Fields and annotations of the Service resource
The Service
resource defines the Kubernetes service. For Application Load Balancer tools for Managed Service for Kubernetes, such as the Ingress controller and Gateway API, the services are backends between which the incoming traffic is distributed. The services acting as Application Load Balancer backends may be specified in the Ingress
resource either directly or as part of HttpBackendGroup
backend groups. When using the Gateway API, backend services are specified in the HTTPRoute
resource.
Service
is a standard Kubernetes resource. This reference describes the fields and annotations of the resource the Application Load Balancer tools for Managed Service for Kubernetes interface with. For a complete reference for the resource, please see the Kubernetes documentation
Service
apiVersion: v1
kind: Service
metadata: <ObjectMeta>
spec: <ServiceSpec>
Field |
Value or type |
Description |
|
|
Required |
|
|
Resource type |
|
|
Required |
|
|
Required |
apiVersion: v1
kind: Service
metadata:
name: alb-demo-1
spec:
selector:
app: alb-demo-1
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
nodePort: 30081
ObjectMeta
name: <string>
annotations:
ingress.alb.yc.io/protocol: <string>
ingress.alb.yc.io/transport-security: <string>
Field |
Value or type |
Description |
|
|
Required |
|
|
Required |
Annotations (metadata.annotations)
Annotations are collections of key:value
pairs used for assigning metadata to objects. Annotation values are always of the string
data type. For more on annotations, see the Kubernetes documentation
You can provide the following annotations for the ObjectMeta
object:
-
ingress.alb.yc.io/protocol
Connection protocol for the load balancer and backends described in
Ingress
:http
: HTTP/1.1; default valuehttp2
: HTTP/2grpc
: gRPC
-
ingress.alb.yc.io/transport-security
Connection encryption protocol for the load balancer and backends specified in
Ingress
directly (withoutHttpBackendGroup
).The acceptable value is
tls
: TLS with no certificate challenge.If no annotation is specified, the load balancer connects to the backends with no encryption.
For backends belonging to groups, the annotation value is ignored. When you encrypt a connection between a load balancer and grouped backends, you configure the encryption via the
spec.backend.tls
field of theHttpBackendGroup
resource (see the resource reference).
ServiceSpec
type: NodePort
ports:
- <ServicePort>
-
Field |
Value or type |
Description |
|
|
Required Warning The Kubernetes services used as backends (as specified in the |
|
|
ServicePort
port: <int32>
name: <string>
protocol: <protocol>
nodePort: <int32>
Field |
Value or type |
Description |
|
|
Required You can use this number if you designate a service as a backend: |
|
|
Port name within the service. You can use this name if you designate a service as a backend: |
|
|
Network protocol for the port. Only |
|
|
Number of the port opened on the cluster nodes on which the service is deployed. The load balancer sends traffic to this port, and Kubernetes forwards the traffic to the service on its port in the Corresponds to the backend port in the Application Load Balancer backend group. |