Fixes

Signed-off-by: galal-hussein <[email protected]>

k3k-kubelet/controller/service.go

@@ -25,7 +25,6 @@ const (
 	serviceFinalizerName    = "service.k3k.io/finalizer"
 )
 
-// TODO: change into a generic syncer
 type ServiceReconciler struct {
 	virtualClient    ctrlruntimeclient.Client
 	hostClient       ctrlruntimeclient.Client
@@ -64,7 +63,6 @@ func AddServiceSyncer(ctx context.Context, virtMgr, hostMgr manager.Manager, clu
 
 func (s *ServiceReconciler) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error) {
 	log := s.logger.With("Cluster", s.clusterName, "Service", req.NamespacedName)
-	// skip kubernetes service
 	if req.Name == "kubernetes" || req.Name == "kube-dns" {
 		return reconcile.Result{}, nil
 	}
@@ -84,6 +82,8 @@ func (s *ServiceReconciler) Reconcile(ctx context.Context, req reconcile.Request
 	if err := controllerutil.SetControllerReference(&cluster, syncedService, s.HostScheme); err != nil {
 		return reconcile.Result{}, err
 	}
+
+	// handle deletion
 	if !virtService.DeletionTimestamp.IsZero() {
 		// deleting the synced service if exists
 		if err := s.hostClient.Delete(ctx, syncedService); err != nil {
@@ -98,14 +98,15 @@ func (s *ServiceReconciler) Reconcile(ctx context.Context, req reconcile.Request
 		}
 		return reconcile.Result{}, nil
 	}
+
 	// Add finalizer if it does not exist
 	if !controllerutil.ContainsFinalizer(&virtService, serviceFinalizerName) {
 		controllerutil.AddFinalizer(&virtService, serviceFinalizerName)
 		if err := s.virtualClient.Update(ctx, &virtService); err != nil {
 			return reconcile.Result{}, err
 		}
 	}
-
+	// create or update the service on host
 	if err := s.hostClient.Get(ctx, types.NamespacedName{Name: syncedService.Name, Namespace: s.clusterNamespace}, &hostService); err != nil {
 		if apierrors.IsNotFound(err) {
 			log.Info("creating the service for the first time on the host cluster")

k3k-kubelet/kubelet.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/tls"
 	"crypto/x509"
+	"errors"
 	"fmt"
 	"net"
 	"net/http"
@@ -99,14 +100,14 @@ func newKubelet(ctx context.Context, c *config, logger *k3klog.Logger) (*kubelet
 		},
 	})
 	if err != nil {
-		return nil, fmt.Errorf("unable to create controller-runtime mgr for host cluster: %s", err.Error())
+		return nil, errors.New("unable to create controller-runtime mgr for host cluster: " + err.Error())
 	}
 
 	virtualScheme := runtime.NewScheme()
 	// virtual client will only use core types (for now), no need to add anything other than the basics
 	err = clientgoscheme.AddToScheme(virtualScheme)
 	if err != nil {
-		return nil, fmt.Errorf("unable to add client go types to virtual cluster scheme: %s", err.Error())
+		return nil, errors.New("unable to add client go types to virtual cluster scheme: " + err.Error())
 	}
 	virtualMgr, err := ctrl.NewManager(virtConfig, manager.Options{
 		Scheme: virtualScheme,
@@ -116,20 +117,20 @@ func newKubelet(ctx context.Context, c *config, logger *k3klog.Logger) (*kubelet
 	})
 
 	logger.Info("adding service syncer controller")
-	if k3kkubeletcontroller.AddServiceSyncer(ctx, virtualMgr, hostMgr, c.ClusterName, c.ClusterNamespace, k3klog.New(false)); err != nil {
-		return nil, fmt.Errorf("failed to add service syncer controller: %v", err)
+	if err := k3kkubeletcontroller.AddServiceSyncer(ctx, virtualMgr, hostMgr, c.ClusterName, c.ClusterNamespace, k3klog.New(false)); err != nil {
+		return nil, errors.New("failed to add service syncer controller: " + err.Error())
 	}
 
 	clusterIP, err := clusterIP(ctx, c.AgentHostname, c.ClusterNamespace, hostClient)
 	if err != nil {
-		return nil, fmt.Errorf("failed to extract the clusterIP for the server service %s", err.Error())
+		return nil, errors.New("failed to extract the clusterIP for the server service: " + err.Error())
 	}
 
 	// get the cluster's DNS IP to be injected to pods
 	var dnsService v1.Service
 	dnsName := controller.SafeConcatNameWithPrefix(c.ClusterName, "kube-dns")
 	if err := hostClient.Get(ctx, types.NamespacedName{Name: dnsName, Namespace: c.ClusterNamespace}, &dnsService); err != nil {
-		return nil, fmt.Errorf("failed to get the DNS service for the cluster %s", err.Error())
+		return nil, errors.New("failed to get the DNS service for the cluster: " + err.Error())
 	}
 
 	return &kubelet{
@@ -163,7 +164,7 @@ func (k *kubelet) registerNode(ctx context.Context, agentIP, srvPort, namespace,
 	var err error
 	k.node, err = nodeutil.NewNode(k.name, providerFunc, nodeutil.WithClient(k.virtClient), nodeOpts)
 	if err != nil {
-		return fmt.Errorf("unable to start kubelet: %v", err)
+		return errors.New("unable to start kubelet: " + err.Error())
 	}
 	return nil
 }
@@ -208,7 +209,7 @@ func (k *kubelet) newProviderFunc(namespace, name, hostname, agentIP, serverIP,
 	return func(pc nodeutil.ProviderConfig) (nodeutil.Provider, node.NodeProvider, error) {
 		utilProvider, err := provider.New(*k.hostConfig, k.hostMgr, k.virtualMgr, k.logger, namespace, name, serverIP, dnsIP)
 		if err != nil {
-			return nil, nil, fmt.Errorf("unable to make nodeutil provider %w", err)
+			return nil, nil, errors.New("unable to make nodeutil provider: " + err.Error())
 		}
 		nodeProvider := provider.Node{}
 
@@ -223,13 +224,13 @@ func (k *kubelet) nodeOpts(ctx context.Context, srvPort, namespace, name, hostna
 		// set up the routes
 		mux := http.NewServeMux()
 		if err := nodeutil.AttachProviderRoutes(mux)(c); err != nil {
-			return fmt.Errorf("unable to attach routes: %w", err)
+			return errors.New("unable to attach routes: " + err.Error())
 		}
 		c.Handler = mux
 
 		tlsConfig, err := loadTLSConfig(ctx, k.hostClient, name, namespace, k.name, hostname, k.token, agentIP)
 		if err != nil {
-			return fmt.Errorf("unable to get tls config: %w", err)
+			return errors.New("unable to get tls config: " + err.Error())
 		}
 		c.TLSConfig = tlsConfig
 		return nil
@@ -255,7 +256,7 @@ func virtRestConfig(ctx context.Context, virtualConfigPath string, hostClient ct
 		logger.Infow("decoded bootstrap", zap.Error(err))
 		return err
 	}); err != nil {
-		return nil, fmt.Errorf("unable to decode bootstrap: %w", err)
+		return nil, errors.New("unable to decode bootstrap: " + err.Error())
 	}
 	adminCert, adminKey, err := kubeconfig.CreateClientCertKey(
 		controller.AdminCommonName, []string{user.SystemPrivilegedGroup},
@@ -313,7 +314,7 @@ func loadTLSConfig(ctx context.Context, hostClient ctrlruntimeclient.Client, clu
 		b, err = bootstrap.DecodedBootstrap(token, endpoint)
 		return err
 	}); err != nil {
-		return nil, fmt.Errorf("unable to decode bootstrap: %w", err)
+		return nil, errors.New("unable to decode bootstrap: " + err.Error())
 	}
 	ip := net.ParseIP(agentIP)
 	altNames := certutil.AltNames{
@@ -322,19 +323,19 @@ func loadTLSConfig(ctx context.Context, hostClient ctrlruntimeclient.Client, clu
 	}
 	cert, key, err := kubeconfig.CreateClientCertKey(nodeName, nil, &altNames, []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, 0, b.ServerCA.Content, b.ServerCAKey.Content)
 	if err != nil {
-		return nil, fmt.Errorf("unable to get cert and key: %w", err)
+		return nil, errors.New("unable to get cert and key: " + err.Error())
 	}
 	clientCert, err := tls.X509KeyPair(cert, key)
 	if err != nil {
-		return nil, fmt.Errorf("unable to get key pair: %w", err)
+		return nil, errors.New("unable to get key pair: " + err.Error())
 	}
 	// create rootCA CertPool
 	certs, err := certutil.ParseCertsPEM([]byte(b.ServerCA.Content))
 	if err != nil {
-		return nil, fmt.Errorf("unable to create ca certs: %w", err)
+		return nil, errors.New("unable to create ca certs: " + err.Error())
 	}
 	if len(certs) < 1 {
-		return nil, fmt.Errorf("ca cert is not parsed correctly")
+		return nil, errors.New("ca cert is not parsed correctly")
 	}
 	pool := x509.NewCertPool()
 	pool.AddCert(certs[0])

k3k-kubelet/translate/host.go

@@ -60,6 +60,7 @@ func (t *ToHostTranslater) TranslateTo(obj client.Object) {
 	// and doesn't collide with other resources
 	obj.SetName(t.TranslateName(obj.GetNamespace(), obj.GetName()))
 	obj.SetNamespace(t.ClusterNamespace)
+	obj.SetFinalizers(nil)
 }
 
 func (t *ToHostTranslater) TranslateFrom(obj client.Object) {