Fields and annotations of the Service resource for the Ingress controller
The Service resource corresponds to the Kubernetes service. For the Ingress controller, Application Load Balancer services are backends between which the incoming traffic is distributed within a Managed Service for Kubernetes cluster. Services representing Application Load Balancer backends may be specified in the Ingress resource either directly or as part of HttpBackendGroup backend groups.
Service is a standard Kubernetes resource. Below, you can find the descriptions of the resource fields and annotations the Application Load Balancer tools for Managed Service for Kubernetes interface with. For a full description of the resource configuration, see the Kubernetes documentation.
Service
apiVersion: v1
kind: Service
metadata: <ObjectMeta>
spec: <ServiceSpec>
|
Field |
Value or type |
Description |
|
|
|
Required. Kubernetes API version. |
|
|
|
Resource type. |
|
|
|
Required. Resource metadata. |
|
|
|
Required. Resource specification. |
Example
apiVersion: v1
kind: Service
metadata:
name: alb-demo-1
spec:
selector:
app: alb-demo-1
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
nodePort: 30081
ObjectMeta
name: <string>
annotations:
ingress.alb.yc.io/protocol: <string>
ingress.alb.yc.io/transport-security: <string>
|
Field |
Value or type |
Description |
|
|
|
Required. This name is not the balancer name in Application Load Balancer. |
|
|
|
Required. Resource annotation. |
Annotations (metadata.annotations)
Annotations are collections of key:value pairs used for assigning metadata to objects. Annotation values are always of the string data type. For more on annotations, see the Kubernetes documentation.
In Application Load Balancer, annotations are used in the Service resources for Ingress controller configuration only.
You can provide the following annotations for the ObjectMeta object:
-
ingress.alb.yc.io/protocol
Connection protocol for the load balancer and backends described in
Ingress:http: HTTP/1.1; default valuehttp2: HTTP/2grpc: gRPC
-
ingress.alb.yc.io/transport-security
Connection encryption protocol for the load balancer and backends specified in
Ingressdirectly (withoutHttpBackendGroup).The acceptable value is
tls: TLS with no certificate challenge.If no annotation is specified, the load balancer connects to the backends with no encryption.
For backends belonging to groups, the annotation value is ignored. To encrypt connections between a load balancer and grouped backends, the
spec.backend.tlsfield of theHttpBackendGroupresource is used (see the resource configuration).
ServiceSpec
type: NodePort
ports:
- <ServicePort>
-
|
Field |
Value or type |
Description |
|
|
|
Required. Service type. Warning The Kubernetes services used as backends (as specified in the |
|
|
|
Required. List of ports where the service is available. |
ServicePort
port: <int32>
name: <string>
protocol: <protocol>
nodePort: <int32>
|
Field |
Value or type |
Description |
|
|
|
Required. You can use this number if you designate a service as a backend:
|
|
|
|
Port name within the service. You can use this name if you designate a service as a backend:
|
|
|
|
Network protocol for the port. |
|
|
|
Number of the port opened on the cluster nodes on which the service is deployed. The load balancer sends traffic to this port, and Kubernetes forwards the traffic to the service on its port in the Corresponds to the backend port in the Application Load Balancer backend group. |