- Make sure you have
balance source
in haproxy. - Backend
server
section in haproxy config should have all your k8s nodes. sessionAffinity
in k8s is irrelevant.- Exposed k8s service need to have
nodePort
set and this annotation:
kubectl annotate service myService service.beta.kubernetes.io/external-traffic=OnlyLocal
This will cause internal k8s loadbalancer on nodeⁿ to route traffic only to pod on nodeⁿ. From Haproxy point of view it will look like nodeⁿ:nodePort
=== pod on nodeⁿ:port
thus disabling k8s LB completly.
Further reading: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typenodeport