1

I've read documentation of kubernetes annotations.

But I couldn't find basic example about using this annotations. For Example;

I have a deployment yaml like below:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  annotations:
    test_value: "test"
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.13
        ports:
        - containerPort: 80

How can I use this annotation named test_value and where.

Best Regards...

Improve this question

4 Answers 4

Reset to default
3

Just as Labels, Annotations are key-value pairs which represent metadata that is attached to a Kubernetes object. But contrary to Labels, which are internally utilized to find a collection of objects which satisfy specific conditions, the purpose of Annotations is simply to attach relevant metadata, which should not be used as a filter to identify those objects.

What if we wanted to describe whose person was responsible for generating a specific .yaml file?

We could attach such information to the Kubernetes's object, so that when we need to know who created such object, we can simply run kubectl describe ...

Another useful example, could be to add an annotation to a Deployment before a rollout, explaining what modifications occurred on the new version of the Deployment object. That information could be retrieved later while checking the history of your deployment versions.

But as you have realized with the Ingress example, with Annotations we can also perform advanced configuration on such objects. This is not limited only to Ingress, and for instance you can also provide configuration for running Prometheus on a Kubernetes cluster. You can check the details here.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Deoloyment is a good example to start understanding it. Thanks
1

As mentioned in Kubernetes Documentation, labels have a limited purpose of selecting objects and finding collections of objects that satisfy certain conditions. That put some limitation on the information you can store in labels. (Valid label values must be 63 characters or less and must be empty or begin and end with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores (_), dots (.), and alphanumerics between.)

However, annotations are not used to filter objects, so, you can put in annotation big/small structured/unstructured data that can contain characters, you’re not permitted to use in labels. Tools and libraries can retrieve annotations and use it to add some features to your cluster.

Here are some examples of information that could be recorded in annotations:

  • Fields managed by a declarative configuration layer. Attaching these fields as annotations distinguishes them from default values set by clients or servers, and from auto-generated fields and fields set by auto-sizing or auto-scaling systems.

  • Build, release, or image information like timestamps, release IDs, git branch, PR numbers, image hashes, and registry address.

  • Pointers to logging, monitoring, analytics, or audit repositories.

  • Client library or tool information that can be used for debugging purposes: for example, name, version, and build information.

  • User or tool/system provenance information, such as URLs of related objects from other ecosystem components.

  • Lightweight rollout tool metadata: for example, config or checkpoints.

  • Phone or pager numbers of persons responsible, or directory entries that specify where that information can be found, such as a team website.

  • Options for Ingress object, (nginx,gce)

Improve this answer

Comments

1

Well, you are right Annotations is like Labels. But I saw that We could customize to config with Annotations for example:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: cafe-ingress-with-annotations
  annotations:
    nginx.org/proxy-connect-timeout: "30s"
    nginx.org/proxy-read-timeout: "20s"
    nginx.org/client-max-body-size: "4m"
spec:
  rules:
  - host: cafe.example.com
    http:
      paths:
      - path: /tea
        backend:
          serviceName: tea-svc
          servicePort: 80
      - path: /coffee
        backend:
          serviceName: coffee-svc
          servicePort: 80

Nginx config can customize according to given Annotation. So how to do this. I couldn't find a tutorial.

Improve this answer

Comments

0

I'll first give some background regarding annotations.

Annotations Vs Labels

Annotations are quiet different then labels.

Labels:
You use labels to group resources that you want to refer as a whole.
For example pods with the app=run, env=staging could be exposed by a service with a label selector that matches those labels or managed by a deployment or a daemon set.

Annotations:
Annotations have a few different usages like providing description and adding support for fields that are not part of the K8S API.
While labels should be short, annotations can contain much larger sets of data and can reach up to 256KB.

Annotations use cases examples

You can see below a few examples of how annotations are being used by the various providers / tools that interacts with your cluster.

1 ) Used internally by K8S - below are the annotations that are added to the API-server pod:

kubernetes.io/config.hash: 7c3646d2bcee38ee7dfb851711571ba3
kubernetes.io/config.mirror: 7c3646d2bcee38ee7dfb851711571ba3
kubernetes.io/config.seen: "2020-10-22T01:26:12.671011852+03:00"
kubernetes.io/config.source: file

2 ) If you provision a cluster with - this will be added to the API-server pod:

annotations: 
    kubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint: 10.246.38.137:6443

3 ) If you run on you can see that the following annotation is added to your workloads - this is for backward compatibility - read more in here):

  annotations:
    kubernetes.io/psp: eks.privileged

4 ) There are cases when 3rd party tools like aws-alb-ingress-controller that requires you to pass (mandatory) configuration via annotations (because those fields are not supported by the K8S api):

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: aws-alb-ingress
  namespace: default
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Role=Backend , Environment=prod , Name=eros-ingress-alb
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80},{"HTTPS": 443}]'
    alb.ingress.kubernetes.io/security-groups : sg-0e3455g455        
    alb.ingress.kubernetes.io/backend-protocol : HTTP
    alb.ingress.kubernetes.io/target-type: instance 
    alb.ingress.kubernetes.io/healthcheck-path: 
    alb.ingress.kubernetes.io/success-codes: "200" 
    alb.ingress.kubernetes.io/certificate-arn:

In your case

Ask yourself what is the reason for adding the annotations.
Then make sure you use a unique prefix for your key in order to avoid collusions.

If you're not sure how to add an annotation to a yaml you can add it manually:

$kubectl annotate pod <pod-name> unique.prefix/for-my-key="value"

And then run $kubectl get po <pod-name> -o yaml to view the annotation that you added manually and copy the yaml to your VCS.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.