Updated on 2024-01-26 GMT+08:00

Configuring ELB Ingresses Using Annotations

By adding annotations to a YAML file, you can implement more advanced ingress functions. This section describes the annotations that can be used when you create an ingress of the ELB type.

Interconnecting with ELB

Table 1 Annotations for interconnecting with ELB

Parameter

Type

Description

Supported Cluster Version

kubernetes.io/elb.class

String

Select a proper load balancer type.

The value can be:

  • union: shared load balancer
  • performance: dedicated load balancer, which can be used only in clusters of v1.17 and later.

v1.9 or later

kubernetes.io/ingress.class

String

  • cce: The self-developed ELB ingress is used.
  • nginx: Nginx ingress is used.

This parameter is mandatory when an ingress is created by calling the API.

For clusters of v1.23 or later, use the parameter ingressClassName. For details, see Using kubectl to Create an ELB Ingress.

Only clusters of v1.21 or earlier

kubernetes.io/elb.port

Integer

This parameter indicates the external port registered with the address of the LoadBalancer Service.

Supported range: 1 to 65535

NOTE:

Some ports are high-risk ports and are blocked by default, for example, port 21.

v1.9 or later

kubernetes.io/elb.id

String

Mandatory when an existing load balancer is to be interconnected.

ID of a load balancer.

How to obtain:

On the management console, click Service List, and choose Networking > Elastic Load Balance. Click the name of the target load balancer. On the Summary tab page, find and copy the ID.

v1.9 or later

kubernetes.io/elb.ip

String

Mandatory when an existing load balancer is to be interconnected.

This parameter indicates the service address of a load balancer. The value can be the public IP address of a public network load balancer or the private IP address of a private network load balancer.

v1.9 or later

kubernetes.io/elb.autocreate

Table 5 Object

Mandatory when load balancers are automatically created.

Example

  • If a public network load balancer will be automatically created, set this parameter to the following value:

    '{"type":"public","bandwidth_name":"cce-bandwidth-1551163379627","bandwidth_chargemode":"bandwidth","bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","name":"james"}'

  • If a private network load balancer will be automatically created, set this parameter to the following value:

    {"type":"inner","name":"A-location-d-test"}

v1.9 or later

kubernetes.io/elb.enterpriseID

String

Optional when load balancers are automatically created.

Clusters of v1.15 and later support this field. In clusters earlier than v1.15, load balancers are created in the default project by default.

This parameter indicates the ID of the enterprise project in which the ELB load balancer will be created.

If this parameter is not specified or is set to 0, resources will be bound to the default enterprise project.

How to obtain:

Log in to the EPS console. In the navigation pane, choose Project Management. In the enterprise project list, click the name of the enterprise project to be added. On the enterprise project details page, copy the project ID.

v1.15 or later

kubernetes.io/elb.subnet-id

String

Optional when load balancers are automatically created.

ID of the subnet where the cluster is located. The value can contain 1 to 100 characters.

  • Mandatory when a cluster of v1.11.7-r0 or earlier is to be automatically created.
  • Optional for clusters later than v1.11.7-r0.

Mandatory for clusters earlier than v1.11.7-r0

Discarded in clusters later than v1.11.7-r0

To use the preceding annotations, perform the following steps:

Using HTTP/2

Table 2 Annotations of using HTTP/2

Parameter

Type

Description

Supported Cluster Version

kubernetes.io/elb.http2-enable

String

Whether HTTP/2 is enabled. Request forwarding using HTTP/2 improves the access performance between your application and the load balancer. However, the load balancer still uses HTTP 1.X to forward requests to the backend server. This parameter is supported in clusters of v1.19.16-r0, v1.21.3-r0, and later.

Options:

  • true: enabled
  • false: disabled (default value)

Note: HTTP/2 can be enabled or disabled only when the listener uses HTTPS. This parameter is invalid and defaults to false when the listener protocol is HTTP.

v1.19.16-r0, v1.21.3-r0, or later

For details about the application scenarios, see ELB Ingresses Using HTTP/2.

Interconnecting with HTTPS Backend Services

Table 3 Annotations for interconnecting with HTTPS backend services

Parameter

Type

Description

Supported Cluster Version

kubernetes.io/elb.pool-protocol

String

To interconnect with HTTPS backend services, set this parameter to https.

v1.23.8, v1.25.3, or later

For details about the application scenarios, see Interconnecting ELB Ingresses with HTTPS Backend Services.

Configuring Timeout for an Ingress

Table 4 Annotations of configuring ingress redirection rules

Parameter

Type

Description

Supported Cluster Version

kubernetes.io/elb.keepalive_timeout

Integer

Timeout for client connections. If there are no requests reaching the load balancer after the timeout duration elapses, the load balancer will disconnect the connection with the client and establish a new connection when there is a new request.

Value:

  • For TCP listeners, the value ranges from 10 to 4000 (in seconds). The default value is 300.
  • For HTTP or HTTPS listeners, the value ranges from 0 to 4000 (in seconds). The default value is 60.

For UDP listeners, this parameter does not take effect.

v1.19.16-r30, v1.21.10-r10, v1.23.8-r10, v1.25.3-r10, and later

kubernetes.io/elb.client_timeout

Integer

Timeout duration for waiting for a response from a client. There are two situations:

  • If the client fails to send a request header to the load balancer within the timeout duration, the request will be interrupted.
  • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.

The value ranges from 1 to 300 (in seconds). The default value is 60.

This parameter is available only for HTTP and HTTPS listeners.

Minimum value: 1

Maximum value: 300

Default value: 60

v1.19.16-r30, v1.21.10-r10, v1.23.8-r10, v1.25.3-r10, and later

kubernetes.io/elb.member_timeout

Integer

Timeout duration for waiting for a response from a backend server. After a request is forwarded to the backend server, if the backend server does not respond within the duration specified by member_timeout, the load balancer will stop waiting and return return HTTP 504 Gateway Timeout.

The value ranges from 1 to 300 (in seconds). The default value is 60.

This parameter is available only for HTTP and HTTPS listeners.

Minimum value: 1

Maximum value: 300

Default value: 60

v1.19.16-r30, v1.21.10-r10, v1.23.8-r10, v1.25.3-r10, and later

For details about the application scenarios, see Configuring Timeout for an ELB Ingress.

Data Structure

Table 5 Data structure of the elb.autocreate field

Parameter

Mandatory

Type

Description

name

No

String

Name of the automatically created load balancer.

The value can contain 1 to 64 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.

Default: cce-lb+service.UID

type

No

String

Network type of the load balancer.

  • public: public network load balancer
  • inner: private network load balancer

Default: inner

bandwidth_name

Yes for public network load balancers

String

Bandwidth name. The default value is cce-bandwidth-******.

The value can contain 1 to 64 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.

bandwidth_chargemode

No

String

Bandwidth mode.

  • bandwidth: billed by bandwidth
  • traffic: billed by traffic

Default: bandwidth

bandwidth_size

Yes for public network load balancers

Integer

Bandwidth size. The default value is 1 to 2000 Mbit/s. Configure this parameter based on the bandwidth range allowed in your region.

The minimum increment for bandwidth adjustment varies depending on the bandwidth range.
  • The minimum increment is 1 Mbit/s if the allowed bandwidth does not exceed 300 Mbit/s.
  • The minimum increment is 50 Mbit/s if the allowed bandwidth ranges from 300 Mbit/s to 1000 Mbit/s.
  • The minimum increment is 500 Mbit/s if the allowed bandwidth exceeds 1000 Mbit/s.

bandwidth_sharetype

Yes for public network load balancers

String

Bandwidth sharing mode.

  • PER: dedicated bandwidth

eip_type

Yes for public network load balancers

String

EIP type.

  • 5_bgp: dynamic BGP

The specific type varies with regions. For details, see the EIP console.

available_zone

Yes

Array of strings

AZ where the load balancer is located.

This parameter is available only for dedicated load balancers.

l4_flavor_name

Yes

String

Flavor name of the layer-4 load balancer.

This parameter is available only for dedicated load balancers.

l7_flavor_name

No

String

Flavor name of the layer-7 load balancer.

This parameter is available only for dedicated load balancers. The value of this parameter must be the same as that of l4_flavor_name, that is, both are elastic specifications or fixed specifications.

elb_virsubnet_ids

No

Array of strings

Subnet where the backend server of the load balancer is located. If this parameter is left blank, the default cluster subnet is used. Load balancers occupy different number of subnet IP addresses based on their specifications. Therefore, you are not advised to use the subnet CIDR blocks of other resources (such as clusters and nodes) as the load balancer CIDR block.

This parameter is available only for dedicated load balancers.

Example:

"elb_virsubnet_ids": [
   "14567f27-8ae4-42b8-ae47-9f847a4690dd"
 ]