search

loft-sh / vcluster

vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
https://www.vcluster.com
Apache License 2.0
6.92k stars 427 forks source link

Selector not available in the GenericSyncer's Import #1896

Open ajithcnambiar opened 4 months ago

ajithcnambiar commented 4 months ago

What happened?

The selector won't work for the generic synced's import.

What did you expect to happen?

As per the docs, the selector is supposed to be accepted. https://www.vcluster.com/docs/vcluster/configure/vcluster-yaml/experimental/generic-sync#:~:text=limit%20which%20resources%20to%20sync%20from%20the%20host%20cluster

How can we reproduce it (as minimally and precisely as possible)?

try vcluster create command with the below config:

experimental:
  multiNamespaceMode:
    enabled: true

  genericSync:
    import:
      - kind: ServiceAccount
        apiVersion: v1
        selector:
          labelSelector:
            app: "curler"

vcluster create my-vcluster --values vcluster-config/vvv.yaml  --chart-version 0.20.0-beta.9
23:36:16 info Creating namespace vcluster-my-vcluster
23:36:17 fatal invalid config: error unmarshaling JSON: while decoding JSON: json: unknown field "selector"

Anything else we need to know?

As compared to exporter's selector implementation, importer misses these:

1/ selector field doesn't exist in importer https://github.com/loft-sh/vcluster/blob/main/config/config.go#L1803

2/ exclude based on the selector exporter checks selector https://github.com/loft-sh/vcluster/blob/main/pkg/controllers/generic/export_syncer.go#L136-L140 where importer doesn't https://github.com/loft-sh/vcluster/blob/main/pkg/controllers/generic/import_syncer.go#L182

If this is a miss, happy to contribute, if you prefer :)

Host cluster Kubernetes version

```console $ kubectl version Client Version: v1.30.2 Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3 Server Version: v1.29.0 ```

vcluster version

```console $ vcluster --version vcluster version 0.20.0-beta.9 ```

VCluster Config

``` experimental: multiNamespaceMode: enabled: true genericSync: import: - kind: ServiceAccount apiVersion: v1 selector: labelSelector: app: "curler" ```
gokulmaxi commented 2 months ago

Do we have any fix for this. I am facing the same issue.

emoreth commented 1 month ago

I had the same issue, but after looking at the code it seems like even though docs say CRDs and resources, those options are only for CRDs. Trying to sync ServiceAccounts or Secrets (in my case) don't work.