Skip to main content

Kubernetes Service Annotations

The Services are responsible for configuring how to reach the actual services that will eventually handle the incoming requests.

Kubernetes provides the Services objects that allow connecting traefik Hub API Gateway to the pods.

Traefik Hub API Gateway provides annotations to customize the connection.

"Annotations or IngressRoute?"

The Ingress and Service objects are limited and force using annotations. For such a reason, we have created our own CRD IngressRoute that eases the configuration.

Even if you can use Ingress and Service objects, we recommend to use the IngressRoute to expose your APIs through Traefik Hub API Gateway.


Configuration Example

apiVersion: v1
kind: Service
metadata:
name: whoami
namespace: apps
annotations:
traefik.ingress.kubernetes.io/service.passhostheader: "true"
traefik.ingress.kubernetes.io/service.serverstransport: apps-mytransport@kubernetescrd
traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.name: my-sticky-cookie
spec:
ports:
- port: 80
name: whoami
selector:
app: whoami

Annotations

AnnotationDescriptionDefaultRequired
traefik.ingress.kubernetes.io/
service.nativelb
Allow using the Kubernetes Service load balancing between the pods instead of the one provided by Traefik Hub API Gateway.falseNo
traefik.ingress.kubernetes.io/
service.nodeportlb
Use the nodePort IP address when the service type is NodePort.
It allows services to be reachable when Traefik Hub APi Gateway runs externally from the Kubernetes cluster but within the same network of the nodes.
falseNo
traefik.ingress.kubernetes.io/
service.serversscheme
Scheme to use for the request to the upstream Kubernetes Service."http"
"https" if port is 443 or contains the string https.
No
traefik.ingress.kubernetes.io/
service.serverstransport
Name of ServersTransport resource to use to configure the transport between Traefik and your servers.
Format: <serverstransport-namespace>-<serverstransport-name>@<providername>.
Ex: apps-mytransport@kubernetescrd
""No
traefik.ingress.kubernetes.io/
service.passhostheader
Forward client Host header to server.trueNo
traefik.ingress.kubernetes.io/
service.sticky.
cookie.name
Name of the cookie used for the stickiness.""No
traefik.ingress.kubernetes.io/
service.sticky.
cookie.httpOnly
Allow the cookie can be accessed by client-side APIs, such as JavaScript.falseNo
traefik.ingress.kubernetes.io/
service.sticky.
cookie.secure
Allow the cookie can only be transmitted over an encrypted connection (i.e. HTTPS).falseNo
traefik.ingress.kubernetes.io/
service.sticky.
cookie.sameSite
SameSite policy.""No
traefik.ingress.kubernetes.io/
service.sticky.
cookie.maxAge
Number of seconds until the cookie expires.
Negative number, the cookie expires immediately.
0, the cookie never expires.
0No