Cluster Configurations
What configurations are available on a cluster level and how to change them
Every Orka cluster is provisioned with some defaults that can be further changed upon request. This page describes the cluster level features and their default values.
VM Scheduling
Introduced with Orka 2.0, VM scheduling allows you to control the algorithm used when scheduling VMs between the nodes. If no changes are applied, the default scheduling algorithm is used where VMs are scheduled in such a way that keeps balance between free and used resources on each node. It can be changed to the value of most-allocated where VMs are scheduled in a way that tries to exhaust resources on one node before starting scheduling on another.
VM scheduling algorithm can be controlled also on creating a VM configuration and on VM deployment.
Read more about VM scheduling in the MacStadium blog.
Read more about changing the VM scheduling algorithm in a VM configuration via CLI or via API.
Read more about changing the VM scheduling algorithm during VM deployment via CLI or via API.
GPU Passthrough
Introduced with Orka 1.5.0 for MacPro hosts and with Orka 1.7.0 for Mac Mini hosts, GPU Passthrough allows you to use the GPU available on a node from within a VM deployed on that node. It is disabled by default and can be enabled in the cluster either at the time of cluster provisioning or during an API update.
Read more about GPU Passthrough, how to enable it and how to use it.
VM Internet Isolation
Introduced with Orka 1.5.3, VM Internet isolation allows to control the access to the Internet from within the VMs. It is disabled by default. When enabled, the access to the Internet is not available from within a VM.
The feature can be enabled during cluster provisioning or Orka upgrade.
See how to request an Orka upgrade.
VM Network Isolation
Introduced with Orka 1.5.1, VM network isolation allows to control the access from one VM to another and the access from a VM to the Orka API. It is disabled by default. When enabled, the access from one VM to another is disabled and the access to the Orka API is not available from within a VM.
The feature can be enabled during cluster provisioning or Orka upgrade.
See how to request an Orka upgrade.
Sandbox Namespace: Read-Only Access to the Containers File System
Introduced with Orka 1.5.2, the features allows to control the access to the containers root file system from resources deployed in the sandbox namespace. It is disabled by default which means there is a read/write access to the containers root file system. When enabled, the containers root file system is read-only for sandboxed resources.
[Check Kubernetes Pod Security Policies and readOnlyRootFilesystem field for more information] (https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems).
The feature can be enabled during cluster provisioning or Orka upgrade.
See how to request an Orka upgrade.
(Intel-only) Nested virtualization (Beta)
This is a Beta feature.
Starting with Orka 1.1.0, Orka VMs support nested virtualization on Intel-based nodes. For example: running Docker containers on the VM.
This feature is not available on Apple Silicon-based nodes.
This feature is available upon request.
Updated about 1 year ago