feat(source): use EndpointSlices instead of Endpoints for Service

[vflaux]

What does it do ?

Use EndpointSlices instead of Endpoints for Service source.

Allow to use EndpointSlices instead on Endpoints for Services source.

This add a new interface for getting the endpoints from Services with two implementations: Endpoints & EndpointSlices.

A new option --[no-]use-endpointslices allow to switch between the two implementations.
Endpoints implementation stays the default.

Motivation

#5467: Endpoints are deprecated in 1.33: https://kubernetes.io/blog/2025/04/24/endpoints-deprecation/

More

• Yes, this PR title follows Conventional Commits
• Yes, I added unit tests
• Yes, I updated end user documentation accordingly

[k8s-ci-robot]

Hi @vflaux. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[mloiseleur]

@vflaux As of Kubernetes 1.21, the EndpointSlices API is a stable alternative. Users of obsolete versions of Kubernetes can use obsolete versions of external dns.

IIRC, On Traefik Proxy, they have made the switch in v3.1.0, without any known issues since then.

=> Wdyt about just making the switch, without any flag ? We'll add a notice for RBAC change in release notes.

[vflaux]

@mloiseleur I followed @ivankatliarchuk’s comment on this issue: #5467 (comment), but simply switching to EndpointSlices would be less complex.
Both options are good for me 😃

[ivankatliarchuk]

/ok-to-test

[ivankatliarchuk]

I thought is going to me more complicated to do the switch. Nice one

[ivankatliarchuk]

If we think that support for Endpoint and EndpointSlices is not reqiured, fine with me.

[mloiseleur]

For external dns feature, we should do deprecation.
On this, it has been deprecated on k8s side since multiple years.
There is no interest in keeping Endpoint support. It's an internal mechanism between external dns and k8s. There is no usage impact. It only requires to change the rbac.
So yes, let's do it in a simpler and more straightforward way.

[ivankatliarchuk]

for helm chart, any chance you could add a helm unit test? This is what we are using https://github.com/helm-unittest/helm-unittest

[mloiseleur]

This PR LGTM.
@vflaux for the chart, you need to update charts/external-dns/CHANGELOG.md under UNRELEASED section. See for instance this PR for an example.

[ivankatliarchuk]

Do you think you could address error cases in unit tests? Rest is lgtm as well

[vflaux]

@ivankatliarchuk some of them are unreachable code at runtime; I’ve added comments for these cases.
I also added a test for the scenario where a non-EndpointSlice is added to the index. In this case, the index function returns an error, and the add function then panics.

Regarding the publishHostIP condition, I see no test with it enabled.
Maybe it’s preferable to address this in a separate PR and validate the current behavior with Endpoints before merging this one?

[ivankatliarchuk]

Yeah, let's add tests in separate pr to cover missing cases

[ivankatliarchuk]

/lgtm
/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ivankatliarchuk

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [ivankatliarchuk]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ivankatliarchuk]

This PR LGTM. @vflaux for the chart, you need to update charts/external-dns/CHANGELOG.md under UNRELEASED section. See for instance this PR for an example.

@vflaux Looks like I missed this comment. Address it when you have time pls

[stevo-f3]

Would it make sense to update https://github.com/kubernetes-sigs/external-dns?tab=readme-ov-file#kubernetes-version-compatibility for k8s >= 1.33 to use external-dns >= v0.18.0 ?

[mloiseleur]

@stevo-f3 Yes, clearly. Do you think you can open the PR to update it ?