Cluster Components
Reference for the components within the CKS Managed Control Plane and Managed Data Plane
Learn more about CKS cluster architecture.
Managed Control Plane
To ensure security and stability, CoreWeave provides a Managed Control Plane for CKS clusters.
Supported Kubernetes versions
CKS can create clusters with Kubernetes versions:
v1.29v1.30, andv1.31.
The default version for a new cluster is v1.31.
Managed Data Plane components
Newer cluster deployments feature this cw- prefix before the namespaces of CoreWeave-managed applications. Existing clusters may not have this prefix before these namespaces.
The CKS Managed Data Plane comes with several preinstalled components, which allow customers to start running workloads immediately after deploying their CKS cluster. These components are configurable to allow for the desired state of a CKS cluster.
Component image and API versions can change often. We update this page frequently, but the versions deployed to your cluster may be ahead of what's notated here.
Networking
| Component | Namespace (Current) | Namespace (New) | Version | Description |
|---|---|---|---|---|
calico | calico-system | cw-calico-system | 3.28.1 | Container Network Interface (CNI) that provides networking capabilities, including L3 advertisements of LoadBalancer Services. |
coredns | kube-system | kube-system | 1.11.1 | A flexible DNS server. CoreDNS consists of multiple plugins that manage in-cluster DNS and resolve service records inside clusters. |
konnectivity-agent | kube-system | kube-system | 0.30.3 | Isolates CKS control plane traffic from the cluster network and creates a TCP level proxy to konnectivity-server, which sits alongside the control plane to tunnel traffic from the control plane to in-cluster endpoints. |
metallb | metallb-system | cw-metallb-system | 0.13.4 | Handles IP Address Management (IPAM) for LoadBalancer services; is not used for advertisements. See How to: Expose a Service |
multus-cni | multus-cni | cw-multus-cni | 1.0.0-cw | A secondary CNI used to conditionally attach secondary network interfaces to Pods. |
node-local-dns | kube-system | kube-system | 1.22.28 | Improves cluster DNS performance and speeds up traffic between CoreDNS instances. The node-local-dns Pods run CoreDNS in local caching mode as a DaemonSet over TCP, avoiding dropped packets and reducing tail latency. |
Cluster management
| Component | Namespace (Current) | Namespace (New) | Version | Description |
|---|---|---|---|---|
hpc-verification | hpc-verification | hpc-verification | 1.8.0 | A series of verification tests that validate the CoreWeave server fleet is running in an optimal state. See Note 1 below. |
jspolicy | jspolicy-policies-<Org ID>-<cluster ID>`, `tenant-<Org ID>-<cluster ID> | Not present | jspolicy-policies-<Org ID>-<cluster ID>, tenant-<Org ID>-<cluster ID> | An admission controller that validates and mutates resources to ensure proper scheduling. See Note 2 below. |
node-problem-detector | node-problem-detector | cw-node-problem-detector | 1.5.0 | Framework for running health checks for each Node run as a DaemonSet. It allows CoreWeave to quickly identify Nodes that are misbehaving and mark them as Unschedulable. |
nfd | node-feature-discovery | cw-nfd | 0.9.0 | Node Feature Discovery. Detects hardware features and labels Nodes accordingly for use in scheduling decisions. |
-
When a customer workload is scheduled on a Node,
hpc-verificationterminates and stops using GPU resources. These critical health checks run only on Nodes without active customer workloads. -
The JSPolicy workload runs in the managed control plane, while customers can see the policies in their clusters. Newer clusters do not include JSPolicy.
Observability and security
| Component | Namespace (Current) | Namespace (New) | Version | Description |
|---|---|---|---|---|
victoria-metrics | victoria-metrics | cw-victoria-metrics | 0.45.0 | Collects metrics from inside the cluster and relays them to a logging solution. |
victoria-metrics-operator | victoria-metrics | cw-victoria-metrics | 0.45.0 | Kubernetes operator for Victoria Metrics. |
metrics-server | kube-system | kube-system | 0.6.2 | An extension of the Kubernetes API that enables the collection of container resource metrics for autoscaling pipelines; required for kubectl top metrics. |
eventrouter | eventrouter | cw-eventrouter | v0.3 | Converts Kubernetes Events into forwardable log messages for long-term logging of cluster workloads. |
node-pci-exporter | node-pci-exporter | cw-node-pci-exporter | 1.5.0 | Extends the node-exporter running as part of the Prometheus stack, exposing additional metrics about deployed GPUs. |
promtail | promtail | cw-promtail | main-880de93-amd64 | Forwards logs for centralized viewing. |
crowdstrike | crowdstrike | cw-crowdstrike | 7.19.0-17219-1.falcon-linux.Release.US-2 | CrowdStrike Falcon cybersecurity tooling. |
Storage
| Component | Namespace (Current) | Namespace (New) | Version | Description |
|---|---|---|---|---|
vast-csi | vast-csi | vast-csi | 2.3.1 | Container Storage Interface for Vast Storage. |
Object Storage
The lota component is not a standard application, but is installed in clusters using AI Object Storage.
| Component | Namespace (Current) | Namespace (New) | Version | Description |
|---|---|---|---|---|
lota | object-storage | cw-object-storage | v1.25.1 | CoreWeave's Local Object Transfer Accelerator (LOTA) for AI Object Storage. Learn more. |
Hardware
| Component | Namespace (Current) | Namespace (New) | Version | Description |
|---|---|---|---|---|
k8s-device-plugin | nvidia-device-plugin | nvidia-device-plugin | 0.12.3 | NVIDIA's official device plugin for GPU-enabled containers in Kubernetes. |
CKS does not require NVIDIA's GPU Operator. To avoid conflicts, customers should not attempt to install it.