K3s: Preserve client ips

The embedded load balancer is just using iptables and will masquerade the IPs. You are better off running kube-router or metal lb for that purpose. Just add --no-deploy=servicelb to disable the builtin service LB.

If you get metallb or kube-router working with k3s I love to see how you did it. Eventually it would be great to cultivate a series of recipes/howtos to bolt on different components to k3s easily.

For kube-router you also do not need kube-proxy anymore. Therefore you might want to integrate kube-router instead of flannel in order to save RAM.

@ibuildthecloud have you looked into kube-router already?

I do like kube-router but i think defaulting to it would be too much of a change from what people are expecting, if they are just expecting vanilla k8s. The kube-proxy really doesn't add much memory so it's not a huge concern. The biggest issue is the performance hit.

I believe kube-router should work on k3s as is. Please create a new issue if kube-router doesn't work and we will address that. In terms of preserving client IPs, k3s doesn't change the behavior of k8s so this is really a more generic k8s question.

I do not think that you can run kube-router with k3s. Because you have to remove the kube-router daemon set and iptables rules. We would need an additional option like without kube-proxy otherwise there would be a conflict.