Skip to content

Headless Service Endpoint and EndpointSlice not syncing from virtual to host #2719

New issue
New issue
Open
#2846
Open
Headless Service Endpoint and EndpointSlice not syncing from virtual to host#2719
#2846
Assignees
ulyssessouza
Labels
internalkind/bug
@markphillips100

Description

@markphillips100
markphillips100
opened on Apr 27, 2025

What happened?

I'm attempting route a Service to an external IP address so I created the Service headless with ClusterIP: None and also created an Endpoint resource for the external IPv4 address and port (matching the port in Service). The names of Service and Endpoint match exactly.

When deployed to the vcluster the EndpointSlice is created for the Endpoint, as expected. The problem is both the Endpoint and EndpointSlice are not synced to the host cluster, unlike other Service resources using selectors for pods which are synced. The headless Service is synced though.

What did you expect to happen?

I expected the Endpoint and EndpointSlice resources to sync to the host cluster so the corresponding service's ingress will route though to the external IP.

How can we reproduce it (as minimally and precisely as possible)?

  1. Create a vCluster using v0.24.0 helm chart, and connect to this new cluster.
  2. Deploy a Service resource to the vcluster, specify clusterIP: None and don't provide a selector.
  3. Deploy an Endpoint resource to the vcluster, name it the same as the Service, and give an arbitrary IP address but use the same port as the targetPort in the Service.
  4. Use kubectl to confirm an EndpointSlice was created automagically.
  5. Connect to the host cluster and confirm the Service is synced but the Endpoint and EndpointSlice are not.

Anything else we need to know?

No response

Host cluster Kubernetes version

Client Version: v1.29.1
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.28.0

vcluster version

vcluster version 0.24.1

VCluster Config

USER-SUPPLIED VALUES:
controlPlane:
  proxy:
    extraSANs:
    - tb-idp-dmp1.dmp1.svc
exportKubeConfig:
  secret:
    name: tb-idp-dmp1-kubeconfig-secret
    namespace: dmp1
  server: https://tb-idp-dmp1.dmp1.svc
integrations:
  metricsServer:
    enabled: true
    nodes: true
    pods: true
networking:
  replicateServices:
    fromHost:
    - from: observability/opentelemetry-collector
      to: observability/opentelemetry-collector
    - from: redis/redis
      to: redis/redis
plugin:
  cert-manager-plugin:
    image: ghcr.io/loft-sh/vcluster-plugins/cert-manager-plugin:0.3.0
    imagePullPolicy: IfNotPresent
    rbac:
      clusterRole:
        extraRules:
        - apiGroups:
          - apiextensions.k8s.io
          resources:
          - customresourcedefinitions
          verbs:
          - get
          - list
          - watch
      role:
        extraRules:
        - apiGroups:
          - cert-manager.io
          resources:
          - issuers
          - certificates
          verbs:
          - create
          - delete
          - patch
          - update
          - get
          - list
          - watch
sync:
  toHost:
    endpoints:
      enabled: true
    ingresses:
      enabled: true
    persistentVolumes:
      enabled: true
    serviceAccounts:
      enabled: true
    services:
      enabled: true
    storageClasses:
      enabled: true

Metadata

Metadata

Assignees

Labels

internalkind/bug

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions