feat: add option to generate headless services

aryan9600 · aryan9600 · commit 45618b90db93 · 2025-01-14T14:09:12.000+05:30
Add a new field `.spec.service.headless` which if set to true results in
Flagger generating headless Services, i.e. with the Service's
`.spec.clusterIP` set to None.

Signed-off-by: Sanskar Jaiswal &lt;jaiswalsanskar078@gmail.com&gt;
diff --git a/artifacts/flagger/crd.yaml b/artifacts/flagger/crd.yaml
@@ -198,6 +198,9 @@ spec:
                     portDiscovery:
                       description: Enable port dicovery
                       type: boolean
+                    headless:
+                      description: Headless if set to true, generates headless Kubernetes services.
+                      type: boolean
                     timeout:
                       description: HTTP or gRPC request timeout
                       type: string
diff --git a/charts/flagger/crds/crd.yaml b/charts/flagger/crds/crd.yaml
@@ -198,6 +198,9 @@ spec:
                     portDiscovery:
                       description: Enable port dicovery
                       type: boolean
+                    headless:
+                      description: Headless if set to true, generates headless Kubernetes services.
+                      type: boolean
                     timeout:
                       description: HTTP or gRPC request timeout
                       type: string
diff --git a/docs/gitbook/usage/how-it-works.md b/docs/gitbook/usage/how-it-works.md
@@ -147,6 +147,7 @@ spec:
     appProtocol: http
     targetPort: 9898
     portDiscovery: true
+    headless: false
 ```
 
 The container port from the target workload should match the `service.port` or `service.targetPort`.
@@ -155,6 +156,7 @@ The `service.targetPort` can be a container port number or name.
 The `service.portName` is optional (defaults to `http`), if your workload uses gRPC then set the port name to `grpc`.
 The `service.appProtocol` is optional, more details can be found [here](https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol).
 
+
 If port discovery is enabled, Flagger scans the target workload and extracts the containers ports
 excluding the port specified in the canary service and service mesh sidecar ports.
 These ports will be used when generating the ClusterIP services.
@@ -204,6 +206,9 @@ Note that the `apex` annotations are added to both the generated Kubernetes Serv
 generated service mesh/ingress object. This allows using external-dns with Istio `VirtualServices`
 and `TraefikServices`. Beware of configuration conflicts [here](../faq.md#ExternalDNS).
 
+If you want for the generated Kubernetes ClusterIP services to be [headless](https://kubernetes.io/docs/concepts/services-networking/service/#headless-services),
+then set `service.headless` to true.
+
 Besides port mapping and metadata, the service specification can
 contain URI match and rewrite rules, timeout and retry polices:
 
diff --git a/kustomize/base/flagger/crd.yaml b/kustomize/base/flagger/crd.yaml
@@ -198,6 +198,9 @@ spec:
                     portDiscovery:
                       description: Enable port dicovery
                       type: boolean
+                    headless:
+                      description: Headless if set to true, generates headless Kubernetes services.
+                      type: boolean
                     timeout:
                       description: HTTP or gRPC request timeout
                       type: string
diff --git a/pkg/apis/flagger/v1beta1/canary.go b/pkg/apis/flagger/v1beta1/canary.go
@@ -146,6 +146,11 @@ type CanaryService struct {
 	// PortDiscovery adds all container ports to the generated Kubernetes service
 	PortDiscovery bool `json:"portDiscovery"`
 
+	// Headless if set to true, generates headless Kubernetes services.
+	// ref: https://kubernetes.io/docs/concepts/services-networking/service/#headless-services
+	// +optional
+	Headless bool `json:"headless,omitempty"`
+
 	// Timeout of the HTTP or gRPC request
 	// +optional
 	Timeout string `json:"timeout,omitempty"`
diff --git a/pkg/router/kubernetes_default.go b/pkg/router/kubernetes_default.go
@@ -113,6 +113,9 @@ func (c *KubernetesDefaultRouter) reconcileService(canary *flaggerv1.Canary, nam
 			},
 		},
 	}
+	if canary.Spec.Service.Headless {
+		svcSpec.ClusterIP = "None"
+	}
 
 	if v := canary.Spec.Service.AppProtocol; v != "" {
 		svcSpec.Ports[0].AppProtocol = &v
diff --git a/pkg/router/kubernetes_default_test.go b/pkg/router/kubernetes_default_test.go
@@ -34,6 +34,8 @@ import (
 
 func TestServiceRouter_Create(t *testing.T) {
 	mocks := newFixture(nil)
+	mocks.canary.Spec.Service.Headless = true
+
 	router := &KubernetesDefaultRouter{
 		kubeClient:    mocks.kubeClient,
 		flaggerClient: mocks.flaggerClient,
@@ -53,11 +55,13 @@ func TestServiceRouter_Create(t *testing.T) {
 	assert.Equal(t, &appProtocol, canarySvc.Spec.Ports[0].AppProtocol)
 	assert.Equal(t, "http", canarySvc.Spec.Ports[0].Name)
 	assert.Equal(t, int32(9898), canarySvc.Spec.Ports[0].Port)
+	assert.Equal(t, "None", canarySvc.Spec.ClusterIP)
 
 	primarySvc, err := mocks.kubeClient.CoreV1().Services("default").Get(context.TODO(), "podinfo-primary", metav1.GetOptions{})
 	require.NoError(t, err)
 	assert.Equal(t, "http", primarySvc.Spec.Ports[0].Name)
 	assert.Equal(t, int32(9898), primarySvc.Spec.Ports[0].Port)
+	assert.Equal(t, "None", primarySvc.Spec.ClusterIP)
 }
 
 func TestServiceRouter_Update(t *testing.T) {

Original file line number	Diff line number	Diff line change
`@@ -113,6 +113,9 @@ func (c KubernetesDefaultRouter) reconcileService(canary flaggerv1.Canary, nam`
`113`	`113`	`},`
`114`	`114`	`},`
`115`	`115`	`}`
	`116`	`+ if canary.Spec.Service.Headless {`
	`117`	`+ svcSpec.ClusterIP = "None"`
	`118`	`+ }`
`116`	`119`
`117`	`120`	`if v := canary.Spec.Service.AppProtocol; v != "" {`
`118`	`121`	`svcSpec.Ports[0].AppProtocol = &v`