Description
Is your feature request related to a problem? Please describe.
The service.kubernetes.io/service-proxy-name was initially intended to off-load the kube-proxy from handling all services already handled by a service mesh. I think there will be more specialized K8s proxiers coming in the near future. People has requirement for special things and to get a (possibly odd) feature into the "real" K8s proxier (or Kube-router) is hard (if at all possible).
Describe the solution you'd like
Kube-router should honour the service.kubernetes.io/service-proxy-name label when taking over the standard kube-proxy. This means; if the label is defined for a service Kube-router must not setup loadbalancing for that service. Example;
apiVersion: v1
kind: Service
metadata:
name: mserver-no-proxy
labels:
service.kubernetes.io/service-proxy-name: istio
spec:
selector:
app: mserver-deployment
ports:
- port: 5001
name: mconnect
Describe alternatives you've considered
You could also take a more defensive approach in Kube-router by (optionally) allowing a setting like service.kubernetes.io/service-proxy-name: kube-router to let kube-router handle only some services, e.g. for DSR. Some administrations are reluctant to deviate from "standard" K8s, but special handling for special services may be ok.
Additional context
This is easy to implement by filtering the service watch (sbezverk/nfproxy#50).