chore!: Default ListenerClass externalTrafficPolicy to null

crates/stackable-operator/CHANGELOG.md

@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+### Changed
+
+- BREAKING: Default ListenerClass `.spec.externalTrafficPolicy` to `null` so that LoadBalancers work everywhere ([#1107]).
+
+[#1107]: https://github.com/stackabletech/operator-rs/pull/1107
+
 ## [0.99.0] - 2025-10-06
 
 ### Added

crates/stackable-operator/src/crd/listener/class/mod.rs

@@ -50,13 +50,21 @@ pub mod versioned {
         #[serde(default)]
         pub service_annotations: BTreeMap<String, String>,
 
-        /// `externalTrafficPolicy` that should be set on the created [`Service`] objects.
+        /// `externalTrafficPolicy` that should be set on the created Service objects.
         ///
-        /// The default is `Local` (in contrast to `Cluster`), as we aim to direct traffic to a node running the workload
-        /// and we should keep testing that as the primary configuration. Cluster is a fallback option for providers that
-        /// break Local mode (IONOS so far).
-        #[serde(default = "ListenerClassSpec::default_service_external_traffic_policy")]
-        pub service_external_traffic_policy: core_v1alpha1::KubernetesTrafficPolicy,
+        /// It is a Kubernetes feature that controls how external traffic is routed to a Kubernetes
+        /// Service.
+        ///
+        /// * `Cluster`: Kubernetes defaults to `Cluster`, which means that traffic is routed to any
+        ///    node in the Kubernetes cluster that has a pod running the service.
+        /// * `Local`: Means that traffic is only routed to pods running on the same node as the
+        ///    Service.
+        ///
+        /// `Local` has a better performance as it avoids a network hop, but requires a "clever"
+        /// LoadBalancer, that respects what Pods run on which nodes and routes traffic only to that
+        /// nodes accordingly. Some cloud providers (such as IONOS) or bare metal installations
+        /// don't have such features, so the default is `Cluster` to work everywhere.
+        pub service_external_traffic_policy: Option<core_v1alpha1::KubernetesTrafficPolicy>,
 
         /// Whether addresses should prefer using the IP address (`IP`) or the hostname (`Hostname`).
         /// Can also be set to `HostnameConservative`, which will use `IP` for `NodePort` service types, but `Hostname` for everything else.

crates/stackable-operator/src/crd/listener/class/v1alpha1_impl.rs

@@ -1,13 +1,9 @@
 use crate::crd::listener::{
     class::v1alpha1::ListenerClassSpec,
-    core::v1alpha1::{AddressType, KubernetesTrafficPolicy, PreferredAddressType},
+    core::v1alpha1::{AddressType, PreferredAddressType},
 };
 
 impl ListenerClassSpec {
-    pub(super) const fn default_service_external_traffic_policy() -> KubernetesTrafficPolicy {
-        KubernetesTrafficPolicy::Local
-    }
-
     pub(super) const fn default_preferred_address_type() -> PreferredAddressType {
         PreferredAddressType::HostnameConservative
     }

crates/stackable-operator/src/crd/listener/core/mod.rs

@@ -45,6 +45,8 @@ pub mod versioned {
 
         /// Preserves the client source IP and avoid a second hop for LoadBalancer and NodePort type
         /// Services, but makes clients responsible for spreading the load.
+        ///
+        /// Does not work everywhere, e.g. not on IONOS!
         Local,
     }