Why do my DOKS load balancer settings keep reverting?

DigitalOcean Load Balancers provisioned by Kubernetes are managed by the Cloud Controller Manager (CCM) running on the control plane. Manual modifications to the load balancer through the cloud panel are overwritten by the CCM. This occurs during the CCM’s reconciliation process. This process runs to ensure that the load balancer is reflecting the state defined by the Kubernetes LoadBalancer service object.

To make changes to your load balancer configuration that persist, modify the Kubernetes service object that provisioned the load balancer. You can do this using the Kubernetes service annotations.

For example, the following command adds an annotation to the my-service object which changes the default protocol to HTTPS:

kubectl annotate svc my-service service.beta.kubernetes.io/do-loadbalancer-protocol: "https"

For information on how to apply annotations, you can run kubectl annotate --help.

We provide the DigitalOcean CCM service annotations on our public GitHub repository. You can find additional documentation on the service annotations here.

Health checks often fail due to firewalls or misconfigured backend server software.
Kubernetes service ’externaltrafficpolicy’ field controls how nodes respond to health checks.