Fields and annotations of the Service resource for the Ingress controller
The Service resource represents the Kubernetes service. For the Ingress controller, Application Load Balancer services are backends between which the incoming traffic is distributed within a Managed Service for Kubernetes cluster. Services acting as Application Load Balancer backends may be specified in the Ingress resource either directly or as part of HttpBackendGroup groups.
Tip
We recommend using the new Yandex Cloud Gwin controller instead of an Application Load Balancer Ingress controller.
Service is a standard Kubernetes resource. Below, you can find the descriptions of the resource fields and annotations the Application Load Balancer tools for Managed Service for Kubernetes interface with. For resource configuration details, see this Kubernetes guide.
Service
apiVersion: v1
kind: Service
metadata: <ObjectMeta>
spec: <ServiceSpec>
|
Field |
Value / Type |
Description |
|
|
|
This is a required field. Kubernetes API version. |
|
|
|
Resource type |
|
|
|
This is a required field. Resource metadata. |
|
|
|
This is a required field. Resource specification. |
Example
apiVersion: v1
kind: Service
metadata:
name: alb-demo-1
spec:
selector:
app: alb-demo-1
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
nodePort: 30081
ObjectMeta
name: <string>
annotations:
ingress.alb.yc.io/protocol: <string>
ingress.alb.yc.io/transport-security: <string>
ingress.alb.yc.io/health-checks: <string>
|
Field |
Value or type |
Description |
|
|
|
Required. This name is not the balancer name in Application Load Balancer. |
|
|
|
Required. Resource annotations. |
Annotations (metadata.annotations)
Annotations are collections of key:value pairs for assigning metadata to objects. Annotation values are always of the string data type. For more information on annotations, see the relevant Kubernetes article.
In Application Load Balancer, annotations are only used in the Service resources to set up ingress controllers.
You can add the following annotations to ObjectMeta:
-
ingress.alb.yc.io/protocol
Protocol for connections between the load balancer and
Ingress-defined backends:http: HTTP/1.1. This is a default value.http2: HTTP/2.grpc: gRPC.
-
ingress.alb.yc.io/transport-security
Encryption protocol for connections between the load balancer and backends specified in
Ingressdirectly, as opposed to theHttpBackendGroup.The acceptable annotation value is
tls: TLS without certificate validation.If annotation is not specified, the load balancer will connect to the backends without encryption.
This annotation is ignored for grouped backends. When you encrypt a connection between a load balancer and grouped backends, you configure the encryption via the
spec.backend.tlsfield of theHttpBackendGroupresource (see the resource configuration). -
ingress.alb.yc.io/health-checks
Parameters for configuring custom application health checks in a cluster. We recommend configuring health checks for all backends.
-
http-path: Path to the application endpoint in the request URI for health checks (only forhttporhttp2connections to backends). The default value is/healthz. -
grpc-service-name: Application gRPC service name for health checks (only forgrpcconnections to backends). If not specified, the entire backend will be health-checked. -
port: Port on the cluster nodes used to check the application's availability. The application will be available for health checks athttp://<node_IP_address>:<port>/<path>. -
healthy-threshold: Number of consecutive successful checks to consider the application endpoint healthy. The default value is1. -
unhealthy-threshold: Number of consecutive failed checks to consider the application endpoint unhealthy. The default value is1. -
timeout: Response timeout in seconds. The values range from1sto60s. The default value is2s. -
interval: Interval between health check requests in seconds. The values range from1sto60s. The default value is5s. Theintervalvalue must be larger thantimeoutby at least one second.
portis a required parameter. If you omit the other parameters, they will be set to their default values.The parameters are given as a comma-separated list. Here is an example:
... annotations: ingress.alb.yc.io/health-checks: port=30103,http-path=/health-1,timeout=10s,interval=20s,healthy-threshold=3,unhealthy-threshold=2 ... -
ServiceSpec
type: NodePort
ports:
- <ServicePort>
-
|
Field |
Value or type |
Description |
|
|
|
Required. Service type. Warning Kubernetes backend services referenced in |
|
|
|
Required. List of ports where the service is available. |
ServicePort
port: <int32>
name: <string>
protocol: <protocol>
nodePort: <int32>
|
Field |
Value or type |
Description |
|
|
|
Required. You can use this number if you designate a service as a backend:
|
|
|
|
Port name within the service. You can use this name if you designate a service as a backend:
|
|
|
|
Network protocol for the port. |
|
|
|
Number of the port opened on the cluster nodes on which the service is deployed. The load balancer sends traffic to this port, and Kubernetes forwards the traffic to the service on its port in the Corresponds to the backend port in the Application Load Balancer backend group. |