{"id":52591,"date":"2025-09-09T01:53:59","date_gmt":"2025-09-09T01:53:59","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=52591"},"modified":"2025-09-09T01:58:52","modified_gmt":"2025-09-09T01:58:52","slug":"kubernetes-understanding-ingressclassparams-ingressclass-ingress","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/kubernetes-understanding-ingressclassparams-ingressclass-ingress\/","title":{"rendered":"Kubernetes: Understanding IngressClassParams, IngressClass &amp; Ingress"},"content":{"rendered":"\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">1. Understanding the Role of Each Resource<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>IngressClassParams<\/strong><\/h3>\n\n\n\n<p>A <strong>Custom Resource Definition (CRD)<\/strong> used with the AWS Load Balancer Controller. It defines AWS-specific settings for your ALB\u2014like scheme (internet-facing\/internal), IP address type (IPv4 or dualstack), tags, and grouping.<\/p>\n\n\n\n<p><br>Template example:<\/p>\n\n\n<pre class=\"wp-block-code\"><span><code class=\"hljs\">apiVersion: elbv2.k8s.aws\/v1beta1\nkind: IngressClassParams\nmetadata:\n  name: alb\nspec:\n  scheme: internet-facing\n  ipAddressType: ipv4\n  tags:\n    - key: env\n      value: dev\n<\/code><\/span><\/pre>\n\n\n<p>This instructs the AWS ALB controller how to configure the load balancer.<br>(<a href=\"https:\/\/kubernetes-sigs.github.io\/aws-load-balancer-controller\/v2.4\/guide\/ingress\/ingress_class\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">kubernetes-sigs.github.io<\/a>, <a href=\"https:\/\/docs.aws.amazon.com\/eks\/latest\/userguide\/auto-configure-alb.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">AWS Documentation<\/a>)<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>IngressClass<\/strong><\/h3>\n\n\n\n<p>A standard Kubernetes object that tells the cluster <em>who<\/em> manages Ingress resources. It references the <code>IngressClassParams<\/code> and names the AWS controller responsible for provisioning the ALB.<\/p>\n\n\n<pre class=\"wp-block-code\"><span><code class=\"hljs\">apiVersion: networking.k8s.io\/v1\nkind: IngressClass\nmetadata:\n  name: alb\n  annotations:\n    ingressclass.kubernetes.io\/is-default-class: \"true\"\nspec:\n  controller: eks.amazonaws.com\/alb\n  parameters:\n    apiGroup: eks.amazonaws.com\n    kind: IngressClassParams\n    name: alb\n<\/code><\/span><\/pre>\n\n\n<p>This links your Ingress resources to the right AWS-specific settings.<br>(<a href=\"https:\/\/docs.aws.amazon.com\/eks\/latest\/userguide\/auto-configure-alb.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">AWS Documentation<\/a>, <a href=\"https:\/\/kubernetes-sigs.github.io\/aws-load-balancer-controller\/v2.4\/guide\/ingress\/ingress_class\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">kubernetes-sigs.github.io<\/a>)<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Ingress<\/strong><\/h3>\n\n\n\n<p>The user-facing Kubernetes object that defines HTTP routing rules\u2014like host, paths, and backend services. It refers to the <code>IngressClass<\/code> by name (unless one is marked default).<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-1\" data-shcb-language-name=\"PHP\" data-shcb-language-slug=\"php\"><span><code class=\"hljs language-php\">apiVersion: networking.k8s.io\/v1\nkind: Ingress\nmetadata:\n  name: my-app-ingress\nspec:\n  ingressClassName: alb              <span class=\"hljs-comment\"># Connects to your IngressClass<\/span>\n  rules:\n    - host: myapp.example.com\n      http:\n        paths:\n          - path: \/\n            pathType: Prefix\n            backend:\n              service:\n                name: my-app-service\n                port:\n                  number: <span class=\"hljs-number\">80<\/span>\n<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-1\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">PHP<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">php<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Once applied, AWS provisions an ALB to route traffic as specified.<br>(<a href=\"https:\/\/docs.aws.amazon.com\/eks\/latest\/userguide\/auto-configure-alb.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">AWS Documentation<\/a>, <a href=\"https:\/\/www.solo.io\/topics\/api-gateway\/kubernetes-ingress?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">solo.io<\/a>)<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">2. High-Level Flow (Step-by-Step)<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Deploy AWS Load Balancer Controller<\/strong> on your cluster via Helm or manifests (not covered here, but essential).<\/li>\n\n\n\n<li><strong>Create IngressClassParams<\/strong> \u2192 defines ALB behavior.<\/li>\n\n\n\n<li><strong>Create IngressClass<\/strong> \u2192 registers a class that uses the AWS controller and links to the params.<\/li>\n\n\n\n<li><strong>Deploy Ingress resources<\/strong> \u2192 use the class to route traffic; AWS controller builds the ALB behind the scenes.<br>(<a href=\"https:\/\/docs.aws.amazon.com\/eks\/latest\/userguide\/auto-configure-alb.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">AWS Documentation<\/a>, <a href=\"https:\/\/aws.amazon.com\/blogs\/containers\/exposing-kubernetes-applications-part-2-aws-load-balancer-controller\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Amazon Web Services, Inc.<\/a>)<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">3. Best Beginner Tutorials<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>AWS Official IngressClass Workflow<\/strong>: A clear, step-by-step guide illustrating exactly these four steps\u2014workload, <code>IngressClassParams<\/code>, <code>IngressClass<\/code>, then <code>Ingress<\/code>. Super beginner-friendly.<br>(<a href=\"https:\/\/docs.aws.amazon.com\/eks\/latest\/userguide\/auto-configure-alb.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">AWS Documentation<\/a>)<\/li>\n\n\n\n<li><strong>AWS Load Balancer Controller on EKS \u2013 Complete Guide<\/strong>: A deep-dive tutorial covering setup of the controller, cluster, and walkthrough of ALB provisioning.<br>(<a href=\"https:\/\/devopscube.com\/aws-load-balancer-controller-on-eks\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">devopscube.com<\/a>)<\/li>\n\n\n\n<li><strong>Kubernetes Ingress Fundamentals<\/strong>: For broader understanding of <code>Ingress<\/code> and how controllers work (like nginx). Excellent for seeing the big picture.<br>(<a href=\"https:\/\/devopscube.com\/kubernetes-ingress-tutorial\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">devopscube.com<\/a>, <a href=\"https:\/\/tetrate.io\/learn\/kubernetes\/kubernetes-ingress-example-uses-diagram?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">tetrate.io<\/a>)<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">4. TL;DR Summary<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Resource<\/th><th>What it Does<\/th><\/tr><\/thead><tbody><tr><td><code>IngressClassParams<\/code><\/td><td>Configures ALB behavior (scheme, IP type, tags, etc.)<\/td><\/tr><tr><td><code>IngressClass<\/code><\/td><td>Registers a controller and links to params<\/td><\/tr><tr><td><code>Ingress<\/code><\/td><td>Defines routing rules to services; triggers ALB provisioning by the controller<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">5. Sample YAML Sequence<\/h2>\n\n\n<pre class=\"wp-block-code\"><span><code class=\"hljs\"># 1. IngressClassParams\napiVersion: elbv2.k8s.aws\/v1beta1\nkind: IngressClassParams\nmetadata:\n  name: alb\nspec:\n  scheme: internet-facing\n  ipAddressType: ipv4\n\n# 2. IngressClass\napiVersion: networking.k8s.io\/v1\nkind: IngressClass\nmetadata:\n  name: alb\n  annotations:\n    ingressclass.kubernetes.io\/is-default-class: \"true\"\nspec:\n  controller: eks.amazonaws.com\/alb\n  parameters:\n    apiGroup: elbv2.k8s.aws\n    kind: IngressClassParams\n    name: alb\n\n# 3. Ingress (example)\napiVersion: networking.k8s.io\/v1\nkind: Ingress\nmetadata:\n  name: demo-ingress\nspec:\n  ingressClassName: alb\n  rules:\n    - host: demo.example.com\n      http:\n        paths:\n          - path: \/\n            pathType: Prefix\n            backend:\n              service:\n                name: demo-svc\n                port:\n                  number: 80\n<\/code><\/span><\/pre>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Here\u2019s a detailed breakdown of the available options in <strong>IngressClassParams<\/strong>, the AWS Load Balancer Controller CRD, based on its schema:<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Available Fields in <code>spec<\/code> for <code>IngressClassParams<\/code><\/h3>\n\n\n\n<p>Derived from the CRD schema and documentation, here are the supported fields:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th><strong>Field<\/strong><\/th><th><strong>Type<\/strong><\/th><th><strong>Description<\/strong><\/th><\/tr><\/thead><tbody><tr><td><code>scheme<\/code><\/td><td><code>string<\/code><\/td><td>ALB scheme: either <code>internet-facing<\/code> or <code>internal<\/code>.<\/td><\/tr><tr><td><code>ipAddressType<\/code><\/td><td><code>string<\/code><\/td><td>IP type: <code>ipv4<\/code> or <code>dualstack<\/code>.<\/td><\/tr><tr><td><code>loadBalancerName<\/code><\/td><td><code>string<\/code><\/td><td>Optional. Allows specifying a custom name for the ALB to be created. (<a href=\"https:\/\/pkg.go.dev\/sigs.k8s.io\/aws-load-balancer-controller\/apis\/elbv2\/v1beta1?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Go Packages<\/a>)<\/td><\/tr><tr><td><code>group<\/code><\/td><td><code>object<\/code><\/td><td>Optional. Defines load balancer group parameters\u2014may define group-based behavior. (<a href=\"https:\/\/raw.githubusercontent.com\/kubernetes-sigs\/aws-load-balancer-controller\/main\/helm\/aws-load-balancer-controller\/crds\/crds.yaml?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>, <a href=\"https:\/\/pkg.go.dev\/sigs.k8s.io\/aws-load-balancer-controller\/apis\/elbv2\/v1beta1?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Go Packages<\/a>)<\/td><\/tr><tr><td><code>Tags<\/code><\/td><td><code>map[string][]string<\/code><\/td><td>Optional. Defines subnet tags to select subnets where LB should be created. (<a href=\"https:\/\/pkg.go.dev\/sigs.k8s.io\/aws-load-balancer-controller\/apis\/elbv2\/v1beta1?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Go Packages<\/a>)<\/td><\/tr><tr><td><code>Subnet selector<\/code> (<code>ids<\/code> or <code>tags<\/code>)<\/td><td><code>object<\/code><\/td><td>Optional. Allows specifying subnets either by ID or by tags. Only one option is allowed. (<a href=\"https:\/\/raw.githubusercontent.com\/kubernetes-sigs\/aws-load-balancer-controller\/main\/helm\/aws-load-balancer-controller\/crds\/crds.yaml?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>, <a href=\"https:\/\/pkg.go.dev\/sigs.k8s.io\/aws-load-balancer-controller\/apis\/elbv2\/v1beta1?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Go Packages<\/a>)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Notes &amp; Summary<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The <strong>core, commonly used fields<\/strong> are <code>scheme<\/code> and <code>ipAddressType<\/code>, which allow control over whether your ALB is public or internal and whether it\u2019s IPv4-only or dual-stack.<\/li>\n\n\n\n<li>You also have optional fine-grained controls:\n<ul class=\"wp-block-list\">\n<li><strong>Naming<\/strong> with <code>loadBalancerName<\/code><\/li>\n\n\n\n<li><strong>Subnet targeting<\/strong> via tags or explicit IDs<\/li>\n\n\n\n<li><strong>Grouping<\/strong>, if your use case involves grouping strategies.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Example YAML using all available fields:<\/h3>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-2\" data-shcb-language-name=\"PHP\" data-shcb-language-slug=\"php\"><span><code class=\"hljs language-php\">apiVersion: elbv2.k8s.aws\/v1beta1\nkind: IngressClassParams\nmetadata:\n  name: alb-custom\nspec:\n  scheme: internal\n  ipAddressType: dualstack\n  loadBalancerName: my-custom-alb\n  tags:\n    env:\n      - prod\n      - staging\n  subnetSelector:\n    tags:\n      subnet-type: <span class=\"hljs-keyword\">private<\/span>\n<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-2\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">PHP<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">php<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Why It Matters<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>scheme<\/code> &amp; <code>ipAddressType<\/code> are essential for general behavior.<\/li>\n\n\n\n<li><code>loadBalancerName<\/code> helps when you need custom naming (like for tagging or monitoring).<\/li>\n\n\n\n<li><code>tags<\/code> and <code>subnetSelector<\/code> give you control over the network placement of ALB.<\/li>\n\n\n\n<li><code>group<\/code> can enable advanced configurations (multi-tenant or grouped routing).<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>here\u2019s a <strong>comprehensive table of commonly used Kubernetes Ingress annotations<\/strong>, especially focusing on AWS Load Balancer Controller (since you\u2019re working with <code>IngressClassParams<\/code> and ALBs).<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">\ud83d\udd16 Ingress Annotations &amp; Their Purpose<\/h1>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th><strong>Annotation<\/strong><\/th><th><strong>Purpose \/ Why It\u2019s Used<\/strong><\/th><th><strong>Example Value<\/strong><\/th><\/tr><\/thead><tbody><tr><td><code>kubernetes.io\/ingress.class<\/code><\/td><td><strong>(Legacy)<\/strong> Specifies which controller should manage the Ingress. Superseded by <code>spec.ingressClassName<\/code>.<\/td><td><code>alb<\/code>, <code>nginx<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/scheme<\/code><\/td><td>Defines ALB scheme: public vs private.<\/td><td><code>internet-facing<\/code>, <code>internal<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/ip-address-type<\/code><\/td><td>Specifies IP type for the ALB.<\/td><td><code>ipv4<\/code>, <code>dualstack<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/target-type<\/code><\/td><td>Configures target type.<\/td><td><code>instance<\/code>, <code>ip<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/healthcheck-path<\/code><\/td><td>Path used for target health checks.<\/td><td><code>\/healthz<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/healthcheck-port<\/code><\/td><td>Port for health checks.<\/td><td><code>traffic-port<\/code>, <code>80<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/healthcheck-interval-seconds<\/code><\/td><td>Health check interval.<\/td><td><code>30<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/healthcheck-timeout-seconds<\/code><\/td><td>Timeout for each health check request.<\/td><td><code>5<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/healthy-threshold-count<\/code><\/td><td>Number of successes before a target is marked healthy.<\/td><td><code>2<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/unhealthy-threshold-count<\/code><\/td><td>Number of failures before a target is marked unhealthy.<\/td><td><code>2<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/listen-ports<\/code><\/td><td>Defines ALB listener ports.<\/td><td><code>[{\"HTTP\":80},{\"HTTPS\":443}]<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/certificate-arn<\/code><\/td><td>ACM certificate ARN for HTTPS.<\/td><td><code>arn:aws:acm:region:account:certificate\/...<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/ssl-policy<\/code><\/td><td>SSL negotiation policy for HTTPS.<\/td><td><code>ELBSecurityPolicy-2016-08<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/backend-protocol<\/code><\/td><td>Protocol from ALB \u2192 target.<\/td><td><code>HTTP<\/code>, <code>HTTPS<\/code>, <code>GRPC<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/actions.&lt;action-name&gt;<\/code><\/td><td>Defines custom actions (redirects, fixed responses).<\/td><td><code>{\"Type\":\"redirect\",\"RedirectConfig\":{...}}<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/load-balancer-attributes<\/code><\/td><td>Extra LB attributes.<\/td><td><code>idle_timeout.timeout_seconds=60<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/waf-acl-arn<\/code><\/td><td>Attach AWS WAF ACL to ALB.<\/td><td><code>arn:aws:wafv2:...<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/security-groups<\/code><\/td><td>Assign security groups to ALB.<\/td><td><code>sg-12345,sg-67890<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/subnets<\/code><\/td><td>Place ALB in specific subnets.<\/td><td><code>subnet-aaa,subnet-bbb<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/target-group-attributes<\/code><\/td><td>Extra target group attributes.<\/td><td><code>deregistration_delay.timeout_seconds=30<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/manage-backend-security-group-rules<\/code><\/td><td>Controls whether controller manages SG rules for targets.<\/td><td><code>true<\/code>, <code>false<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/load-balancer-name<\/code><\/td><td>Custom ALB name (instead of auto-generated).<\/td><td><code>my-app-alb<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/inbound-cidrs<\/code><\/td><td>Restrict inbound traffic to CIDRs.<\/td><td><code>0.0.0.0\/0,::\/0<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/conditions.&lt;svc-name&gt;<\/code><\/td><td>Advanced routing based on headers, query params.<\/td><td><code>[{ \"field\":\"http-header\", \"httpHeaderConfig\":{...} }]<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/auth-type<\/code><\/td><td>Enable authentication at ALB.<\/td><td><code>cognito<\/code>, <code>oidc<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/auth-idp-cognito<\/code><\/td><td>Define Cognito IdP config.<\/td><td>JSON object<\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/auth-idp-oidc<\/code><\/td><td>Define OIDC IdP config.<\/td><td>JSON object<\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/auth-scope<\/code><\/td><td>Scopes for OIDC.<\/td><td><code>openid,email<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/auth-session-cookie<\/code><\/td><td>Cookie name for session stickiness.<\/td><td><code>AWSELBAuthSessionCookie<\/code><\/td><\/tr><tr><td><code>alb.ingress.kubernetes.io\/auth-session-timeout<\/code><\/td><td>Auth session timeout in seconds.<\/td><td><code>3600<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">\u26a1 Key Points<\/h1>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Kubernetes-native<\/strong>:\n<ul class=\"wp-block-list\">\n<li><code>kubernetes.io\/ingress.class<\/code> (legacy)<\/li>\n\n\n\n<li><code>spec.ingressClassName<\/code> (preferred since v1.18).<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>AWS ALB-specific<\/strong>:\n<ul class=\"wp-block-list\">\n<li>All annotations prefixed with <code>alb.ingress.kubernetes.io\/...<\/code>.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Grouping<\/strong>:\n<ul class=\"wp-block-list\">\n<li><strong>Networking<\/strong>: <code>scheme<\/code>, <code>ip-address-type<\/code>, <code>subnets<\/code>, <code>security-groups<\/code>.<\/li>\n\n\n\n<li><strong>Routing<\/strong>: <code>listen-ports<\/code>, <code>backend-protocol<\/code>, <code>conditions.*<\/code>, <code>actions.*<\/code>.<\/li>\n\n\n\n<li><strong>Health checks<\/strong>: all <code>healthcheck-*<\/code>.<\/li>\n\n\n\n<li><strong>Security<\/strong>: <code>waf-acl-arn<\/code>, <code>inbound-cidrs<\/code>, <code>auth-*<\/code>.<\/li>\n\n\n\n<li><strong>Performance \/ Ops<\/strong>: <code>load-balancer-attributes<\/code>, <code>target-group-attributes<\/code>.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>1. Understanding the Role of Each Resource IngressClassParams A Custom Resource Definition (CRD) used with the AWS Load Balancer Controller. It defines AWS-specific settings for your ALB\u2014like scheme (internet-facing\/internal), IP&#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[2],"tags":[],"class_list":["post-52591","post","type-post","status-publish","format-standard","hentry","category-uncategorised"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/52591","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=52591"}],"version-history":[{"count":3,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/52591\/revisions"}],"predecessor-version":[{"id":52594,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/52591\/revisions\/52594"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=52591"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=52591"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=52591"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}