Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
AWS ELB-related annotations for Kubernetes Services (as of v1.12.0)

AWS Service annotations

  • service.beta.kubernetes.io/aws-load-balancer-access-log-emit-interval (in minutes)
  • service.beta.kubernetes.io/aws-load-balancer-access-log-enabled (true|false)
  • service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-name
  • service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-prefix
  • service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags (comma-separated list of key=value)
  • service.beta.kubernetes.io/aws-load-balancer-backend-protocol (http|https|ssl|tcp)
  • service.beta.kubernetes.io/aws-load-balancer-connection-draining-enabled (true|false)
  • service.beta.kubernetes.io/aws-load-balancer-connection-draining-timeout (in seconds)
  • service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout (in seconds, default 60)
  • service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled (true|false)
  • service.beta.kubernetes.io/aws-load-balancer-extra-security-groups (comma-separated list)
  • service.beta.kubernetes.io/aws-load-balancer-healthcheck-healthy-threshold
  • service.beta.kubernetes.io/aws-load-balancer-healthcheck-interval
  • service.beta.kubernetes.io/aws-load-balancer-healthcheck-timeout
  • service.beta.kubernetes.io/aws-load-balancer-healthcheck-unhealthy-threshold
  • service.beta.kubernetes.io/aws-load-balancer-internal (true|false)
  • service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: '*'
  • service.beta.kubernetes.io/aws-load-balancer-ssl-cert (IAM or ACM ARN)
  • service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy
  • service.beta.kubernetes.io/aws-load-balancer-ssl-ports (default '*')
  • service.beta.kubernetes.io/aws-load-balancer-type: nlb
@Ghilteras
Copy link

Ghilteras commented May 11, 2022

I dont think service.beta.kubernetes.io/aws-load-balancer-type supports nlb
it has to be nlb-ip

@haarchri
Copy link

haarchri commented Jun 27, 2022

is private static IPs supportet via annotations ?

@c4m4
Copy link

c4m4 commented Jun 27, 2022

service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"

For backwards compatibility, controller still supports the nlb-ip as the type annotation. For example, if you specify

service.beta.kubernetes.io/aws-load-balancer-type: nlb-ip

@c4m4
Copy link

c4m4 commented Jun 27, 2022

is private static IPs supportet via annotations ?

To use an static ip, you need to specify this in the k8s service

@haarchri
Copy link

haarchri commented Jun 27, 2022

we have set the following annotations to our ingress-controller to automatically spawn an nlb in front of our eks/ingress-nginx

kubectl describe service ingress-nginx-controller -n ingress-nginx:

service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: true
service.beta.kubernetes.io/aws-load-balancer-internal: true
service.beta.kubernetes.io/aws-load-balancer-private-ipv4-addresses: 10.19.64.10, 10.19.128.10, 10.19.192.10
service.beta.kubernetes.io/aws-load-balancer-scheme: internal
service.beta.kubernetes.io/aws-load-balancer-type: nlb

But the nlb always spawns with dynamic IPs.

@RichardoC
Copy link

RichardoC commented Sep 5, 2022

we have set the following annotations to our ingress-controller to automatically spawn an nlb in front of our eks/ingress-nginx

kubectl describe service ingress-nginx-controller -n ingress-nginx:

service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: true
service.beta.kubernetes.io/aws-load-balancer-internal: true
service.beta.kubernetes.io/aws-load-balancer-private-ipv4-addresses: 10.19.64.10, 10.19.128.10, 10.19.192.10
service.beta.kubernetes.io/aws-load-balancer-scheme: internal
service.beta.kubernetes.io/aws-load-balancer-type: nlb

But the nlb always spawns with dynamic IPs.

Are you using the AWS Load Balancer Controller or what's built in to EKS? That annotation only seems to be used by the AWS LBC which needs to be installed separately.
https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.3/guide/service/annotations/

@kamaraj-muthupandian
Copy link

kamaraj-muthupandian commented Nov 24, 2022

is http2 supported via annotations ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment