Service Options
These options can be set in a Service object's metadata.annotations section to change how requests are routed for a particular service.
check
Enables TCP level health checks on pods and attempts a TCP connection periodically.
- Values
-
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/check: "true"
spec:
# service specification...
check-http
Enables HTTP level health checks on pods and sends an HTTP request periodically. The check setting must be true.
- Values
-
URI to make HTTP requests to, e.g. /health
URI with method, e.g. HEAD /health
URI, method and HTTP version, e.g. HEAD /health HTTP/1.1
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/check: "true"
haproxy.org/check-http: "/health"
spec:
# service specification...
check-interval
Sets the interval between health checks when check is enabled.
- Values
-
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/check: "true"
haproxy.org/check-interval: "1m"
spec:
# service specification...
cookie-persistence
Enables persistent connections between a client and a pod by inserting a cookie into the client's browser that is used to remember which backend pod they connected to before.
- Values
-
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/cookie-persistence: "mycookie"
spec:
# service specification...
forwarded-for
Adds the X-Forwarded-For HTTP header to requests to capture and relay the client's source IP address to backend pods.
- Values
-
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/forwarded-for: "true"
spec:
# service specification...
load-balance
Sets the load-balancing algorithm to use.
- Values
-
roundrobin (default)
static-rr
leastconn
first
source
uri
url_param
hdr([name])
random
random([draws])
rdp-cookie
rdp-cookie([name])
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/load-balance: "leastconn"
spec:
# service specification...
path-rewrite
Replaces the entire URL path with the given value.
- Values
-
A single path, such as "/", to turn any path into "/"
Two parameters. A regular expression to match and a path to replace it with.
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
# replace all paths with /
haproxy.org/path-rewrite: "/"
# remove the prefix /foo... "/bar?q=1" into "/foo/bar?q=1"
haproxy.org/path-rewrite: (.*) /foo\1
# add the suffix /foo ... "/bar?q=1" into "/bar/foo?q=1"
haproxy.org/path-rewrite: ([^?]*)(\?(.*))? \1/foo\2
# strip /foo ... "/foo/bar?q=1" into "/bar?q=1"
haproxy.org/path-rewrite: /foo/(.*) /\1
spec:
# service specification...
pod-maxconn
Sets the maximum number of concurrent backend connections allowed.
- Values
-
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/pod-maxconn: 30
spec:
# service specification...
server-ssl
Enables SSL to pods.
- Values
-
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/server-ssl: "true"
spec:
# service specification...
set-host
Sets the Host header to send to backend services.
- Values
-
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/set-host: "example.local"
spec:
# service specification...
ssl-passthrough
Passes SSL/TLS traffic through at Layer 4 directly to the backend service without Layer 7 inspection.
- Values
-
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/ssl-passthrough: "true"
spec:
# service specification...
timeout-check
Sets an additional check timeout, but only after a connection has been already established.
- Values
-
Example
apiVersion: v1
kind: Service
metadata:
labels:
run: web
name: web
annotations:
haproxy.org/timeout-check: "5s"
spec:
# service specification...
Next up
Usage