You can deploy VeilNet Conflux in any Kubernetes cluster with horizontal scalability, serving as either a debugging interface or a connection to external applications and services. To do so, you will first need a registration token, which can be acquired for free at https://auth.veilnet.app.
filename.js
# Deployment configuration for veilnet-conflux
# This defines the pod template and replica management
apiVersion: apps/v1
kind: Deployment
metadata:
name: veilnet-conflux
labels:
app: veilnet-conflux
spec:
# Initial replica count - will be managed by HPA below
replicas: 1
selector:
matchLabels:
app: veilnet-conflux
template:
metadata:
labels:
app: veilnet-conflux
spec:
containers:
- name: veilnet-conflux
# Container image to use
image: veilnet/conflux:beta
# Always pull the latest image on pod creation
imagePullPolicy: Always
securityContext:
# Privileged mode required for conflux to create TUN interface
privileged: true
# Resource requests and limits for the container
resources:
# Minimum resources guaranteed to the container
requests:
memory: "512Mi"
cpu: "250m"
# Maximum resources the container can use
limits:
memory: "512Mi"
cpu: "500m"
# Environment variables loaded from the secret below
envFrom:
- secretRef:
name: veilnet-conflux-secret
---
# HorizontalPodAutoscaler (HPA) configuration
# Automatically scales the deployment based on resource utilization
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: veilnet-conflux-hpa
spec:
# Reference to the deployment that will be scaled
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: veilnet-conflux
# Minimum number of pod replicas (always keep at least 1)
minReplicas: 1
# Maximum number of pod replicas (scale up to 10 pods max)
maxReplicas: 10
# Metrics to monitor for scaling decisions
metrics:
# CPU-based scaling: scale when average CPU usage exceeds 70%
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
# Memory-based scaling: scale when average memory usage exceeds 80%
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
# Scaling behavior policies
behavior:
# Scale down behavior (conservative to avoid thrashing)
scaleDown:
# Wait 5 minutes before scaling down to ensure load decrease is stable
stabilizationWindowSeconds: 300
policies:
# Reduce replicas by up to 50% every 60 seconds
- type: Percent
value: 50
periodSeconds: 60
# Scale up behavior (aggressive to handle traffic spikes quickly)
scaleUp:
# No stabilization window - scale up immediately when needed
stabilizationWindowSeconds: 0
policies:
# Option 1: Increase replicas by up to 100% every 15 seconds
- type: Percent
value: 100
periodSeconds: 15
# Option 2: Add up to 2 pods every 15 seconds
- type: Pods
value: 2
periodSeconds: 15
# Use the maximum of both policies (whichever allows more scaling)
selectPolicy: Max
---
# Secret containing sensitive configuration for veilnet-conflux
# These values are injected as environment variables into the pods
apiVersion: v1
kind: Secret
metadata:
name: veilnet-conflux-secret
type: Opaque
stringData:
# JWT token for veilnet registration and authentication
VEILNET_REGISTRATION_TOKEN:<your_registration_token>
# Enable portal mode for veilnet
VEILNET_PORTAL: "true"
The above template is a good start; it includes the deployment definition with resource limitations, a horizontal controller that will automatically scale up VeilNet Conflux under heavy load, and passing environment variables as a secret.
After deploying VeilNet Conflux inside the Kubernetes cluster, any other device connected to the same VeilNet Plane will have direct access to the pod subnet (subject to access control).