Hello,
Some of our applications rely on service session affinity when communicating with other applications in the cluster. (See Virtual IPs and Service Proxies | Kubernetes )
As I understand it, when the Linkerd proxy is injected, it no longer communicates with the cluster IP of the Kubernetes service, but addresses the IP of the pod directly and thus ignores session stickiness.
Is there a way to enable session stickiness for pod-to-pod communication without losing the Linkerd mTLS encryption? I know you can set the config.linkerd.io/skip-outbound-ports annotation, but that would disable the encryption.