Contact UsGet started

Fields and annotations of the Service resource for the Ingress controller

Written by
Updated at December 11, 2024

The Service resource represents the Kubernetes service. For the Ingress controller, Application Load Balancer services are backends between which the incoming traffic is distributed within a Managed Service for Kubernetes cluster. Services representing Application Load Balancer backends may be specified in the Ingress resource either directly or as part of HttpBackendGroup backend groups.

Service is a standard Kubernetes resource. Below, you can find the descriptions of the resource fields and annotations the Application Load Balancer tools for Managed Service for Kubernetes interface with. For a full description of the resource configuration, see the Kubernetes documentation.

Service

apiVersion: v1
kind: Service
metadata: <ObjectMeta>
spec: <ServiceSpec>

Field

Value or type

Description

apiVersion

v1

Required.

Kubernetes API version.

kind

Service

Resource type.

metadata

ObjectMeta

Required.

Resource metadata.

spec

ServiceSpec

Required.

Resource specification.
Example
apiVersion: v1
kind: Service
metadata:
  name: alb-demo-1
spec:
  selector:
    app: alb-demo-1
  type: NodePort
  ports:
    - name: http
      port: 80
      protocol: TCP
      nodePort: 30081

ObjectMeta

name: <string>
annotations:
  ingress.alb.yc.io/protocol: <string>
  ingress.alb.yc.io/transport-security: <string>
  ingress.alb.yc.io/health-checks: <string>

Field

Value or type

Description

name

string

Required.

Resource name.

This name is not the balancer name in Application Load Balancer.

annotations

map[string]string

Required.

Resource annotations.

Annotations (metadata.annotations)

Annotations are collections of key:value pairs used for assigning metadata to objects. Annotation values are always of the string data type. For more on annotations, see the Kubernetes documentation.

In Application Load Balancer, annotations are only used in the Service resources to set up Ingress controllers.

You can provide the following annotations for a ObjectMeta object:

  • ingress.alb.yc.io/protocol

    Connection protocol for the load balancer and backends described in Ingress:

    • http: HTTP/1.1 default
    • http2: HTTP/2
    • grpc: gRPC

  • ingress.alb.yc.io/transport-security

    Connection encryption protocol for the load balancer and backends specified in Ingress directly (without HttpBackendGroup).

    The acceptable value is tls: TLS with no certificate challenge.

    If no annotation is specified, the load balancer connects to the backends with no encryption.

    For backends belonging to groups, the annotation value is ignored. When you encrypt a connection between a load balancer and grouped backends, you configure the encryption via the spec.backend.tls field of the HttpBackendGroup resource (see the resource configuration).

  • ingress.alb.yc.io/health-checks

    Parameters for configuring custom application health checks in a cluster.

    • http-path: Path to the application's health check endpoint in the request URI. The default value is /healthz.

    • port: Port on the cluster nodes used to check the application's availability. The application will be available for health checks at http://<node_IP_address>:<port>/<path>.

    • healthy-threshold: Number of consecutive successful checks to consider the application endpoint healthy. The default value is 1.

    • unhealthy-threshold: Number of consecutive failed checks to consider the application endpoint unhealthy. The default value is 1.

    • timeout: Response timeout in seconds. The values range from 1s to 60s. The default value is 2s.

    • interval: Interval between health check requests in seconds. The values range from 1s to 60s. The default value is 5s. The interval value must be larger than timeout by at least one second.

    port is a required parameter. If you omit the other parameters, they will be set to their default values.

    The parameters are given as a comma-separated list. Here is an example:

    ...
annotations:
  ingress.alb.yc.io/health-checks: port=30103,http-path=/health-1,timeout=10s,interval=20s,healthy-threshold=3,unhealthy-threshold=2
...

ServiceSpec

type: NodePort
ports:
  - <ServicePort>
  -

Field

Value or type

Description

type

NodePort

Required.

Service type.

Warning

The Kubernetes services used as backends (as specified in the Ingress rules directly or in HttpBackendGroup), must be of NodePort type. For more details on this type, please see the Kubernetes documentation.

ports

[]ServicePort

Required.

List of ports where the service is available.

ServicePort

port: <int32>
name: <string>
protocol: <protocol>
nodePort: <int32>

Field

Value or type

Description

port

int32

Required.
Number of port where the service is available.

You can use this number if you designate a service as a backend:

  • In Ingress: using the spec.rules.http.paths.backend.service.port.number field (see the configuration).
  • In an HttpBackendGroup backend group: using the spec.backends.service.port.number field (see the configuration).

name

string

Port name within the service.

You can use this name if you designate a service as a backend:

  • In Ingress: using the spec.rules.http.paths.backend.service.port.name field (see the configuration).
  • In an HttpBackendGroup backend group: using the spec.backends.service.port.name field (see the configuration).

protocol

TCP

Network protocol for the port. TCP only.

nodePort

int32

Number of the port opened on the cluster nodes on which the service is deployed. The load balancer sends traffic to this port, and Kubernetes forwards the traffic to the service on its port in the port parameter.

Corresponds to the backend port in the Application Load Balancer backend group.
Previous
IngressClass
Next
Gateway