Sync issues with K8s hosts 1.34 or 1.35 #3578
Description
Hello everyone!
I'm raising this issue as it may be related to #2472.
I've found that on EKS host clusters running versions 1.34 or 1.35, vCluster fails to sync the state for some objects, rendering the guest clusters almost unusable. This happened to me using k3s as a guest with a version different than the host cluster. Ie. 1.34 k3s guests work fine in 1.34 hosts, and 1.35 k3s guests work fine in 1.35 hosts. Running a guest version different from the host one leads to this issue.
Within the guest cluster, you'd see situations like the one below:
❯ k get po
k get NAME READY STATUS RESTARTS AGE
gfn-p-1129rc1-1-33-t2-cp1-54d5d7cff-gzf85 1/1 Running 0 127m
❯ k get deployments.apps
NAME READY UP-TO-DATE AVAILABLE AGE
gfn-p-1129rc1-1-33-t2-cp1 0/1 1 0 127m
Where the pod for a deployment is ready, but the deployment never shows ready.
Inspecting the logs, I can see lines like:
2026-02-11 12:47:25 ERROR controller/controller.go:474 Reconciler error {"component": "vcluster", "controller": "pod", "namespace": "cert-manager", "name": "p-1129rc1-1-33-t2-cp1-cert-manager-7cf4ddcbbf-k5m2n", "reconcileI
D": "fcdb4b71-240f-4ea5-ab40-1ca04de63e78", "error": "sync: patch host object: update object status: Pod \"p-1129rc1-1-33-t2-cp1-cert-manager-7cf4ddcbbf-k5m2n--b21ec34921\" is invalid: status.qosClass: Invalid value: \"BestEffort\": field
is immutable"}
Restarting the API server pod sometimes fixes some of these issues, but they eventually come back after creating new deployments or updating existing ones.
This issue presented using vCluster 0.28.0, but is still happening with 0.31.0.
I'm not clear at this point if this is an issue with vCluster or with my config... I'd appreciate any pointers to be able to further pinpoint the cause of this.