Kubernetes multi-tenancy has always been a tradeoff. Teams weigh efficiency against isolation, developer autonomy against security. But what if you could span the entire spectrum—from lightweight namespaces to hardened, single-tenant clusters—using a single tool?

That’s the vision Lukas Gentele, Founder and CEO of vCluster Labs (formerly Loft Labs), shared in our latest conversation. The company has not only rebranded around its flagship product, vCluster, but also launched two features that redefine what’s possible in Kubernetes: Private Nodes and Auto Nodes.

Private Nodes: Single-Tenant Clusters in Kubernetes

Traditionally, vCluster was seen as a “cluster-in-a-cluster” model, leveraging underlying host nodes. Private Nodes shift that paradigm. “You can take a VM or bare metal machine and join it directly into the vCluster,” Gentele explained. “That node is completely private—no host cluster, no other tenant can touch it.”

This approach enables true single-tenant Kubernetes clusters with dedicated CNI, CSI, and strict workload isolation. For industries dealing with sensitive data or GPU-heavy AI training, Private Nodes provide the control and security that namespaces or shared-node setups can’t.

Auto Nodes: Extending Karpenter Everywhere

The second announcement tackles node provisioning at scale. Auto Nodes integrates Karpenter directly into vCluster, but unlike its public cloud–centric origins, it works across environments. “We’re bringing Karpenter to any environment, including private cloud and bare metal,” Gentele said.

The flexibility is striking. Terraform providers, OpenTofu, KubeVirt, and NVIDIA’s Base Command Manager are all supported. That means Auto Nodes can automatically scale clusters using EC2 instances, DGX GPUs, or slices of bare metal, even blending them into hybrid topologies. As Gentele put it, “We want the most optimized Kubernetes cluster possible in any environment—even across different environments.”

Covering the Entire Tenancy Spectrum

Taken together, Private Nodes and Auto Nodes extend vCluster’s reach across the full tenancy spectrum. Developers can spin up ephemeral namespaces for CI pipelines, platform teams can isolate workloads on shared nodes with VNode, and enterprises can secure mission-critical AI workloads in fully isolated clusters.

Gentele’s long-term vision is clear: “vCluster is the foundation. We want to cover the entire spectrum of tenancy, from soft multi-tenancy as close as a namespace to the most resilient single-tenant clusters imaginable.”
For organizations balancing efficiency with security in Kubernetes, vCluster Labs is turning that spectrum into something much more usable—and much more powerful.