K8s service with internalTrafficPolicy: Local


First time using haproxy as an ingress for kubernetes.
Everything works great, except that it does not seem to respect internalTrafficPolicy: Local for services.

Looking at the haproxy.cfg, I realized it’s resolving the pod IPs instead of using the clusterIP, which explains why the k8s network policy will not work.

Is there a way to disable the resolving of pod IPs for the backend config so that k8s does the routing?
For example, when the ingress specifies backend service foobar, I want the haproxy.cfg to configure backend server <cluster-ip> instead of backend server <pod ip>.

Alternatively if there’s a way to resolve the correct (local node) pod ips

For anyone interested, I worked around the issue like this for now.

apiVersion: v1
kind: Service
    app: foobar
  name: foobar-haproxy
  clusterIP: "None"
    - name: http
      port: 80
      protocol: TCP
      targetPort: 80
apiVersion: v1
kind: Endpoints
  name: foobar-haproxy
  - addresses:
      - ip: <original service IP>
      - port: 80
        protocol: TCP
        name: http

This way, the haproxy will configure its service to point to the original service IP instead of the pod IPs, now local traffic policy works.

Would be great if there was a native way to obey the internalTrafficPolicy though