Important

Azure Red Hat OpenShift 3.11 will be retired 30 June 2022. Support for creation of new Azure Red Hat OpenShift 3.11 clusters continues through 30 November 2020. Following retirement, remaining Azure Red Hat OpenShift 3.11 clusters will be shut down to prevent security vulnerabilities.

Follow this guide to create an Azure Red Hat OpenShift 4 cluster. If you have specific questions, please contact us


Description

Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.

Type

object

Specification

Property Type Description

.apiVersion

string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

.kind

string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

.metadata

ObjectMeta meta/v1

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata

.spec

object

ServiceSpec describes the attributes that a user creates on a service.

.status

object

ServiceStatus represents the current status of a service.

.spec
Description

ServiceSpec describes the attributes that a user creates on a service.

Type

object

Property Type Description

clusterIP

string

clusterIP is the IP address of the service and is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are "None", empty string (""), or a valid IP address. "None" can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies

externalIPs

array (string)

externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.

externalName

string

externalName is the external reference that kubedns or equivalent will return as a CNAME record for this service. No proxying will be involved. Must be a valid RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires Type to be ExternalName.

externalTrafficPolicy

string

externalTrafficPolicy denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. "Local" preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. "Cluster" obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading.

healthCheckNodePort

integer

healthCheckNodePort specifies the healthcheck nodePort for the service. If not specified, HealthCheckNodePort is created by the service api backend with the allocated nodePort. Will use user-specified nodePort value if specified by the client. Only effects when Type is set to LoadBalancer and ExternalTrafficPolicy is set to Local.

loadBalancerIP

string

Only applies to Service Type: LoadBalancer LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature.

loadBalancerSourceRanges

array (string)

If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/

ports

array (ServicePort core/v1)

The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies

publishNotReadyAddresses

boolean

publishNotReadyAddresses, when set to true, indicates that DNS implementations must publish the notReadyAddresses of subsets for the Endpoints associated with the Service. The default value is false. The primary use case for setting this field is to use a StatefulSet’s Headless Service to propagate SRV records for its Pods without respect to their readiness for purpose of peer discovery.

selector

object (string)

Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/

sessionAffinity

string

Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies

sessionAffinityConfig

SessionAffinityConfig core/v1

sessionAffinityConfig contains the configurations of session affinity.

type

string

type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ExternalName" maps to the specified externalName. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a stable IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the clusterIP. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types

.status
Description

ServiceStatus represents the current status of a service.

Type

object

Property Type Description

loadBalancer

object

LoadBalancerStatus represents the status of a load-balancer.

.status.loadBalancer
Description

LoadBalancerStatus represents the status of a load-balancer.

Type

object

Property Type Description

ingress

array (LoadBalancerIngress core/v1)

Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.

API endpoints

The following API endpoints are available:

  • /api/v1/services

    • GET: list or watch objects of kind Service

  • /api/v1/namespaces/{namespace}/services

    • GET: list or watch objects of kind Service

    • POST: create a Service

  • /api/v1/namespaces/{namespace}/services/{name}

    • DELETE: delete a Service

    • GET: read the specified Service

    • PATCH: partially update the specified Service

    • PUT: replace the specified Service

  • /api/v1/namespaces/{namespace}/services/{name}/proxy

    • DELETE: connect DELETE requests to proxy of Service

    • GET: connect GET requests to proxy of Service

    • HEAD: connect HEAD requests to proxy of Service

    • OPTIONS: connect OPTIONS requests to proxy of Service

    • PATCH: connect PATCH requests to proxy of Service

    • POST: connect POST requests to proxy of Service

    • PUT: connect PUT requests to proxy of Service

  • /api/v1/namespaces/{namespace}/services/{name}/status

    • GET: read status of the specified Service

    • PATCH: partially update status of the specified Service

    • PUT: replace status of the specified Service

  • /api/v1/namespaces/{namespace}/services/{name}/proxy/{path}

    • DELETE: connect DELETE requests to proxy of Service

    • GET: connect GET requests to proxy of Service

    • HEAD: connect HEAD requests to proxy of Service

    • OPTIONS: connect OPTIONS requests to proxy of Service

    • PATCH: connect PATCH requests to proxy of Service

    • POST: connect POST requests to proxy of Service

    • PUT: connect PUT requests to proxy of Service

/api/v1/services

Table 1. Global guery parameters
Parameter Type Description

continue

string

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server the server will respond with a 410 ResourceExpired error indicating the client must restart their list without the continue field. This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector

string

A selector to restrict the list of returned objects by their fields. Defaults to everything.

includeUninitialized

boolean

If true, partially initialized resources are included in the response.

labelSelector

string

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit

integer

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

pretty

string

If 'true', then the output is pretty printed.

resourceVersion

string

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

timeoutSeconds

integer

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch

boolean

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method

GET

Description

list or watch objects of kind Service

Table 2. HTTP responses
HTTP code Reponse body

200 - OK

ServiceList core/v1

401 - Unauthorized

Empty

/api/v1/namespaces/{namespace}/services

Table 3. Global path parameters
Parameter Type Description

namespace

string

object name and auth scope, such as for teams and projects

Table 4. Global guery parameters
Parameter Type Description

pretty

string

If 'true', then the output is pretty printed.

HTTP method

GET

Description

list or watch objects of kind Service

Table 5. Query parameters
Parameter Type Description

continue

string

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server the server will respond with a 410 ResourceExpired error indicating the client must restart their list without the continue field. This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector

string

A selector to restrict the list of returned objects by their fields. Defaults to everything.

includeUninitialized

boolean

If true, partially initialized resources are included in the response.

labelSelector

string

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit

integer

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion

string

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

timeoutSeconds

integer

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch

boolean

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 6. HTTP responses
HTTP code Reponse body

200 - OK

ServiceList core/v1

401 - Unauthorized

Empty

HTTP method

POST

Description

create a Service

Table 7. Body parameters
Parameter Type Description

body

Service core/v1

Table 8. HTTP responses
HTTP code Reponse body

200 - OK

Service core/v1

201 - Created

Service core/v1

202 - Accepted

Service core/v1

401 - Unauthorized

Empty

/api/v1/namespaces/{namespace}/services/{name}

Table 9. Global path parameters
Parameter Type Description

name

string

name of the Service

namespace

string

object name and auth scope, such as for teams and projects

Table 10. Global guery parameters
Parameter Type Description

pretty

string

If 'true', then the output is pretty printed.

HTTP method

DELETE

Description

delete a Service

Table 11. Query parameters
Parameter Type Description

gracePeriodSeconds

integer

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

orphanDependents

boolean

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.

propagationPolicy

string

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 12. Body parameters
Parameter Type Description

body

DeleteOptions meta/v1

Table 13. HTTP responses
HTTP code Reponse body

200 - OK

Status meta/v1

401 - Unauthorized

Empty

HTTP method

GET

Description

read the specified Service

Table 14. Query parameters
Parameter Type Description

exact

boolean

Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.

export

boolean

Should this value be exported. Export strips fields that a user can not specify.

Table 15. HTTP responses
HTTP code Reponse body

200 - OK

Service core/v1

401 - Unauthorized

Empty

HTTP method

PATCH

Description

partially update the specified Service

Table 16. Body parameters
Parameter Type Description

body

Patch meta/v1

Table 17. HTTP responses
HTTP code Reponse body

200 - OK

Service core/v1

401 - Unauthorized

Empty

HTTP method

PUT

Description

replace the specified Service

Table 18. Body parameters
Parameter Type Description

body

Service core/v1

Table 19. HTTP responses
HTTP code Reponse body

200 - OK

Service core/v1

201 - Created

Service core/v1

401 - Unauthorized

Empty

/api/v1/namespaces/{namespace}/services/{name}/proxy

Table 20. Global path parameters
Parameter Type Description

name

string

name of the Service

namespace

string

object name and auth scope, such as for teams and projects

Table 21. Global guery parameters
Parameter Type Description

path

string

Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.

HTTP method

DELETE

Description

connect DELETE requests to proxy of Service

Table 22. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

GET

Description

connect GET requests to proxy of Service

Table 23. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

HEAD

Description

connect HEAD requests to proxy of Service

Table 24. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

OPTIONS

Description

connect OPTIONS requests to proxy of Service

Table 25. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

PATCH

Description

connect PATCH requests to proxy of Service

Table 26. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

POST

Description

connect POST requests to proxy of Service

Table 27. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

PUT

Description

connect PUT requests to proxy of Service

Table 28. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

/api/v1/namespaces/{namespace}/services/{name}/status

Table 29. Global path parameters
Parameter Type Description

name

string

name of the Service

namespace

string

object name and auth scope, such as for teams and projects

Table 30. Global guery parameters
Parameter Type Description

pretty

string

If 'true', then the output is pretty printed.

HTTP method

GET

Description

read status of the specified Service

Table 31. HTTP responses
HTTP code Reponse body

200 - OK

Service core/v1

401 - Unauthorized

Empty

HTTP method

PATCH

Description

partially update status of the specified Service

Table 32. Body parameters
Parameter Type Description

body

Patch meta/v1

Table 33. HTTP responses
HTTP code Reponse body

200 - OK

Service core/v1

401 - Unauthorized

Empty

HTTP method

PUT

Description

replace status of the specified Service

Table 34. Body parameters
Parameter Type Description

body

Service core/v1

Table 35. HTTP responses
HTTP code Reponse body

200 - OK

Service core/v1

201 - Created

Service core/v1

401 - Unauthorized

Empty

/api/v1/namespaces/{namespace}/services/{name}/proxy/{path}

Table 36. Global path parameters
Parameter Type Description

name

string

name of the Service

namespace

string

object name and auth scope, such as for teams and projects

path

string

path to the resource

Table 37. Global guery parameters
Parameter Type Description

path

string

Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.

HTTP method

DELETE

Description

connect DELETE requests to proxy of Service

Table 38. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

GET

Description

connect GET requests to proxy of Service

Table 39. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

HEAD

Description

connect HEAD requests to proxy of Service

Table 40. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

OPTIONS

Description

connect OPTIONS requests to proxy of Service

Table 41. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

PATCH

Description

connect PATCH requests to proxy of Service

Table 42. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

POST

Description

connect POST requests to proxy of Service

Table 43. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty

HTTP method

PUT

Description

connect PUT requests to proxy of Service

Table 44. HTTP responses
HTTP code Reponse body

200 - OK

string

401 - Unauthorized

Empty