HttpBackendGroup resource fields
The HttpBackendGroup resource enables you to combine backends that are Kubernetes services and that traffic is distributed to, into a group. The Application Load Balancer Ingress controller uses these resources to create backend groups.
You must add a reference to HttpBackendGroup to the Ingress resource.
Using HttpBackendGroup makes extended Application Load Balancer functionality available. A group like this may have Kubernetes services or Yandex Object Storage buckets as backends. In HttpBackendGroup, you can also specify relative backend weight to allocate traffic to them proportionately.
HttpBackendGroup is a custom resource from the alb.yc.io API group provided by the Ingress controller.
HttpBackendGroup
apiVersion: alb.yc.io/v1alpha1
kind: HttpBackendGroup
metadata:
name: <string>
spec:
backends:
- name: <string>
weight: <int64>
useHttp2: <bool>
service:
name: <int64>
port:
name: <string>
number: <int32>
storageBucket:
name: <string>
tls:
sni: <string>
trustedCa: <string>
healthChecks:
- http:
path: <string>
port: <int32>
healthyThreshold: <int32>
unhealthyThreshold: <int32>
timeout: <string>
interval: <string>
- ...
Where:
-
apiVersion:alb.yc.io/v1alpha1 -
kind:HttpBackendGroup -
metadata(ObjectMeta, required)Resource metadata.
-
name(string, required)Resource name. For more information about the format, please see the Kubernetes documentation.
You must specify this name in the
spec.rules.http.paths.backend.resource.namefield of theIngressresource (see the configuration).This name is not the backend group name in Application Load Balancer.
-
-
spec(HttpBackendGroupSpec)Resource specification.
-
backends([]HttpBackend)List of backends in the group.
-
name(string, required)Backend name.
-
weight(int64)Relative backend weight. Traffic is distributed to backends in a group as a function of backend weights.
Weights must be specified either for all backends in a group, or for none. If weights are not specified, traffic is distributed to the backends as if they had identical positive weights.
If a non-positive weight is specified, a backend will not receive traffic.
-
useHttp2(bool)Enables HTTP/2 connections between the load balancer nodes and the backend endpoints.
The default value,
false, results in HTTP/1.1 connections. -
service(ServiceBackend)Reference to the Kubernetes service expected to process requests as a backend.
The
Serviceresource this field refers to must be described in line with the standard configuration.A backend must either have a service or an Object Storage bucket specified (
storageBucket) but not both.-
name(string, required)Kubernetes service name.
-
port(ServiceBackendPort, required)Port of the service
Ingresswill access.The field is designed for Ingress controller operation and does not match any of the Application Load Balancer resource fields.
-
name(string)Service port name.
The name must match one of the port names specified in the
spec.ports.namefields of theServiceresource. For more information, see the resource specification.Either a name or a
numbermust be specified for the service port but not both. -
number(int32)Service port number.
The number must match one of the port numbers specified in the
spec.ports.portfields of theServiceresource. For more information, see the resource specification.Either a number or a
namemust be specified for the service port but not both.
-
-
-
storageBucket(StorageBucketBackend)Reference to a Yandex Object Storage bucket expected to process requests as a backend. To learn more about using a bucket as a backend, see Backend types.
Warning
To use a bucket as a backend, grant public access to the list of objects in the bucket and permission to read them.
Either a bucket or a Kubernetes service (
service) must be specified for a backend but not both.-
name(string, required)Bucket name.
-
-
tls(BackendTLS)TLS connection settings for the load balancer nodes and backend endpoints.
If the field is specified, the load balancer established TLS connections with the backend and compares the certificates received to the certificate specified in the
trustedCafield. If the field is not specified, the load balancer will make unencrypted connections to the backend.-
sni(string)Domain name specified as the value for the Server Name Indication (SNI) TLS extension.
-
trustedCa(string)Contents of the X.509 certificate issued by a certificate authority in PEM format.
-
-
healthChecks([]HealthChecks)Settings for custom health checks of applications in a Managed Service for Kubernetes cluster.
By default, the Application Load Balancer Ingress controller accepts health check requests from the L7 load balancer on TCP port
10501and checks if the kube-proxy pods work properly on each cluster node. If kube-proxy is healthy, then, even if an application in a particular pod does not respond, Kubernetes will redirect traffic to a different pod with that application or to a different node.The
healthChecksparameters allow you to customize application health checks.-
http(HttpBackend)Sets HTTP as the protocol to use for the health check.
-
path(string)Path to the application's health check endpoint in the request URI, e.g.
/health.
-
-
port(int32)Port on the cluster nodes used to check the application's availability. The same port is specified in the
NodePorttype Service resource, in thespec.ports.nodePortparameter.The application will be available for health checks at
http://<node_IP_address>:<port>/<path>. -
healthyThreshold(int32)Number of consecutive successful checks to consider the application endpoint healthy.
-
unhealthyThreshold(int32)Number of consecutive failed checks to consider the application endpoint unhealthy.
-
timeout(string)Response timeout in seconds. The possible values range from
1sto60s. -
interval(string)Interval between health check requests in seconds.
The possible values range from
1sto60s. Theintervalvalue must be larger thantimeoutby at least one second.
-
-
-