Operator gets stuck at Waiting for service to be created

[silenium-dev]

Describe the bug
When creating a new WireGuard resource, the operator creates services and secrets, but doesn't create the deployment, the status is stuck at Waiting for service to be created.

To Reproduce
Steps to reproduce the behavior:

1. Create the sample Wireguard and WireguardPeer
2. Wait a short period
3. Get Wireguard resource as YAML and see status.message field

Expected behavior
It should create the deployment.

Additional context
K8s version: 1.27.1
OS: Talos Linux v1.4.1
wireguard-operator version: 1.0.1

[silenium-dev]

It seems to work when using the main branch instead of the 1.0.1 release.

[jodevsa]

Waiting for service to be created

Can you describe the service and check why is not getting ready?

kubectl describe service VPN_NAME-svc

[silenium-dev]

The service is ready, I've switched to a ClusterIP service for debugging purposes.

kubectl describe -n wireguard-system adblock-svc:

Name:              adblock-svc
Namespace:         wireguard-system
Labels:            <none>
Annotations:       service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external
Selector:          app=wireguard,instance=adblock
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.96.160.252
IPs:               10.96.160.252
Port:              <unset>  51820/UDP
TargetPort:        51820/UDP
Endpoints:         <none>
Session Affinity:  None
Events:            <none>

kubectl describe -n wireguard-system adblock-metrics-svc:

Name:              adblock-metrics-svc
Namespace:         wireguard-system
Labels:            app=wireguard
instance=adblock
Annotations:       <none>
Selector:          app=wireguard,instance=adblock
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.96.230.14
IPs:               10.96.230.14
Port:              metrics  9586/TCP
TargetPort:        9586/TCP
Endpoints:         <none>
Session Affinity:  None
Events:            <none>

P.S: I've noticed these AWS load-balancer annotations, why do these exist, I'm on a self-hosted k8s

[Matthew-Beckett]

The service is ready, I've switched to a ClusterIP service for debugging purposes.

kubectl describe -n wireguard-system adblock-svc:

Name:              adblock-svc
Namespace:         wireguard-system
Labels:            <none>
Annotations:       service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external
Selector:          app=wireguard,instance=adblock
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.96.160.252
IPs:               10.96.160.252
Port:              <unset>  51820/UDP
TargetPort:        51820/UDP
Endpoints:         <none>
Session Affinity:  None
Events:            <none>

kubectl describe -n wireguard-system adblock-metrics-svc:

Name:              adblock-metrics-svc
Namespace:         wireguard-system
Labels:            app=wireguard
instance=adblock
Annotations:       <none>
Selector:          app=wireguard,instance=adblock
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.96.230.14
IPs:               10.96.230.14
Port:              metrics  9586/TCP
TargetPort:        9586/TCP
Endpoints:         <none>
Session Affinity:  None
Events:            <none>

P.S: I've noticed these AWS load-balancer annotations, why do these exist, I'm on a self-hosted k8s

They are currently hard-coded in the controller, soon you will be able to specify your own annotations:

#36

[silenium-dev]

I'm going to close this, as the main branch works and only a new release is required.