Service Options

These options can be set in a Service object's metadata.annotations section to change how requests are routed for a particular service.

check

Enables TCP level health checks on pods and attempts a TCP connection periodically.

Values
  • true (default)

  • false

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/check: "true"
spec:
  # service specification...

check-http

Enables HTTP level health checks on pods and sends an HTTP request periodically. The check setting must be true.

Values
  • URI to make HTTP requests to, e.g. /health

  • URI with method, e.g. HEAD /health

  • URI, method and HTTP version, e.g. HEAD /health HTTP/1.1

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/check: "true"
    haproxy.org/check-http: "/health"
spec:
  # service specification...

check-interval

Sets the interval between health checks when check is enabled.

Values
  • Integer with time unit suffix (1m = 1 minute, 10s = 10 seconds)

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/check: "true"
    haproxy.org/check-interval: "1m"
spec:
  # service specification...

forwarded-for

Adds the X-Forwarded-For HTTP header to requests to capture and relay the client's source IP address to backend pods.

Values
  • true (default)

  • false

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/forwarded-for: "true"
spec:
  # service specification...

load-balance

Sets the load-balancing algorithm to use.

Values
  • roundrobin (default)

  • static-rr

  • leastconn

  • first

  • source

  • uri

  • url_param

  • hdr([name])

  • random

  • random([draws])

  • rdp-cookie

  • rdp-cookie([name])

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/load-balance: "leastconn"
spec:
  # service specification...

path-rewrite

Replaces the entire URL path with the given value.

Values
  • A single path, such as "/", to turn any path into "/"

  • Two parameters. A regular expression to match and a path to replace it with.

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    # replace all paths with /
    haproxy.org/path-rewrite: "/"

    # remove the prefix /foo... "/bar?q=1" into "/foo/bar?q=1"
    haproxy.org/path-rewrite: (.*) /foo\1

    # add the suffix /foo ... "/bar?q=1" into "/bar/foo?q=1"
    haproxy.org/path-rewrite: ([^?]*)(\?(.*))? \1/foo\2

    # strip /foo ... "/foo/bar?q=1" into "/bar?q=1"
    haproxy.org/path-rewrite: /foo/(.*) /\1
spec:
  # service specification...

pod-maxconn

Sets the maximum number of concurrent backend connections allowed.

Values
  • An integer setting the maximum number of concurrent backend connections

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/pod-maxconn: 30
spec:
  # service specification...

server-ssl

Enables SSL to pods.

Values
  • true

  • false (default)

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/server-ssl: "true"
spec:
  # service specification...

set-host

Sets the Host header to send to backend services.

Values
  • The value of the Host header

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/set-host: "example.local"
spec:
  # service specification...

ssl-passthrough

Passes SSL/TLS traffic through at Layer 4 directly to the backend service without Layer 7 inspection.

Values
  • true

  • false (default)

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/ssl-passthrough: "true"
spec:
  # service specification...

timeout-check

Sets an additional check timeout, but only after a connection has been already established.

Values
  • An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour)

Example

apiVersion: v1
kind: Service
metadata:
  labels:
    run: web
  name: web
  annotations:
    haproxy.org/timeout-check: "5s"
spec:
  # service specification...

Next up

Usage