Introduction to ALB Ingress global configurations - Container Service for Kubernetes

You can use an AlbConfig to define the configuration of an Application Load Balancer (ALB) instance. This topic describes the annotations that are supported by ALB Ingresses. This topic also introduces the AlbConfig fields and how these fields are used.

Annotations supported by ALB Ingresses

You can add annotations to ALB Ingresses based on your business requirements.

Health checks

Annotation	Description
alb.ingress.kubernetes.io/healthcheck-enabled	Specifies whether to enable the health check feature for backend server groups. For more information, see Configure health checks. `true`: enables the health check feature. `false`: disables the health check feature. Default value: `false`.
alb.ingress.kubernetes.io/healthcheck-path	The URL that is used for health checks. Default value: `/`.
alb.ingress.kubernetes.io/healthcheck-protocol	The protocol for health checks. `HTTP`: Health checks are performed by using HTTP. HEAD or GET requests are sent to a backend server to check its health status. `HTTPS`: Health checks are performed by using HTTPS. HEAD or GET requests are sent to a backend server to check its health status. `TCP`: Health checks are performed by using TCP. SYN packets are sent to a backend server to check whether the port of the backend server is available to receive requests. `GRPC`: Health checks are performed by using gRPC. POST or GET requests are sent to a backend server to check its health status. Default value: `HTTP`.
alb.ingress.kubernetes.io/healthcheck-httpversion	The version of the HTTP protocol. This parameter takes effect only when the `healthcheck-protocol` is set to `HTTP` or `HTTPS`. `HTTP1.0` `HTTP1.1` Default value: `HTTP1.1`.
alb.ingress.kubernetes.io/healthcheck-method	The health check method. `HEAD` `POST` `GET` Default value: `HEAD`. Important If you set `healthcheck-protocol` to `GRPC`, you must set this parameter to `POST` or `GET`.
alb.ingress.kubernetes.io/healthcheck-httpcode	The status codes returned for health checks. A backend server is considered healthy only when the health check request is successful and one of the specified status codes is returned. You can select one or more of the following status codes, and separate multiple status codes with commas (,): `http_2xx` `http_3xx` `http_4xx` `http_5xx` Default value: `http_2xx`.
alb.ingress.kubernetes.io/healthcheck-code	The status codes returned for health checks. A backend server is considered healthy only when the health check request is successful and one of the specified status codes is returned. If you specify both this parameter and `healthcheck-httpcode`, this parameter takes precedence. Values for this parameter depend on the value specified in `healthcheck-protocol`: `HTTP` or `HTTPS`: You can select one or more of the following status codes, and separate multiple status codes with commas (,): `http_2xx` `http_3xx` `http_4xx` `http_5xx` Default value: `http_2xx`. `GRPC`: Valid values: 0 to 99. Default value: `0`. Value ranges are supported. You can enter up to 20 value ranges and must separate each range with a comma (,).
alb.ingress.kubernetes.io/healthcheck-timeout-seconds	The health check timeout period in seconds. Valid values: 1 to 300. Default value: `5`.
alb.ingress.kubernetes.io/healthcheck-interval-seconds	The health check interval in seconds. Valid values: 1 to 50. Default value: `2`.
alb.ingress.kubernetes.io/healthy-threshold-count	The number of times that a server must consecutively pass health checks before it is considered healthy. Valid values: 2 to 10. Default value: `3`.
alb.ingress.kubernetes.io/unhealthy-threshold-count	The number of times that a server must consecutively fail health checks before it is considered unhealthy. Valid values: 2 to 10. Default value: `3`.
alb.ingress.kubernetes.io/healthcheck-connect-port	The port that is used for health checks. Default value: `0`. Note The value `0` indicates that the port of a backend server is used for health checks.

Redirects

Annotation

Description

alb.ingress.kubernetes.io/ssl-redirect

Specifies whether to return a status code of 308 for HTTP requests and redirect them to HTTPS listeners on port 443. For more information about how to configure a redirection, see Redirect HTTP requests to HTTPS.

true: redirects to HTTPS requests.
false: does not redirect to HTTPS requests.

Default value: false.

Backend server protocol

Annotation

Description

alb.ingress.kubernetes.io/backend-protocol

The protocol used by backend server groups. For more information, Configure the HTTPS or gRPC protocol.

http
https
grpc

Default value: http.

Note

The backend server protocols supported by listeners depend on the listener type:

HTTP listeners support HTTP and HTTPS.
HTTPS listeners support HTTP, HTTPS, and gRPC.
QUIC listeners support HTTP.

Rewrites

Annotation	Description
alb.ingress.kubernetes.io/rewrite-target	The path that overwrites the path in requests. For more information, see Configure rewrite rules.

Listeners

Annotation

Description

alb.ingress.kubernetes.io/listen-ports

The listening ports and protocols of listeners associated with an ALB Ingress. For more information, see Configure custom listening ports.

Examples:

'[{"HTTP": 80}]' : associates an HTTP listener that listens on port 80.
'[{"HTTPS": 443}]' : associates an HTTPS listener that listens on port 443.
'[{"QUIC": 443}]' : associates a QUIC listener that listens on port 443.
'[{"HTTP": 80}, {"HTTPS": 443}]' : associates an HTTP listener that listens on port 80 and an HTTPS listener that listens on port 443.
'[{"HTTPS": 443}, {"QUIC": 443}]' : associates an HTTPS listener that listens on port 443 and a QUIC listener that listens on port 443.

Slow start

Annotation

Description

alb.ingress.kubernetes.io/slow-start-enabled

Specifies whether to enable the slow start mode. After you enable slow start mode, the ALB Ingress gradually distributes traffic to new pods added to the Service backend to avoid sudden CPU and memory spikes caused by the startup of the pods. For more information about slow start configurations, see Backend slow start.

true: enables the slow start mode.
false: disables the slow start mode.

By default, this mode is disabled.

alb.ingress.kubernetes.io/slow-start-duration

The time taken for the slow start to gradually increase traffic. The longer the duration, the slower the increase in traffic. Unit: seconds.

Valid values: 30 to 900.

Default value: 30.

Priorities

Annotation

Description

alb.ingress.kubernetes.io/order

The priority of a forwarding rule. A smaller value indicates a higher priority. For more information, see Configure forwarding rule priorities.

Valid values: 1 to 1000.

Default value: 10.

Canary

Annotation	Description
alb.ingress.kubernetes.io/canary	Specifies whether to route requests to the canary. For more information, see Use annotations to perform canary releases. `true`: routes requests to the canary. `false`: does not route requests to the canary. Default value: `false`.
alb.ingress.kubernetes.io/canary-by-header	The header of the requests that are routed to the canary.
alb.ingress.kubernetes.io/canary-by-header-value	The value of the header of the requests that are routed to the canary.
alb.ingress.kubernetes.io/canary-by-cookie	The cookie of the requests that are routed to the canary.

Session persistence

Annotation	Description
alb.ingress.kubernetes.io/sticky-session	Specifies whether to enable session persistence. For more information, see Configure session persistence by using annotations. `true`: enables session persistence. `false`: disables session persistence. Default value: `false`.
alb.ingress.kubernetes.io/sticky-session-type	The method that is used to handle cookies. `Insert`: inserts cookies. During the first-time visit of a client, the ALB instance adds a cookie to the response. `Server`: rewrites cookies. The ALB instance rewrites cookies based on the user-defined cookie. Default value: `Insert`.
alb.ingress.kubernetes.io/cookie-timeout	The session persistence timeout period in seconds. Valid values: 1 to 86400. Default value: `1000`.

Connection draining

Annotation

Description

alb.ingress.kubernetes.io/connection-drain-enabled

Specifies whether to enable connection draining. If connection draining is enabled, the ALB Ingress maintains normal traffic for a certain period when the backend pods enter the Terminating state or when the health check fails. Connections are terminated only after the timeout period is reached, which helps mitigate the impact on services caused by sudden removal of the backend. For more information about how connection draining works, see Connection draining.

true: enables connection draining.
false: disables connection draining.

Default value: false.

alb.ingress.kubernetes.io/connection-drain-timeout

The timeout period of connection draining. Unit: seconds.

Valid values: 0 to 900.

Default value: 300.

Load balancing

Annotation

Description

alb.ingress.kubernetes.io/backend-scheduler

The load balancing algorithm of backend server groups. For more information, see Specify a load balancing algorithm for backend server groups.

wrr: weighted round-robin. Backend servers that have higher weights receive more requests than those that have lower weights.
wlc: weighted least connections. If multiple backend servers have the same weight, requests are forwarded to the backend server with the least connections.
sch: source IP hashing. Requests from the same source IP address are distributed to the same backend server.
uch: URL hashing. Requests destined for the same URL are distributed to the same backend server.

Default value: wrr.

alb.ingress.kubernetes.io/backend-scheduler-uch-value

The URL hashing parameter that is available when the load balancing algorithm is uch.

Cross-origin resource sharing (CORS)

Annotation	Description
alb.ingress.kubernetes.io/enable-cors	Specifies whether to enable CORS. For more information, see Configure CORS. `true`: enables CORS. `false`: disables CORS. Default value: `false`.
alb.ingress.kubernetes.io/cors-allow-origin	The origins from which you want to allow cross-domain requests. Default value: `*`.
alb.ingress.kubernetes.io/cors-expose-headers	The headers that can be exposed.
alb.ingress.kubernetes.io/cors-allow-methods	The methods of cross-domain requests that are allowed. You can select one or more of the following methods: `GET` `POST` `PUT` `DELETE` `HEAD` `OPTIONS` `PATCH` Default value: `"GET, PUT, POST, DELETE, PATCH, OPTIONS"`.
alb.ingress.kubernetes.io/cors-allow-credentials	Specifies whether to carry credentials in requests. `true`: carries credentials in requests. `false`: does not carry credentials in requests. Default value: `true`.
alb.ingress.kubernetes.io/cors-max-age	The maximum cache time of preflight requests in the browser. Unit: seconds. Valid values: -1 to 172800. Default value: `172800`. Note `-1` indicates that cache time is not limited.
alb.ingress.kubernetes.io/cors-allow-headers	The headers of cross-domain requests that are allowed. Default value: `"DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization"`.

Custom forwarding

Annotation	Description
alb.ingress.kubernetes.io/actions.{svcName}	The custom forwarding actions. For more information, see Customize the routing rules of an ALB Ingress.
alb.ingress.kubernetes.io/conditions.{svcName}	The custom forwarding conditions.
alb.ingress.kubernetes.io/rule-direction.{svcName}	The custom forwarding direction. `Request`: The rule takes effect on requests. `Response`: The rule takes effect on responses. Default value: `Request`.

Others

Annotation	Description
alb.ingress.kubernetes.io/backend-keepalive	Specifies whether to enable persistent TCP connections. For more information, see Configure persistent TCP connections. Default value: `false`.
alb.ingress.kubernetes.io/traffic-limit-qps	QPS throttling. Valid values: 1 to 100000.
alb.ingress.kubernetes.io/use-regex	Specifies whether regular expressions can be used in the Path field. This annotation is valid only when the path type is Prefix. Default value: `false`.

AlbConfig fields

An AlbConfig is a CustomResourceDefinition (CRD) used to describe an ALB instance and its listeners. The following tables describe the relevant fields.

Albconfig

Field	Type	Description
apiVersion	Fixed value	The API version of the object. Set the value to `alibabacloud.com/v1`.
kind	Fixed value	Kind indicates the REST resource corresponding to the object. Set the value to `AlbConfig`.
metadata	ObjectMeta	The metadata of the object. For more information, see metadata.
spec	AlbConfigSpec	A list of parameters used to describe the attributes of the ALB instance and its listeners.
status	AlbConfigStatus	The state of the ALB instance is written into the `status` field after reconcilation. The value of the field indicates the current state of the ALB instance.

AlbConfigSpec

Field	Type	Description
config	LoadBalancerSpec	The attributes of the ALB instance.
listeners	ListenerSpec[]	The attributes of the listeners of the ALB instance.

LoadBalancerSpec

Field	Type	Description
id	string	The ID of the ALB instance. The ALB instance can be reused if an instance ID is specified. If you leave this field empty, the ALB Ingress controller creates an ALB instance. For more information about how to create or reuse an ALB instance, see Create an AlbConfig. Default value: `""`.
name	string	The name of the ALB instance. Default value: A name in the `k8s-{namespace}-{name}-{hashCode}` format is automatically generated.
addressAllocatedMode	enum	The IP mode of the ALB instance. `Dynamic`: The ALB instance is assigned at least one IP address in each zone. The number of IP addresses automatically increases when more requests are received. This dynamic mode supports up to one million QPS. `Fixed`: The ALB instance is assigned only one IP address in each zone and the IP addresses are static. The fixed mode supports up to 100,000 QPS. Default value: `Dynamic`.
addressType	enum	The network type of the IPv4 CIDR block of the ALB instance. `Internet`: Internet. The ALB instance is assigned a public domain name. `Intranet`: internal network. Default value: `Internet`.
ipv6AddressType	enum	The network type of the IPv6 CIDR block of the ALB instance. The network type can be different from that of the IPv4 CIDR block of the ALB instance. `Internet`: Internet. The ALB instance is assigned a public domain name. `Intranet`: internal network. Default value: `Intranet`.
addressIpVersion	enum	Specifies whether the ALB instance supports dual stack. `IPv4`: Only IPv4 is supported. `DualStack`: IPv4 and IPv6 are supported. Default value: `IPv4`.
resourceGroupId	string	The ID of the resource group to which the ALB instance belongs. Default value: `""`.
edition	enum	The edition of the ALB instance. You cannot modify this parameter in reuse mode. `Standard`: standard ALB instance. `StandardWithWaf`: WAF-enabled ALB instance. For more information, see Use WAF-enabled ALB instances to protect applications. Default value: `Standard`.
deletionProtectionEnabled	bool	A reserved field. Do not modify this field.
forceOverride	bool	Specifies whether to forcefully overwrite the attributes of the ALB instance in reuse mode. `true`: forcefully overwrites the attributes of the ALB instance in reuse mode. `false`: does not forcefully overwrite the attributes of the ALB instance in reuse mode. `null`: does not forcefully overwrite the attributes of the ALB instance in reuse mode. Default value: `false`.
listenerForceOverride	bool	Specifies whether to forcefully overwrite the attributes of the listeners in reuse mode. `true`: forcefully overwrites the attributes of the ALB instance in reuse mode. `false`: does not forcefully overwrite the attributes of the ALB instance in reuse mode. `null`: does not forcefully overwrite the attributes of the listeners in reuse mode. Default value: `null`.
zoneMappings	ZoneMapping[]	The zone and elastic IP address (EIP) configuration.
accessLogConfig	AccessLogConfig	The log collection configuration.
billingConfig	BillingConfig	The billing method.
modificationProtectionConfig	ModificationProtectionConfig	The configuration protection setting.
tags	Tag[]	The labels of the ALB instance.

ZoneMapping

Field	Type	Description
vSwitchId	string	The vSwitch ID. This field is required. Default value: `""`.
zoneId	string	The zone of the vSwitch. Default value: `""`.
allocationId	string	The ID of the EIP. Default value: `""`.
eipType	string	A reserved field. Do not modify this field.

AccessLogConfig

Field

Type

Description

logProject

string

The name of the Simple Log Service (SLS) project.

Default value: "".

logStore

string

The name of the SLS Logstore, which must start with alb_. The SLS Logstore is automatically created If it does not exist. For more information, see Enable Simple Log Service to collect access logs.

Default value: "".

BillingConfig

Field	Type	Description
internetBandwidth	int	A reserved field. Do not modify this field.
internetChargeType	string	A reserved field. Do not modify this field.
payType	enum	A reserved field. Do not modify this field.
bandWidthPackageId	string[]	The ID of the associated Internet Shared Bandwidth instance. You cannot disassociate the Internet Shared Bandwidth instance. Default value: `""`.

ModificationProtectionConfig

Field	Type	Description
reason	string	A reserved field.
status	string	A reserved field.

Tag

Field

Type

Description

key

string

The key of the label.

Default value: "".

value

string

The value of the label.

Default value: "".

ListenerSpec

Field	Type	Description
gzipEnabled	bool	Specifies whether to enable data compression. For more information, see Configure data compression. `true`: enables data compression. `false`: disables data compression. `null`: enables data compression. Default value: `null`.
http2Enabled	bool	Specifies whether to enable HTTP/2. `true`: enables HTTP/2. `false`: disables HTTP/2. `null`: enables HTTP/2. Default value: `null`.
port	int	The listening port. This field is required. Default value: `0`.
protocol	enum	The listening protocol. This field is required. `HTTP` `HTTPS` `QUIC`
securityPolicyId	string	The ID of the TLS security policy. Default value: `""`.
idleTimeout	int	The timeout period of idle connections in seconds. Default value: `15`. Note A value of 0 indicates that the default value is used.
loadBalancerId	string	A reserved field. Do not modify this field.
description	string	The name of the listener. By default, a name in the `ingress-auto-listener-{port}` format is automatically generated.
caEnabled	bool	Specifies whether to enable mutual authentication. `true`: enables mutual authentication. `false`: disables mutual authentication. Default value: `false`.
requestTimeout	int	The timeout period of requests in seconds. Default value: `60`.
quicConfig	QuicConfig	The QUICK listener configuration.
defaultActions	Action[]	A reserved field. Do not modify this field.
caCertificates	Certificate[]	The root CA certificate of the listener.
certificates	Certificate[]	The server certificate of the listener.
xForwardedForConfig	XForwardedForConfig	The configuration of the XForward header.
logConfig	LogConfig	The listener log configuration.
aclConfig	AclConfig	The access control configuration.

QuicConfig

Field

Type

Description

quicUpgradeEnabled

bool

Specifies whether to enable QUIC upgrade. In scenarios where both QUIC and HTTPS listeners are used, set the quicUpgradeEnabled field to associate QUIC listeners with HTTPS listeners or disassociate QUIC listeners from HTTPS listeners. For more information, see Use QUIC Listener to Support HTTP/3 Protocol.

true: enables QUIC upgrade. QUIC listeners are associated with HTTPS listeners.
false: disables QUIC upgrade. QUIC listeners are disassociated from HTTPS listeners.

Default value: false.

quicListenerId

string

HTTPS listeners associated with the QUIC listeners.

Default value: "".

Certificate

Field

Type

Description

IsDefault

bool

Specifies whether the certificate is a default certificate. For more information, see Configure HTTPS Certificates for Encrypted Communication.

true: The certificate is a default certificate.
false: The certificate is not a default certificate.

Default value: false.

Important

You can specify only one default certificate.

CertificateId

string

The ID of the certificate.

Default value: "".

XForwardedForConfig

Field	Type	Description
XForwardedForClientCertSubjectDNEnabled	bool	Specifies whether to add the `X-Forwarded-Clientcert-subjectdn` header field to HTTP requests distributed by the ALB instance to carry information about the holder of the client certificate. `true`: adds the header field. `false`: does not add the header field. Default value: `false`.
XForwardedForProtoEnabled	bool	Specifies whether to add the `X-Forwarded-Proto` header field to HTTP requests distributed by the ALB instance to carry information about the listening protocol of the ALB instance. `true`: adds the header field. `false`: does not add the header field. Default value: `false`.
XForwardedForClientCertIssuerDNEnabled	bool	Specifies whether to add the `X-Forwarded-Clientcert-issuerdn` header field to HTTP requests distributed by the ALB instance to carry information about the issuer of the client certificate. `true`: adds the header field. `false`: does not add the header field. Default value: `false`.
XForwardedForSLBIdEnabled	bool	Specifies whether to add the `X-Forwarded-For-SLB-ID` header field to HTTP requests distributed by the ALB instance to carry the ALB instance ID. `true`: adds the header field. `false`: does not add the header field. Default value: `false`.
XForwardedForClientSrcPortEnabled	bool	Specifies whether to add the `X-Forwarded-Client-Port` header field to HTTP requests distributed by the ALB instance to carry information about the port used by the client. `true`: adds the header field. `false`: does not add the header field. Default value: `false`.
XForwardedForClientCertFingerprintEnabled	bool	Specifies whether to add the `X-Forwarded-Clientcert-fingerprint` header field to HTTP requests distributed by the ALB instance to carry information about fingerprint of the client certificate. `true`: adds the header field. `false`: does not add the header field. Default value: `false`.
XForwardedForEnabled	bool	Specifies whether to add the `X-Forwarded-For` header field to HTTP requests distributed by the ALB instance to carry the client IP address. This parameter cannot be set to false.
XForwardedForSLBPortEnabled	bool	Specifies whether to add the `X-Forwarded-Port` header field to HTTP requests distributed by the ALB instance to carry information about the listening ports of the ALB instance. `true`: adds the header field. `false`: does not add the header field. Default value: `false`.
XForwardedForClientCertClientVerifyEnabled	bool	Specifies whether to add the `X-Forwarded-Clientcert-clientverify` header field to HTTP requests distributed by the ALB instance to carry the client certificate verification result. `true`: adds the header field. `false`: does not add the header field. Default value: `false`.
XForwardedForClientCertSubjectDNAlias	string	A custom field name. After you specify this field, the name of the `X-Forwarded-Clientcert-subjectdn` header field added by `XForwardedForClientCertSubjectDNEnabled` is replaced with the specified name. This field takes effect only when `XForwardedForClientCertSubjectDNEnabled` is set to `true`. Default value: `""`.
XForwardedForClientCertClientVerifyAlias	string	A custom field name. After you specify this field, the name of the `X-Forwarded-Clientcert-clientverify` header field added by `XForwardedForClientCertClientVerifyEnabled` is replaced with the specified name. This field takes effect only when `XForwardedForClientCertClientVerifyEnabled` is set to `true`. Default value: `""`.
XForwardedForClientCertIssuerDNAlias	string	A custom field name. After you specify this field, the name of the `X-Forwarded-Clientcert-issuerdn` header field added by `XForwardedForClientCertIssuerDNEnabled` is replaced with the specified name. This field takes effect only when `XForwardedForClientCertIssuerDNEnabled` is set to `true`. Default value: `""`.
XForwardedForClientCertFingerprintAlias	string	A custom field name. After you specify this field, the name of the `X-Forwarded-Clientcert-fingerprint` header field added by `XForwardedForClientCertFingerprintEnabled` is replaced with the specified name. This field takes effect only when `XForwardedForClientCertFingerprintEnabled` is set to `true`. Default value: `""`.
XForwardedForClientSourceIpsEnabled	bool	Specifies whether to allow the ALB instance to retrieve client IP addresses from the `X-Forwarded-For` header. `true`: Allowed. In this case, the `XForwardedForClientSourceIpsTrusted` parameter must be configured in a valid format. `false`: Not allowed. Default value: `false`.
XForwardedForClientSourceIpsTrusted	string	Specify a trusted proxy IP address. Enter a valid IP address or CIDR block. Separate multiple values by semicolons (`;`) without any spaces between them. This only takes effect when `XForwardedForClientSourceIpsEnabled` is set to true. Set the trusted IP address list to `0.0.0.0/0`: the ALB instance retrieves the leftmost IP address in the `X-Forwarded-For` header. The IP address is the source client IP address. Set the trusted IP address list in the format of `proxy1 IP; proxy2 IP,..`: the ALB instance compares the IP addresses in the `X-Forwarded-For` header from right to left against the trusted IP address list. The first IP address that is not on the trusted IP address list is considered the source client IP address. Sample Value: `192.168.x.x;192.168.x.x/16`.

AclConfig

Field	Type	Description
aclName	string	The name of the network ACL in AclEntry mode. For more information, see Configure network ACLs. Default value: `""`.
aclType	enum	The access control mode. `Black`: the blacklist mode, which blocks access from the specified IP addresses. `White`: the whitelist mode, which permits only access from the specified IP addresses.
aclEntries	string[]	The network ACL rules. Default value: `""`. Important The `aclEntries` and `aclIds` fields are mutually exclusive. For more information, see Configure network ACLs.
aclIds	string[]	The list of the IDs of existing network ACLs. Default value: `""`.

LogConfig

Field

Type

Description

accessLogRecordCustomizedHeadersEnabled

bool

Specifies whether to record custom headers in the access log of the ALB instance.

true: records custom headers.
false: does not record custom headers.

Default value: false.

accessLogTracingConfig

AccessLogTracingConfig

The Tracing Analysis configuration. For more information, see Use AlbConfigs to enable Tracing Analysis based on Xtrace.

AccessLogTracingConfig

Field	Type	Description
tracingEnabled	bool	Specifies whether to enable Tracing Analysis. `true`: enables Tracing Analysis. `false`: disables Tracing Analysis. Default value: `false`.
tracingSample	int	The sampling rate of Tracing Analysis. Unit: `0.01%`. Valid values: 1 to 10000.
tracingType	enum	The sampling algorithm of Tracing Analysis. `Zipkin`

AlbConfigStatus

Important

The AlbConfigStatus, LoadBalancerStatus, ListenerStatus, and AppliedCertificate fields are reserved fields used by ALB Ingresses to record states. Do not modify these fields.

Field

Output

Description

loadBalancer

LoadBalancerStatus

A reserved field. Do not modify this field.

The status of the ALB instance.

LoadBalancerStatus

Field	Output	Description
dnsname	string	A reserved field. Do not modify this field. The DNS address of the ALB instance.
id	string	A reserved field. Do not modify this field. The ID of the ALB instance.
listeners	ListenerStatus	A reserved field. Do not modify this field. The listener attributes of the ALB instance.

ListenerStatus

Field

Output

Description

portAndProtocol

string

A reserved field. Do not modify this field.

The ports and protocols used by listeners.

certificates

AppliedCertificate

A reserved field. Do not modify this field.

The certificates associated with listeners.

AppliedCertificate

Field

Output

Description

certificateId

string

A reserved field. Do not modify this field.

The ID of the certificate.

isDefault

bool

A reserved field. Do not modify this field.

Specifies whether the certificate is a default certificate.

References

For more information about the parameters in an AlbConfig, see Use an AlbConfig to configure an ALB instance.
For more information about how to use ALB Ingress annotations, see Advanced ALB Ingress configurations.