flagger icon indicating copy to clipboard operation
flagger copied to clipboard
verified publisher icon fluxcd

Base pod & service labels not copied to canary and primary

Open AshDerTest opened this issue 2 years ago • 7 comments

Describe the bug

Flagger primary and canary pods and services do not carry over the base pod and service custom labels, into the flagger-created resources but keep the annotations.

It would be advantageous to have more control over this in some form (in the Canary definition),

If the intention is to add additional labels from a flagger perspective this should be appendedand only have additive, and non-destructive abilties to the labels and selectors.

To Reproduce

Expected behavior

All base pod and service labels and annotations to be carried over to the primary and canary resources created. Or Labels should be able to be defined in the Canary definition

Additional context

  • Flagger version: 1.25.0
  • Kubernetes version: v1.25.5
  • Service Mesh provider: n/a
  • Ingress provider: traefik

AshDerTest avatar Apr 05 '23 16:04 AshDerTest

Yeah, something like this would be good to provide for at least the created Service and Deployment resource.

The recommended kubernetes labels are difficult to use as native flagger selectorLabels because appending -primary to them has negative consequences for existing alerts, service registries, so having flagger copy labels like app.kubernetes.io/name and the common shorthand app feels like a good minimum to be able to do if they exist.

Blanket copy might be less sane given stuff like app.kubernetes.io/version that should ideally differ between the primary and canary. Maybe some kind of whitelist for labels makes sense?

clux avatar May 02 '23 11:05 clux

You can use the --include-label-prefix flag for this. For example if you start Flagger with --selector-labels=name and --include-label-prefix=app.kubernetes.io/name,app.kubernetes.io/component, then the primary deployment will have the labels: name: podinfo-primary, app.kubernetes.io/name: podinfo, app.kubernetes.io/component: podinfo.

Note that the default value of --selector-labels is app,name,app.kubernetes.io/name and the comma separated list is more of an ordered enum. By ordered enum, I mean that the first label in the list thats found in the canary Deployment ends up getting -primary appended to its value for the primary Deployment and the other labels in the list are not considered.

aryan9600 avatar May 03 '23 12:05 aryan9600

Thanks @aryan9600 that works great for the main Deployment object created. It doesn't seem to get added to the created Sevice objects though.

clux avatar May 04 '23 09:05 clux

For Kubernetes Services see https://fluxcd.io/flagger/usage/how-it-works/#canary-service

stefanprodan avatar May 04 '23 09:05 stefanprodan

Ah, perfect. That should do it. Thank you! EDIT: yep, this sorted everything on my end.

clux avatar May 04 '23 09:05 clux

Is there are good way to copy the app.kubernetes.io/version from canary deployment -> canary service, and primary deployment -> primary service, other than manually setting them on the Canary directly?

If I set them on the canary directly they seem to be added right away to the service, however, if it fails to roll out, it seems they stay as the "new" version, even though it's incorrect.

Looking at the code, I can't see an easy way to achieve this right now.

Multiply avatar May 17 '23 05:05 Multiply

We also need our custom labels and annotations being copied for the KEDA scaledObject or all *-primary resources for our custom validation or mutation

dogzzdogzz avatar Feb 16 '24 07:02 dogzzdogzz