-
-
NetScaler GSLB controller for applications deployed in distributed Kubernetes clusters
-
-
Deploy NetScaler ingress controller with OpenShift router sharding support
-
Deploy NetScaler ingress controller using OpenShift Operator
-
Deploy NetScaler Observability Exporter using OpenShift Operator
-
Deploy NetScaler CPX as an Ingress in Azure Kubernetes Engine
-
Deploy NetScaler ingress controller in an Azure Kubernetes Service cluster with NetScaler VPX
-
Deploy NetScaler ingress controller for NetScaler with admin partitions
-
Multi-cloud and GSLB solution with Amazon EKS and Microsoft AKS clusters
-
-
SSL certificate for services of type LoadBalancer through the Kubernetes secret resource
-
BGP advertisement for type LoadBalancer services and Ingresses using NetScaler CPX
-
NetScaler CPX integration with MetalLB in layer 2 mode for on-premises Kubernetes clusters
-
Advanced content routing for Kubernetes Ingress using the HTTPRoute CRD
-
IP address management using the NetScaler IPAM controller for Ingress resources
-
Apply CRDs using annotations
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Apply CRDs through annotations
You can now apply CRDs such as Rewrite and Responder, Ratelimit, Auth, WAF, and Bot for ingress resources and services of type load balancer by referring them using annotations. Using this feature, when there are multiple services in an Ingress resource, you can apply the rewrite and responder policy for a specific service or all the services based on your requirements.
The following are the two benefits of this feature:
- You can apply a CRD at a per-ingress, per-service level. For example, the same service referred through an internal VIP may have different set of rewrite-responder policies compared to the one exposed outside.
- Operations team can create CRD instances without specifying the service names. The application developers can choose the right policies based on their requirements.
Note:
CRD instances should be created without service names.
Ingress annotation for referring CRDs
An Ingress resource can refer a Rewrite and Responder CRD directly using the ingress.citrix.com/rewrite-responder annotation.
The following are different ways of referring the rewrite-responder CRD using annotations.
-
You can apply the Rewrite and Responder CRD for all the services referred in the given ingress using the following format:
ingress.citrix.com/rewrite-responder_crd: <Rewritepolicy Custom-resoure-instance-name>
Example:
ingress.citrix.com/rewrite-responder_crd: "blockurlpolicy"
In this example, the Rewrite and Responder policy is applied for all the services referred in the given ingress.
-
You can apply the Rewrite and Responder CRD to a specified Kubernetes service in an Ingress resource using the following format:
ingress.citrix.com/rewrite-responder_crd: '{<Kubernetes-service-name>: <Rewritepolicy Custom-resoure-instance-name>}'Example:
ingress.citrix.com/rewrite-responder_crd: '{"frontendsvc": "blockurlpolicy", "backendsvc": "addresponseheaders"}'In this example, the rewrite policy
blockurlpolicyis applied on the traffic coming to thefrontendsvcservice and theaddresponseheaderspolicy is applied to thebackendsvcservice coming through the current ingress.
You can also apply the Auth, Bot, WAF, and Ratelimit CRDs using ingress annotations:
The following table explains the annotations and examples for Auth, Bot, WAF, and Ratelimit CRDs.
| Annotation | Examples | Description |
|---|---|---|
ingress.citrix.com/bot_crd |
ingress.citrix.com/bot_crd: '{"frontend": "botdefense"}' |
Applies the botdefense policy to the traffic incoming to the front-end service. |
ingress.citrix.com/auth_crd |
ingress.citrix.com/auth_crd: '{"frontend": "authexample"}' |
Applies the authexample policy to the front-end service. |
ingress.citrix.com/waf_crd |
ingress.citrix.com/waf_crd: "wafbasic" |
Applies the WAF policy wafbasic to all services in the Ingress |
ingress.citrix.com/ratelimit_crd |
ingress.citrix.com/ratelimit_crd: "throttlecoffeeperclientip" |
Applies the rate limit policy throttlecoffeeperclientip to all services in the Ingress. |
Service of type LoadBalancer annotation for referring Rewrite and Responder CRD
A service of type LoadBalancer can refer a Rewrite and Responder CRD using annotations.
The following is the format for the annotation:
service.citrix.com/rewrite-responder: <Rewritepolicy Custom-resoure-instance-name>
Share
Share
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.