Delete resource on host deletes resource inside vcluster #2958
Description
What happened?
With Vcluster 0.25.0 if I create a vcluster and delete kube-dns service on host, syncer deletes the same service inside vclsuter as well
What did you expect to happen?
Syncer should sync back the deleted resource to hostcluster
How can we reproduce it (as minimally and precisely as possible)?
create a vcluster with following values:
controlPlane:
backingStore:
etcd:
deploy:
enabled: true
statefulSet:
highAvailability:
replicas: 3
image:
registry: private-registry
repository: k8s/etcd
tag: 3.5.21-0
persistence:
volumeClaim:
storageClass: gp3-delete-encrypted
coredns:
deployment:
image: private-registry/dockerhub/coredns/coredns:1.12.0
replicas: 3
topologySpreadConstraints:
- labelSelector:
matchLabels:
k8s-app: kube-dns
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
- labelSelector:
matchLabels:
k8s-app: kube-dns
maxSkew: 1
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: DoNotSchedule
distro:
k8s:
enabled: true
image:
registry: private-registry/ghcr
version: v1.33.0
statefulSet:
highAvailability:
replicas: 3
image:
registry: private-registry
repository: ghcr/loft-sh/vcluster-oss
tag: 0.25.0
scheduling:
podManagementPolicy: OrderedReady
experimental: {}
integrations:
metricsServer:
enabled: true
networking:
replicateServices:
fromHost:
- from: istio-system/loki-stack
to: istio-system/loki-stack
sync:
fromHost:
ingressClasses:
enabled: true
nodes:
enabled: true
toHost:
ingresses:
enabled: true
networkPolicies:
enabled: true
persistentVolumes:
enabled: true
podDisruptionBudgets:
enabled: true
pods:
rewriteHosts:
initContainer:
image: private-registry/dockerhub/library/alpine:3.21
storageClasses:
enabled: true
Anything else we need to know?
No response
Host cluster Kubernetes version
$ kubectl version
kubectl version
Client Version: v1.31.1
Kustomize Version: v5.4.2
Server Version: v1.30.4vcluster version
$ vcluster --version
vcluster --version
vcluster version 0.25.0VCluster Config
controlPlane:
backingStore:
etcd:
deploy:
enabled: true
statefulSet:
highAvailability:
replicas: 3
image:
registry: private-registry
repository: k8s/etcd
tag: 3.5.21-0
persistence:
volumeClaim:
storageClass: gp3-delete-encrypted
coredns:
deployment:
image: private-registry/dockerhub/coredns/coredns:1.12.0
replicas: 3
topologySpreadConstraints:
- labelSelector:
matchLabels:
k8s-app: kube-dns
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
- labelSelector:
matchLabels:
k8s-app: kube-dns
maxSkew: 1
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: DoNotSchedule
distro:
k8s:
enabled: true
image:
registry: private-registry/ghcr
version: v1.33.0
statefulSet:
highAvailability:
replicas: 3
image:
registry: private-registry
repository: ghcr/loft-sh/vcluster-oss
tag: 0.25.0
scheduling:
podManagementPolicy: OrderedReady
experimental: {}
integrations:
metricsServer:
enabled: true
networking:
replicateServices:
fromHost:
- from: istio-system/loki-stack
to: istio-system/loki-stack
sync:
fromHost:
ingressClasses:
enabled: true
nodes:
enabled: true
toHost:
ingresses:
enabled: true
networkPolicies:
enabled: true
persistentVolumes:
enabled: true
podDisruptionBudgets:
enabled: true
pods:
rewriteHosts:
initContainer:
image: private-registry/dockerhub/library/alpine:3.21
storageClasses:
enabled: true