Skip to content

Headless Service Endpoint and EndpointSlice not syncing from virtual to host #2719

New issue
New issue
Open
#2846
Open
Headless Service Endpoint and EndpointSlice not syncing from virtual to host#2719
#2846
Labels
internalkind/bug
@markphillips100

Description

@markphillips100
markphillips100
opened on Apr 27, 2025

What happened?

I'm attempting route a Service to an external IP address so I created the Service headless with ClusterIP: None and also created an Endpoint resource for the external IPv4 address and port (matching the port in Service). The names of Service and Endpoint match exactly.

When deployed to the vcluster the EndpointSlice is created for the Endpoint, as expected. The problem is both the Endpoint and EndpointSlice are not synced to the host cluster, unlike other Service resources using selectors for pods which are synced. The headless Service is synced though.

What did you expect to happen?

I expected the Endpoint and EndpointSlice resources to sync to the host cluster so the corresponding service's ingress will route though to the external IP.

How can we reproduce it (as minimally and precisely as possible)?

  1. Create a vCluster using v0.24.0 helm chart, and connect to this new cluster.
  2. Deploy a Service resource to the vcluster, specify clusterIP: None and don't provide a selector.
  3. Deploy an Endpoint resource to the vcluster, name it the same as the Service, and give an arbitrary IP address but use the same port as the targetPort in the Service.
  4. Use kubectl to confirm an EndpointSlice was created automagically.
  5. Connect to the host cluster and confirm the Service is synced but the Endpoint and EndpointSlice are not.

Anything else we need to know?

No response

Host cluster Kubernetes version

Client Version: v1.29.1
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.28.0

vcluster version

vcluster version 0.24.1

VCluster Config

USER-SUPPLIED VALUES:
controlPlane:
  proxy:
    extraSANs:
    - tb-idp-dmp1.dmp1.svc
exportKubeConfig:
  secret:
    name: tb-idp-dmp1-kubeconfig-secret
    namespace: dmp1
  server: https://tb-idp-dmp1.dmp1.svc
integrations:
  metricsServer:
    enabled: true
    nodes: true
    pods: true
networking:
  replicateServices:
    fromHost:
    - from: observability/opentelemetry-collector
      to: observability/opentelemetry-collector
    - from: redis/redis
      to: redis/redis
plugin:
  cert-manager-plugin:
    image: ghcr.io/loft-sh/vcluster-plugins/cert-manager-plugin:0.3.0
    imagePullPolicy: IfNotPresent
    rbac:
      clusterRole:
        extraRules:
        - apiGroups:
          - apiextensions.k8s.io
          resources:
          - customresourcedefinitions
          verbs:
          - get
          - list
          - watch
      role:
        extraRules:
        - apiGroups:
          - cert-manager.io
          resources:
          - issuers
          - certificates
          verbs:
          - create
          - delete
          - patch
          - update
          - get
          - list
          - watch
sync:
  toHost:
    endpoints:
      enabled: true
    ingresses:
      enabled: true
    persistentVolumes:
      enabled: true
    serviceAccounts:
      enabled: true
    services:
      enabled: true
    storageClasses:
      enabled: true

Metadata

Metadata

Assignees

No one assigned

    Labels

    internalkind/bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions