search

loft-sh / vcluster

vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
https://www.vcluster.com
Apache License 2.0
6.35k stars 406 forks source link

CoreDNS does not start due to podPriority mismatch #22

Closed Duologic closed 2 years ago

Duologic commented 3 years ago

First of all: Very nice project, great initial docs! Looking forward to dive deep. (trying it out here)

On initial deploy the CoreDNS pod was stuck in pending, on further inspection I found this error:

E0519 23:16:45.423428 1 controller.go:301] controller-runtime: manager: reconciler group reconciler kind Pod: controller: pod-forward: name coredns-5b66977746-6wd9x namespace kube-system: Reconciler error pods "coredns-5b66977746-6wd9x-x-kube-system-x-vcluster-0" is forbidden: the integer value of priority (0) must not be provided in pod spec; priority admission controller computed 2000 from the given PriorityClass name

On the host cluster we have specified custom PriorityClasses and set the default class to value 2000, as highlighted.

Workaround: Deploy the custom PriorityClasses to the virtual cluster.

It would be nice if we could set this right from the beginning, or rather not at all and take the default from the host cluster.

FabianKramm commented 3 years ago

@Duologic thanks for creating this issue! We'll remove setting priority class and priority in pods when syncing them from vcluster to the host cluster in the next release, which should solve your problem. Furthermore we'll implement a feature which will automatically sync priority classes between host and vcluster (although optional) for the next release as well.

FabianKramm commented 2 years ago

Works now with the flag --enable-priority-classes