Introduction

Objectifs

Prérequis

Ma configuration

Conclusion

En rapport avec cet article

Liens utile

• https://medium.com/@sangjinn/kubernetes-annotations-e61b19effdf9
• https://medium.com/@extio/understanding-kubernetes-annotations-enhancing-flexibility-and-extensibility-8f9046591aa1

What are Kubernetes Annotations?

What is annotation in Kubernetes?
Annotations in Kubernetes (K8s) are metadata used to express additional information related to a resource or object.

Annotations consist of key-value pairs, each pair used to describe the resource’s metadata or provide additional information. For example, it can be used to record a resource’s creator, version, change history, relationship to a particular component, and so on.

When to use Annotations?
​Annotations can be applied to a variety of Kubernetes resources, and are typically used for resources such as Pods, Services, Deployments, and Ingresses.

​The users of Kubernetes clusters are free to define and use Annotations, and they are usually customized for specific use cases or management needs.

For example, here is a YAML example specifying Annotations for Pods.apiVersion: v1
kind: Pod
metadata:
name: my-pod
annotations:
key1: value1
key2: value2
spec:
# The spec fields of the pod

Annotations are used as annotations, tags, or metadata in Kubernetes, and can be used to leave additional information about resource details or to integrate with external systems.

Leveraging annotations for integration with external systems means that they can be used to interact with external tools or systems that manage or monitor Kubernetes resources.

​Kubernetes provides various APIs and mechanisms to integrate with many developer and operator tools, monitoring systems, logging systems, CI/CD pipelines, and more. Annotations can be useful for integration with these external systems.

Real examples
​For example, consider the following scenario. A developer has done some work to make a functional change to a particular pod, and when that work is done, they want to automatically run tests and deployments through a CI/CD pipeline.

At this time, the developer can deliver the changes to the external CI/CD system by updating the annotation of the corresponding Pod. CI/CD systems can check the annotations and start automated testing and deployment processes accordingly.

Another example is integration with monitoring systems. You can use annotations to configure monitoring notifications for specific resources, or display specific annotation values ​​in the monitoring dashboard.

This allows developers or operators to see additional information about their Kubernetes resources and enhance their interaction with the monitoring system. In summary, you can use annotations to build integrations with external systems for Kubernetes resources, which can be useful in various management and operational aspects such as automation, monitoring, logging, and security.

Let’s look at a yaml example. The following creates a pod with Annotation defined. I used LKE(Linode Kubernetes Engine) for quick implementation.apiVersion: v1
kind: Pod
metadata:
name: annotations-demo
annotations:
imageregistry: "https://hub.docker.com/"
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80

After creating the pod, look at the pod information in yaml format.apiVersion: v1
kind: Pod
metadata:
annotations:
cni.projectcalico.org/containerID: 0ab80d898468c9cbc235c873eb05470c551666392f268a8add44844773b3bbd8
cni.projectcalico.org/podIP: 10.2.1.11/32
cni.projectcalico.org/podIPs: 10.2.1.11/32
imageregistry: https://hub.docker.com/
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{"imageregistry":"https://hub.docker.com/"},"name":"annotations-demo","namespace":"default"},"spec":{"containers":[{"image":"nginx:1.14.2","name":"nginx","ports":[{"containerPort":80}]}]}}
creationTimestamp: "2023-05-21T00:48:19Z"
name: annotations-demo

The Annotations retrieved in the YAML example above contain the following key-value pairs:

1. `cni.projectcalico.org/containerID`:
The container identifier for that Pod. This value can be used to identify containers managed by the Calico network plugin.

​2. `cni.projectcalico.org/podIP`:
The IP address of the Pod. The Calico network plugin uses this value to record the IP address assigned to the Pod.

3. `cni.projectcalico.org/podIPs`:
IP address of the corresponding Pod. The Calico network plugin is used to record IP addresses assigned to Pods.

4. `imageregistry`:
Manually added value. This can be used to indicate which registry the images used by that pod are coming from.

5. `kubectl.kubernetes.io/last-applied-configuration`:
Value to record the last applied configuration. This can be used to track or debug how the configuration of that pod has changed.

These Annotations can be used primarily to interact with Calico network plugins and various features of the Kubernetes cluster. For example, Calico is used to provide network policies, security features, IP address management, etc., and related information can be stored in Annotations. In addition, information such as image registry URLs or configuration change history can be included in Annotations to be used for cluster management and debugging.

In addition to the imageregistry key defined in YAML, the annotations field already contains other values.

In general, Annotations are not created automatically when you create a Pod in Kubernetes. Annotations are metadata that you define and add yourself. Therefore, when creating a new Pod, the Annotations field is empty by default.

​However, Annotations can also be automatically generated in certain situations. For example, some Kubernetes management tools or controllers generate and use Annotations themselves. These tools or controllers can utilize Annotations to facilitate the management of pods or to support specific tasks.

For example, Kubernetes’ Horizontal Pod Autoscaler (HPA) works with Metrics Server to automatically scale the number of managed Pods. HPA can use annotations to track the information of coordinated pods. HPA updates the Pod’s Annotations field to maintain information such as the current scaling state, the number of pods that have been tuned, and so on.

Another example is Kubernetes’ event management mechanism. Events that occur in the Kubernetes cluster are used to track state changes or problems in the cluster. Event information can be automatically recorded in the Annotations field of each resource. Through this, event management tools or monitoring systems can check and analyze the event records of resources through Annotations.

What are the similarities and differences between Annotations and Labels?
Annotations and Labels are both key-value pairs used to attach metadata to Kubernetes objects like pods, services, and deployments. While they serve a similar purpose, there are some differences between annotations and labels.

Labels are primarily used for identifying and grouping resources within Kubernetes, while annotations are used to attach arbitrary metadata for external tools and systems to leverage. Labels have semantic meaning and are used by Kubernetes itself, whereas annotations are treated as opaque strings and have no impact on Kubernetes’ internal operations.

Labels are for Kubernetes, while annotations are for humans!

---

Introduction

In the world of container orchestration, Kubernetes has emerged as a leading platform that enables efficient management and scaling of applications. With its vast array of features and extensibility, Kubernetes provides numerous mechanisms to enhance the control and behavior of applications. One such powerful mechanism is the use of annotations. In this blog post, we will delve into Kubernetes annotations, exploring what they are, how they work, and how they can be leveraged to unlock additional flexibility and extensibility within your Kubernetes environment.

What Are Kubernetes Annotations?

In Kubernetes, annotations are key-value pairs that can be attached to various resources, such as pods, services, deployments, or ingresses. Unlike labels, which are primarily used for identification and grouping, annotations provide additional information about resources. They are intended to be used for metadata, documentation, and other non-identifying purposes. Annotations can be added to Kubernetes resources during their creation or modified later as needed.

Key Benefits of Using Annotations

1. Metadata and Documentation: Annotations offer a way to attach additional information to Kubernetes resources, serving as a form of metadata. They can be utilized to provide insights into the purpose, version, or other descriptive details of resources. Moreover, annotations can be used to add documentation or comments about specific configurations or settings, making it easier for administrators and developers to understand and maintain the system.
2. Extensibility and Customization: Kubernetes provides a vast set of built-in functionality, but there are scenarios where you might need to extend or customize the behavior of the platform. Annotations offer a simple and effective mechanism for achieving this. By leveraging annotations, you can introduce custom logic or enable third-party tools to interact with your resources. This flexibility allows you to tailor Kubernetes to meet your specific requirements without modifying the core Kubernetes codebase.
3. Tooling and Automation: Annotations provide a means to communicate information between Kubernetes resources and external tools or automation scripts. You can use annotations to instruct external systems or controllers on how to handle or process your resources. This opens up possibilities for integrating Kubernetes with various tools and workflows, enabling streamlined operations and enhancing automation capabilities.
4. Collaboration and Communication: Annotations can serve as a form of communication between different teams or stakeholders involved in managing Kubernetes resources. By attaching relevant information or instructions to resources, annotations facilitate effective collaboration and reduce the chances of miscommunication. This becomes particularly valuable in complex multi-team environments where different parties may have varying responsibilities or requirements.

Examples of Annotation Usage

1. Deployment Strategy: Annotations can be used to define deployment strategies for Kubernetes deployments. For instance, you can attach an annotation specifying the rollout strategy (e.g., blue/green, canary) to control how the deployment is performed.
2. Monitoring and Observability: Annotations can be employed to specify monitoring and observability configurations for pods or services. For example, you can attach annotations that define which metrics to collect, the monitoring tool to use, or any specific alerts that should be triggered.
3. Integration with External Systems: Annotations can be used to establish connections and integrations with external systems or services. For instance, you can attach annotations that provide authentication details or configuration settings required by external tools to interact with your resources.

Example

Here are a few examples of Kubernetes annotations and their specifications:

1. Deployment Strategy:
   Annotation: deployment.kubernetes.io/strategy
   Specification: This annotation can be used to define the deployment strategy for a Kubernetes Deployment. It allows you to specify the rollout strategy, such as "Recreate" (default), "RollingUpdate", "Canary", or "BlueGreen".
   For example:

apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
annotations:
deployment.kubernetes.io/strategy: RollingUpdate
spec:
...

2. Monitoring and Observability:
Annotation: prometheus.io/scrape
Specification: This annotation is used to configure Prometheus scraping for a specific pod. It indicates whether the pod should be scraped by Prometheus for metrics collection. The value can be set to "true" or "false". For example:apiVersion: v1
kind: Pod
metadata:
name: my-app
annotations:
prometheus.io/scrape: "true"
spec:
...

3. Integration with External Systems:
Annotation: external-dns.alpha.kubernetes.io/hostname
Specification: This annotation is used to specify the hostname to be associated with a Kubernetes service when using external DNS services. It is often used in conjunction with Ingress resources to map a domain name to the service.
For example:apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-app
annotations:
external-dns.alpha.kubernetes.io/hostname: example.com
spec:
...

4. Sidecar Injection:
Annotation: sidecar.istio.io/inject
Specification: This annotation is used with Istio service mesh to enable automatic sidecar injection into a pod. It instructs Istio to inject the necessary sidecar container to enable advanced networking features and observability. The value can be set to "true" or "false".
For example:apiVersion: v1
kind: Pod
metadata:
name: my-app
annotations:
sidecar.istio.io/inject: "true"
spec:
...

These examples showcase how annotations can be used to add specific functionality or configurations to Kubernetes resources, allowing for greater customization and integration with external systems or tools. Remember, the specific annotations and their interpretations can vary depending on the Kubernetes platform or the custom controllers you are using.

Conclusion

Kubernetes annotations offer a powerful mechanism to enhance flexibility, extensibility, and control within your Kubernetes environment. By leveraging annotations, you can add metadata, customize behavior, integrate with external systems, and facilitate collaboration. As you dive deeper into Kubernetes, don’t overlook the potential of annotations as a valuable tool in your orchestration toolbox. Harness their capabilities and unlock new levels of efficiency and customization within your Kubernetes deployments.