[0.29.0] clusterdomain autodetection not working #3267
Description
What happened?
The percona's postgresql operator try to autodetect the clusterdomain with this code.
this result in "kubernetes" because vcluster adds this with hostAliases here.
What did you expect to happen?
Probably there are other softwares which try to autodetect the cluster domain this way, so i think this needed a fix on vcluster side, probably by modifying the current code to add the full clusterDomain at the first place(?).
How can we reproduce it (as minimally and precisely as possible)?
Install a percona postgresql operator inside vcluster, add a pg-db, then the backup will fail because of the wrong clusterdomain.
Anything else we need to know?
No response
Host cluster Kubernetes version
Client Version: v1.32.2
Kustomize Version: v5.5.0
Server Version: v1.32.2vcluster version
0.29.0VCluster Config
controlPlane:
advanced:
cloudControllerManager:
enabled: true
defaultImageRegistry: ""
globalMetadata:
annotations: {}
headlessService:
annotations: {}
labels: {}
konnectivity:
agent:
enabled: true
extraArgs: []
extraEnv: []
image: ""
imagePullPolicy: ""
nodeSelector: {}
replicas: 1
tolerations: []
server:
enabled: true
extraArgs: []
registry:
anonymousPull: true
config: {}
enabled: false
serviceAccount:
annotations: {}
enabled: true
imagePullSecrets: []
labels: {}
name: ""
virtualScheduler:
enabled: false
workloadServiceAccount:
annotations: {}
enabled: true
imagePullSecrets: []
labels: {}
name: ""
backingStore:
database:
embedded:
enabled: false
extraArgs: []
external:
caFile: ""
certFile: ""
connector: ""
dataSource: ""
enabled: false
extraArgs: []
keyFile: ""
etcd:
deploy:
enabled: true
headlessService:
annotations: {}
service:
annotations: {}
enabled: true
statefulSet:
annotations: {}
enableServiceLinks: true
enabled: true
env: []
extraArgs: []
highAvailability:
replicas: 3
image:
registry: registry.k8s.io
repository: etcd
tag: 3.6.4-0
imagePullPolicy: ""
labels: {}
persistence:
addVolumeMounts: []
addVolumes: []
volumeClaim:
accessModes:
- ReadWriteOnce
enabled: true
retentionPolicy: Retain
size: 5Gi
storageClass: block-local
volumeClaimTemplates: []
pods:
annotations: {}
labels: {}
resources:
requests:
cpu: 20m
memory: 150Mi
scheduling:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- vcluster-etcd
topologyKey: kubernetes.io/hostname
nodeSelector: {}
podManagementPolicy: Parallel
priorityClassName: ""
tolerations: []
topologySpreadConstraints: []
security:
containerSecurityContext: {}
podSecurityContext: {}
embedded:
enabled: false
extraArgs: []
migrateFromDeployedEtcd: false
external:
enabled: false
endpoint: ""
tls:
caFile: ""
certFile: ""
keyFile: ""
coredns:
deployment:
affinity: {}
annotations: {}
image: ""
labels: {}
nodeSelector: {}
pods:
annotations: {}
labels: {}
replicas: 2
resources:
limits:
cpu: 1000m
memory: 170Mi
requests:
cpu: 20m
memory: 64Mi
tolerations: []
topologySpreadConstraints:
- labelSelector:
matchLabels:
k8s-app: vcluster-kube-dns
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
embedded: false
enabled: true
overwriteManifests: ""
priorityClassName: ""
security:
containerSecurityContext: {}
podSecurityContext: {}
service:
annotations: {}
labels: {}
spec:
type: ClusterIP
distro:
k3s:
command: []
enabled: false
extraArgs: []
image:
registry: ""
repository: rancher/k3s
tag: v1.33.3-k3s1
imagePullPolicy: ""
resources:
limits:
cpu: 100m
memory: 256Mi
requests:
cpu: 40m
memory: 64Mi
securityContext: {}
k8s:
apiServer:
command: []
enabled: true
controllerManager:
command: []
enabled: true
extraArgs: []
enabled: true
env: []
image:
registry: ghcr.io
repository: loft-sh/kubernetes
tag: v1.32.2
imagePullPolicy: ""
resources:
limits:
cpu: 100m
memory: 4Gi
requests:
cpu: 40m
memory: 64Mi
scheduler:
command: []
enabled: false
extraArgs: []
securityContext: {}
version: ""
hostPathMapper:
enabled: true
ingress:
annotations:
external-dns.alpha.kubernetes.io/hostname: kube-api.test1.example.com
external-dns.alpha.kubernetes.io/ingress-hostname-source: annotation-only
external-dns.alpha.kubernetes.io/ttl: "60"
external-dns.alpha.kubernetes.io/zone: test1.example.com
haproxy.org/ssl-passthrough: "true"
kubernetes.io/ingress.class: cluster
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
enabled: true
host: kube-api.test1.example.com
labels:
dns.kubego.io/private: "true"
pathType: ImplementationSpecific
spec:
tls: []
proxy:
bindAddress: 0.0.0.0
extraSANs:
- kube-api.test1.example.com
port: 8443
service:
annotations: {}
enabled: true
httpsNodePort: 0
kubeletNodePort: 0
labels: {}
spec:
type: ClusterIP
serviceMonitor:
annotations: {}
enabled: false
labels: {}
standalone:
dataDir: /var/lib/vcluster
joinNode:
containerd:
enabled: true
enabled: true
statefulSet:
annotations: {}
args: []
command: []
enableServiceLinks: true
env: []
highAvailability:
leaseDuration: 60
renewDeadline: 40
replicas: 2
retryPeriod: 15
image:
registry: ghcr.io
repository: loft-sh/vcluster-oss
tag: "0.29.0"
imagePullPolicy: ""
labels: {}
persistence:
addVolumeMounts: []
addVolumes: []
binariesVolume:
- emptyDir: {}
name: binaries
dataVolume: []
volumeClaim:
accessModes:
- ReadWriteOnce
enabled: auto
retentionPolicy: Retain
size: 5Gi
storageClass: block-local
volumeClaimTemplates: []
pods:
annotations: {}
labels: {}
probes:
livenessProbe:
enabled: true
failureThreshold: 60
initialDelaySeconds: 60
periodSeconds: 2
timeoutSeconds: 3
readinessProbe:
enabled: true
failureThreshold: 60
periodSeconds: 2
timeoutSeconds: 3
startupProbe:
enabled: true
failureThreshold: 300
periodSeconds: 6
timeoutSeconds: 3
resources:
limits:
ephemeral-storage: 8Gi
memory: 4Gi
requests:
cpu: 200m
ephemeral-storage: 1Gi
memory: 256Mi
scheduling:
affinity: {}
nodeSelector: {}
podManagementPolicy: Parallel
priorityClassName: ""
tolerations: []
topologySpreadConstraints: []
security:
containerSecurityContext:
allowPrivilegeEscalation: false
runAsGroup: 0
runAsUser: 0
podSecurityContext: {}
workingDir: ""
deploy:
cni:
flannel:
enabled: true
ingressNginx:
defaultIngressClass: true
enabled: false
kubeProxy:
config: {}
enabled: true
extraArgs: []
extraEnv: []
image: ""
imagePullPolicy: ""
nodeSelector: {}
tolerations: []
localPathProvisioner:
enabled: true
metallb:
enabled: false
ipAddressPool:
addresses: []
l2Advertisement: true
metricsServer:
enabled: false
volumeSnapshotController:
enabled: false
experimental:
deploy:
host:
manifests: ""
manifestsTemplate: ""
vcluster:
helm: []
manifests: ""
manifestsTemplate: ""
syncSettings:
setOwner: true
exportKubeConfig:
context: test1-example-com
insecure: false
secret:
name: vc
namespace: vc-test1-example-com
server: https://kube-api.test1.example.com
serviceAccount:
clusterRole: ""
name: ""
namespace: ""
external: {}
integrations:
certManager:
enabled: false
sync:
fromHost:
clusterIssuers:
enabled: true
selector:
labels: {}
toHost:
certificates:
enabled: true
issuers:
enabled: true
externalSecrets:
enabled: false
sync:
fromHost:
clusterStores:
enabled: false
selector:
matchLabels: {}
toHost:
externalSecrets:
selector:
matchLabels: {}
stores:
enabled: false
selector:
matchLabels: {}
webhook:
enabled: false
istio:
enabled: false
sync:
toHost:
destinationRules:
enabled: true
gateways:
enabled: true
virtualServices:
enabled: true
kubeVirt:
enabled: false
sync:
dataVolumes:
enabled: false
virtualMachineClones:
enabled: true
virtualMachineInstanceMigrations:
enabled: true
virtualMachineInstances:
enabled: true
virtualMachinePools:
enabled: true
virtualMachines:
enabled: true
webhook:
enabled: true
metricsServer:
enabled: false
nodes: false
pods: false
logging:
encoding: console
networking:
advanced:
clusterDomain: k8s.test1.example.com
fallbackHostCluster: false
proxyKubelets:
byHostname: true
byIP: true
podCIDR: 10.244.0.0/16
replicateServices:
fromHost: []
toHost: []
resolveDNS: []
plugins: {}
policies:
centralAdmission:
mutatingWebhooks: []
validatingWebhooks: []
limitRange:
annotations: {}
default:
cpu: "1"
ephemeral-storage: 8Gi
memory: 512Mi
defaultRequest:
cpu: 100m
ephemeral-storage: 3Gi
memory: 128Mi
enabled: auto
labels: {}
max: {}
min: {}
networkPolicy:
annotations: {}
enabled: false
extraControlPlaneRules: []
extraWorkloadRules: []
fallbackDns: 8.8.8.8
labels: {}
outgoingConnections:
ipBlock:
cidr: 0.0.0.0/0
except:
- 100.64.0.0/10
- 127.0.0.0/8
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
platform: true
resourceQuota:
annotations: {}
enabled: auto
labels: {}
quota:
count/configmaps: 100
count/endpoints: 40
count/persistentvolumeclaims: 20
count/pods: 20
count/secrets: 100
count/services: 20
limits.cpu: 20
limits.ephemeral-storage: 160Gi
limits.memory: 40Gi
requests.cpu: 10
requests.ephemeral-storage: 60Gi
requests.memory: 20Gi
requests.storage: 100Gi
services.loadbalancers: 1
services.nodeports: 0
scopeSelector:
matchExpressions: []
scopes: []
privateNodes:
autoNodes:
dynamic: []
static: []
autoUpgrade:
concurrency: 1
enabled: true
enabled: false
joinNode:
containerd:
enabled: true
kubelet:
config: {}
vpn:
enabled: false
nodeToNode:
enabled: false
rbac:
clusterRole:
enabled: auto
extraRules: []
overwriteRules: []
role:
enabled: true
extraRules: []
overwriteRules: []
sync:
fromHost:
configMaps:
enabled: false
mappings:
byName: {}
csiDrivers:
enabled: auto
csiNodes:
enabled: auto
csiStorageCapacities:
enabled: auto
events:
enabled: true
ingressClasses:
enabled: false
nodes:
clearImageStatus: true
enabled: true
selector:
all: false
labels:
example.io/enabled: vcluster
syncBackChanges: true
priorityClasses:
enabled: false
runtimeClasses:
enabled: false
secrets:
enabled: false
mappings:
byName: {}
storageClasses:
enabled: true
volumeSnapshotClasses:
enabled: true
toHost:
configMaps:
all: false
enabled: true
endpoints:
enabled: true
ingresses:
enabled: false
namespaces:
enabled: false
mappingsOnly: false
networkPolicies:
enabled: false
persistentVolumeClaims:
enabled: true
persistentVolumes:
enabled: true
podDisruptionBudgets:
enabled: true
pods:
enabled: true
enforceTolerations: []
hybridScheduling:
enabled: false
hostSchedulers: []
priorityClassName: ""
rewriteHosts:
enabled: true
initContainer:
image:
registry: mirror.gcr.io
repository: library/alpine
tag: "3.20"
resources:
limits:
cpu: 30m
memory: 64Mi
requests:
cpu: 30m
memory: 64Mi
runtimeClassName: ""
translateImage: {}
useSecretsForSATokens: false
priorityClasses:
enabled: false
secrets:
all: false
enabled: true
serviceAccounts:
enabled: false
services:
enabled: true
storageClasses:
enabled: false
volumeSnapshotContents:
enabled: true
volumeSnapshots:
enabled: true
telemetry:
enabled: true