Port number:

Port for access to the Kubernetes API.

.connectivity.network.loadBalancers

Type: object

Load balancers:

.connectivity.network.pods

Type: object

Pods:

.connectivity.network.pods.cidrBlocks

Type: array

.connectivity.network.pods.cidrBlocks[*]

Type: string

IPv4 address range, in CIDR notation.

Example: "10.244.0.0/16"

Value pattern: ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/([0-9]|[1,2][0-9]|[3][0-2]))?$

.connectivity.network.services

Type: object

Services:

.connectivity.network.services.cidrBlocks

Type: array

.connectivity.network.services.cidrBlocks[*]

Type: string

IPv4 address range, in CIDR notation.

Example: "10.244.0.0/16"

Value pattern: ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/([0-9]|[1,2][0-9]|[3][0-2]))?$

Control plane

.controlPlane.etcd

Type: object

Etcd:

.controlPlane.etcd.imageRepository

Type: string

Image repository:

.controlPlane.etcd.imageTag

Type: string

Image tag:

.controlPlane.replicas

Type: integer

Number of nodes:

Kubeadm

.kubeadm.users

Type: array

Users:

.kubeadm.users[*]

Type: object

.kubeadm.users[*].authorizedKeys

Type: array

Authorized keys:

.kubeadm.users[*].authorizedKeys[*]

Type: string

Key:

.kubeadm.users[*].name

Type: string

Name:

Kubectl image

Used by cluster-shared library chart to configure coredns in-cluster.

.kubectlImage.name

Type: string

.kubectlImage.registry

Type: string

.kubectlImage.tag

Type: string

Kubernetes API server

.apiServer.certSANs

Type: array

Subject alternative names (SAN):

Alternative names to encode in the API server’s certificate.

Default: []

.apiServer.certSANs[*]

Type: string

SAN:

.apiServer.enableAdmissionPlugins

Type: string

Admission plugins:

Comma-separated list of admission plugins to enable.

Default: "NamespaceLifecycle,LimitRanger,ServiceAccount,ResourceQuota,PersistentVolumeClaimResize,DefaultStorageClass,Priority,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook"

.apiServer.featureGates

Type: string

Feature gates:

Enabled feature gates, as a comma-separated list.

Default: ""

Kubernetes Controller Manager

.controllerManager.featureGates

Type: string

Feature gates:

Enabled feature gates, as a comma-separated list.

Default: ""

Node template

Provisioning options for node templates.

.template.cloneMode

Type: string

Clone mode:

Method used to clone template image.

.template.diskGiB

Type: integer

Disk size (GB):

Node disk size in GB. Must be at least as large as the source image.

.template.folder

Type: string

Folder:

VSphere folder to deploy instances in. Must already exist.

.template.memoryMiB

Type: integer

Memory (MB):

Node memory allocation in MB.

.template.networkName

Type: string

Segment name:

Segment name to attach nodes to. Must already exist.

.template.numCPUs

Type: integer

CPU cores:

Number of CPUs to assign per node.

.template.resourcePool

Type: string

Resource pool:

Resource pool to allocate nodes from. Must already exist.

.template.storagePolicyName

Type: string

Storage policy:

Storage policy to use. If specified, it must already exist.

.template.templateName

Type: string

Name:

Image template name to use for nodes.

VCenter

Configuration for vSphere API access.

.vcenter.datacenter

Type: string

Datacenter:

Name of the datacenter to deploy nodes into.

.vcenter.datastore

Type: string

Datastore:

Name of the datastore for node disk storage.

.vcenter.password

Type: string

Password:

Password for the VSphere API.

.vcenter.region

Type: string

Region:

Category name in VSphere for topology.kubernetes.io/region labels.

.vcenter.server

Type: string

Server:

URL of the VSphere API.

.vcenter.thumbprint

Type: string

Thumbprint:

TLS certificate signature of the VSphere API.

.vcenter.username

Type: string

Username:

Username for the VSphere API.

.vcenter.zone

Type: string

Zone:

Category name in VSphere for topology.kubernetes.io/zone labels.

Worker

.worker.replicas

Type: integer

Number of nodes:

internal

.internal.sandboxContainerImage

Type: object

Sandbox Container image:

.internal.sandboxContainerImage.name

Type: string

Repository:

Default: "tkg/pause"

.internal.sandboxContainerImage.registry

Type: string

Registry:

Default: "projects.registry.vmware.com/"

.internal.sandboxContainerImage.tag

Type: string

Tag:

Default: "3.7"

.internal.teleport

Type: object

Teleport:

.internal.teleport.enabled

Type: boolean

Enable teleport:

Default: true

.internal.teleport.proxyAddr

Type: string

Teleport proxy address:

Default: "teleport.giantswarm.io:443"

.internal.teleport.version

Type: string

Teleport version:

Default: "14.1.3"

Other

.organization

Type: string

Organization:

Further reading