Skip to content

bug: Inconsistent shard urls #69

New issue
New issue
Open
Open
bug: Inconsistent shard urls#69
Assignees
mjudeikis
Labels
kind/bugCategorizes issue or PR as related to a bug.
@mjudeikis

Description

@mjudeikis
mjudeikis
opened on Jul 6, 2025

Describe the bug

Create basic setup:

apiVersion: operator.kcp.io/v1alpha1
kind: RootShard
metadata:
  name: root
  namespace: kcp-faros
spec:
  external:
    hostname: frontproxy-front-proxy.kcp-faros.svc.cluster.local
    port: 6443
  certificates:
    issuerRef:
      group: cert-manager.io
      kind: Issuer
      name: selfsigned
  cache:
    embedded:
      enabled: true
  etcd:
    endpoints:
      - http://etcd-root.etcd.svc.cluster.local:2379


apiVersion: operator.kcp.io/v1alpha1
kind: Shard
metadata:
  name: alpha
  namespace: kcp-faros
spec:
  etcd:
    endpoints:
    - http://etcd-alpha.etcd.svc.cluster.local:2379
  rootShard:
    ref:
      name: root


apiVersion: operator.kcp.io/v1alpha1
kind: FrontProxy
metadata:
  name: frontproxy
  namespace: kcp-faros
spec:
  auth:
    oidc:
      enabled: true
      issuerURL: https://auth.faros.sh
      clientID: faros
      groupsClaim: groups
      usernameClaim: email
      usernamePrefix: "oidc:"
      groupsPrefix: "oidc:"
      clientSecret:xxxxxx==
  rootShard:
    ref:
      name: root

and create some APIExport and check VW urls:

- apiVersion: apis.kcp.io/v1alpha1
  kind: APIExport
  metadata:
    annotations:
      kcp.io/cluster: 36nt823y7lbbeust
      kcp.io/path: root:core:controllers
    creationTimestamp: "2025-07-06T16:30:00Z"
    generation: 6
    name: tenancy.faros.sh
    resourceVersion: "477"
    uid: 7a04df4a-8f1d-4ca5-9e41-608161a5ec7b
  spec:
    identity:
      secretRef:
        name: tenancy.faros.sh
        namespace: kcp-system
    latestResourceSchemas:
    - v250629-7d28fee.workspacerequests.tenancy.faros.sh
    - v250703-f908aa3.users.tenancy.faros.sh
    - v250704-8da0bad.containers.tenancy.faros.sh
  status:
    conditions:
    - lastTransitionTime: "2025-07-06T16:30:00Z"
      status: "True"
      type: IdentityValid
    - lastTransitionTime: "2025-07-06T16:30:00Z"
      status: "True"
      type: VirtualWorkspaceURLsReady
    identityHash: 8217b84e5cb861c8c8eec02d13d7c24adc1dc02da57b346d058af234df4642bf
    virtualWorkspaces:
    - url: https://10.42.1.53:6443/services/apiexport/36nt823y7lbbeust/tenancy.faros.sh
    - url: https://alpha-shard-kcp.kcp-faros.svc.cluster.local:6443/services/apiexport/36nt823y7lbbeust/tenancy.faros.sh
kind: List
metadata:
  resourceVersion: ""

Root shard should use service url.

Steps To Reproduce

See above

Expected Behaviour

All shards use internal URLs. Else it's getting messy when pods move.

Additional Context

No response

Metadata

Metadata

Assignees

Labels

kind/bugCategorizes issue or PR as related to a bug.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions