GrpcBackendGroup resource fields
GrpcBackendGroup enables you to combine backends that are Kubernetes services and that gRPC traffic is distributed to, into a group. The Application Load Balancer Ingress controller uses these resources to create backend groups.
You need to add a reference to GrpcBackendGroup to the Ingress resource. This Ingress must have the ingress.alb.yc.io/protocol: grpc annotation.
Example
---
apiVersion: alb.yc.io/v1alpha1
kind: GrpcBackendGroup
metadata:
namespace: testapp-ns
name: grpc-bg
spec:
backends:
- name: ying
weight: 50
service:
name: grpc-testapp-service
port:
number: 8080
- name: yang
weight: 50
service:
name: grpc-testapp-service2
port:
number: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: testapp-ingress-with-grpc-bg
namespace: testapp-ns
annotations:
ingress.alb.yc.io/group-name: default
ingress.alb.yc.io/protocol: grpc
spec:
rules:
- host: grpc-first-server.info
http:
paths:
- path: /helloworld.Greeter/SayHello
pathType: Prefix
backend:
resource:
apiGroup: alb.yc.io
kind: GrpcBackendGroup
name: grpc-bg
GrpcBackendGroup is a custom resource from the alb.yc.io API group provided by an Ingress controller.
GrpcBackendGroup
apiVersion: alb.yc.io/v1alpha1
kind: GrpcBackendGroup
metadata:
name: <string>
spec:
backends:
- name: <string>
weight: <int64>
service:
name: <int64>
port:
name: <string>
number: <int32>
tls:
sni: <string>
trustedCa: <string>
healthChecks:
- grpc:
serviceName: <string>
port: <int32>
healthyThreshold: <int32>
unhealthyThreshold: <int32>
timeout: <string>
interval: <string>
- ...
Where:
-
apiVersion:alb.yc.io/v1alpha1 -
kind:GrpcBackendGroup -
metadata(ObjectMeta, required)Resource metadata.
-
name(string, required)Resource name. For more information about the format, please see the Kubernetes documentation.
You must specify this name in the
spec.rules.http.paths.backend.resource.namefield of theIngressresource (see the relevant configuration).This name is not the backend group name in Application Load Balancer.
-
-
spec(GrpcBackendGroupSpec)Resource specification.
-
backends([]GrpcBackend)List of backends in the group.
-
name(string, required)Backend name.
-
weight(int64)Relative backend weight. Traffic is distributed to backends in a group as a function of backend weights.
Weights must be specified either for all backends in a group, or for none. If weights are not specified, traffic is distributed to the backends as if they had identical positive weights.
If a non-positive weight is specified, a backend will not receive traffic.
-
service(ServiceBackend)Reference to the Kubernetes service expected to process requests as a backend.
The
Serviceresource this field refers to must be described in line with the standard configuration.-
name(string, required)Kubernetes service name.
-
port(ServiceBackendPort, required)Port of the service
Ingresswill access.The field is designed for Ingress controller operation and does not match any of the Application Load Balancer resource fields.
-
name(string)Service port name.
The name must match one of the port names specified in the
spec.ports.namefields of theServiceresource. For more information, see the resource specification.Either a name or a
numbermust be specified for the service port but not both. -
number(int32)Service port number.
The number must match one of the port numbers specified in the
spec.ports.portfields of theServiceresource. For more information, see the resource specification.Either a number or a
namemust be specified for the service port but not both.
-
-
-
tls(BackendTLS)TLS connection settings for the load balancer nodes and backend endpoints.
If the field is specified, the load balancer establishes TLS connections with the backend and compares the certificates it gets with the certificate specified in the
trustedCafield. If the field is not specified, the load balancer will make unencrypted connections to the backend.-
sni(string)Domain name specified as the value for the Server Name Indication (SNI) TLS extension.
-
trustedCa(string)Contents of the X.509 certificate issued by a certificate authority in PEM format.
-
-
healthChecks([]HealthChecks)Settings for custom health checks of applications in a Managed Service for Kubernetes cluster.
By default, the Application Load Balancer Ingress controller receives health check requests from the L7 load balancer on TCP port
10501and health checks the kube-proxy pods on each cluster node. If kube-proxy is healthy, then, even if an application in a particular pod does not respond, Kubernetes will redirect traffic to a different pod with that application or to a different node.You can use the
healthChecksparameters to customize application health checks.-
grpc(GrpcBackend)Sets gRPC as the protocol to use for the health check.
-
serviceName(string)Name of the service checked.
-
-
port(int32)Port on the cluster nodes used to check the application's availability. The same port is specified in the
NodePorttype Service resource, in thespec.ports.nodePortparameter.The application will be available for health checks at
http://<node_IP_address>:<port>/<path>. -
healthyThreshold(int32)Number of consecutive successful checks to consider the application endpoint healthy.
-
unhealthyThreshold(int32)Number of consecutive failed checks to consider the application endpoint unhealthy.
-
timeout(string)Response timeout in seconds. The values range from
1sto60s. -
interval(string)Interval between health check requests in seconds.
The values range from
1sto60s. Theintervalvalue must be larger thantimeoutby at least one second.
Note
You can also configure application health checks using the ingress.alb.yc.io/health-checks annotation of the Service resource.
-
-
-