Contact usConsole
© 2023 Nebius Israel Ltd
Application Load Balancer

HttpBackendGroup resource fields

The HttpBackendGroup resource enables you to combine backends that are Kubernetes services and that traffic is distributed to, into a group. The Application Load Balancer Ingress controller uses these resources to create backend groups.

You must add a reference to HttpBackendGroup to the Ingress resource.

Using HttpBackendGroup makes extended Application Load Balancer functionality available. A group like this may have Kubernetes services or Object Storage buckets as backends. In HttpBackendGroup, you can also specify relative backend weight to allocate traffic to them proportionately.

HttpBackendGroup is a custom resource from the API alb.yc.io, group provided by the Ingress controller.

HttpBackendGroup

apiVersion: alb.yc.io/v1alpha1
kind: HttpBackendGroup
metadata:
  name: <string>
spec:
  backends:
    - name: <string>
      weight: <int64>
      useHttp2: <bool>
      service:
         name: <int64>
         port:
           name: <string>
           number: <int32>
      storageBucket:
        name: <string>
      tls:
        sni: <string>
        trustedCa: <string>
    - ...

Where:

  • apiVersion: alb.yc.io/v1alpha1

  • kind: HttpBackendGroup

  • metadata (ObjectMeta, required)

    Resource metadata.

    • name (string, required)

      Resource name. For more information about format, please see the Kubernetes documentation.

      You must specify this name in the spec.rules.http.paths.backend.resource.name field of the Ingress resource (see reference).

      Does not match the backend group name in Application Load Balancer.

  • spec (HttpBackendGroupSpec)

    Resource specification.

    • backends ([]HttpBackend)

      List of backends included in a group.

      • name (string, required)

        Backend name.

      • weight (int64)

        Relative backend weight. Traffic is distributed to backends in a group as a function of backend weights.

        Weights must be specified either for all backends in a group, or for none. If weights are not specified, traffic is distributed to the backends as if they had identical positive weights.

        If a non-positive weight is specified, a backend will not receive traffic.

      • useHttp2 (bool)

        Enables HTTP/2 connections between load balancer nodes and backend endpoints.

        The default value is false causing HTTP/1.1 connections to be made.

      • service (ServiceBackend)

        Reference to the Kubernetes service expected to be the backend to process the requests.

        The Service resource this field points to must be described as in the specification.

        A backend must either have a service or a Object Storage bucket specified (storageBucket) but not both.

        • name (string, required)

          Kubernetes service name.

        • port (ServiceBackendPort, required)

          Port of the service Ingress will access.

          The field is designed for Ingress controller operation and does not match any of the Application Load Balancer resource fields.

          • name (string)

            Service port name.

            The name must match one of the port names specified in the spec.ports.name fields of the Service resource. For more detail, please see the resource specification.

            Either a name or a number must be specified for the service port but not both.

          • number (int32)

            Service port number.

            The number must match one of the port numbers specified in the spec.ports.port fields of the Service resource. For more detail, please see the resource specification.

            Either a number or a name must be specified for the service port but not both.

      • storageBucket (StorageBucketBackend)

        Reference to a Object Storage bucket expected to process requests as a backend. For more detail on using a bucket as a backend, please review Backend types.

        Warning

        To use a bucket as a backend, grant public access to the list of objects in the bucket and permission to read them.

        Either a bucket or a Kubernetes service (service) must be specified for a backend but not both.

        • name (string, required)

          Bucket name.

      • tls (BackendTLS)

        TLC connection settings for load balancer nodes and backend endpoints.

        If the field is specified, the load balancer established TLS connections with the backend and compares the certificates received to the certificate specified in the trustedCa field. If the field is not specified, the load balancer will make unencrypted connections to the backend.

        • sni (string)

          Domain name specified as the value for the Server Name Indication (SNI) TLS extension.

        • trustedCa (string)

          Contents of the X.509 certificate issued by a certificate authority in PEM format.