Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Option to skip load balancing on ingress proxies #3504
Option to skip load balancing on ingress proxies.
What problem are you trying to solve?
I have Ambassador running as ingress controller and Linkerd as service mesh. To make it possible that Ambassador can communicate mTLS with services in the Kubernetes cluster, the Ambassador pods must also be meshed (get a linkerd sidecar proxy injected).
Ambassador has several load balancing capabilities, including sticky sessions / session affinity. https://www.getambassador.io/reference/core/load-balancer/#sticky-sessions--session-affinity. However by meshing the ambassador pod the actual load balancer will be linkerd. So the sticky sessions of ambassador won't work anymore.
How should the problem be solved?
Add a header that tells linkerd to skip its normal load balancing and to only use the endpoint ambassador chose.
Any alternatives you've considered?
An alternative would be to not mesh Ambassador and make the generated certificates (https://linkerd.io/2/tasks/generate-certificates/) available to Ambassador. I tried this, but I didn't get working connections.
How would users interact with this feature?
Setting a pod annotation.