Services
The service resource allows you to define and manage services that can be used by machines or by the public internet. Services are independent of the machine lifecycle, so they can be created, updated, and deleted without affecting the machines that use them.
If you want to know how to deploy a a service Building and Deploying > Deploying.
Configuration​
| Property | Type | Required |
|---|---|---|
namespace | string | |
name | string | ✓ |
tags | array<string> | |
bind | object | ✓ |
target | object | ✓ |
If you want to know more about namespaces, check Building and Deploying > Namespaces
Name​
The name is the unique identifier for your service within a namespace.
Validation:
- It must start with a letter
- Can contain alphanumeric characters
- Can contain
-(underscore) and_(hyphen) - Can contain multiple consecutive
_(underscore) - Cannot contain multiple consecutive
-(hyphen)
service:
name: terminator-service
Tags​
Tags are used to organize and categorize resources. They can be any valid UTF-8 string and can be used to filter resources in the Web Console.
service:
tags:
- terminator
Bindings​
It defines how the service is exposed. It can be either internal or external.
Internal​
It exposes the service only internally on the tenant. It is used for inter-machine communication.
| Property | Type | Default |
|---|---|---|
port | int (min: 0 max: 65535) | The target port |
service:
bind:
internal: {}
In order to access the service within a machine you need to use the following http url:
http://<service>.<namespace>.svc.lttle.local:<port>
If you want to define a specific port you can do it like this:
service:
namespace: robot
name: terminator-service
bind:
internal:
port: 8080
And the URL will be:
http://terminator-service.robot.svc.lttle.local:8080
All services are scoped within a tenant and you can only access services within the same tenant.
External​
It exposes the service to the public internet. It is used to expose services that need to be accessed from outside the tenant.
| Property | Type | Default | Required |
|---|---|---|---|
port | int (min: 0 max: 65535) | The target port | ✓ |
host | string | ✓ | |
protocol | http | https | tls | ✓ |
Port​
The port property defines the port on which the service will be exposed.
service:
bind:
external:
port: 8080
Host​
The host property defines the hostname that will be used to access the service. It must be a valid fully qualified domain name (FQDN).
service:
bind:
external:
host: robot-<tenant>.eu.lttle.host
It can also be on a custom domain that you own:
service:
bind:
external:
host: robot.com
Using a custom domain requires you to both configure the DNS records accordingly and to also validate the domain ownership. Check Domains and DNS for more information.
Protocol​
States what outbound protocol the service is using. It can be either http, https or tls.
service:
bind:
external:
protocol: https
Target​
It defines what machine the service is pointing to.
| Property | Type | Required | Default |
|---|---|---|---|
namespace | string | ||
name | string | ✓ | |
port | int (min: 0, max: 65535) | ✓ | |
protocol | http | https | tls | ✓ | |
connection-tracking | connection-aware | object | connection-aware |
Port​
The port property defines the port on which the target machine is listening.
service:
target:
port: 8080
Connection Tracking​
There are two types of connection tracking: connection-aware and traffic-aware.
Connection Aware​
This is the default connection tracking strategy. It keeps the machine ready as long as there is an active connection to the service.
service:
target:
connection-tracking: connection-aware
References:
- [RFC 793] Transmission Control Protocol | Establishing a connection
- [RFC 793] Transmission Control Protocol | Closing a connection
- [RFC 2616] Hypertext Transfer Protocol -- HTTP/1.1 | Persistent Connections
- [RFC 7540] Hypertext Transfer Protocol Version 2 (HTTP/2) | Connection Management
Traffic Aware​
This connection tracking strategy keeps the machine ready as long as there is traffic to the service. It is useful for workloads that do not use persistent connections, such as HTTP/1.1 without keep-alive.
Domains and DNS​
For development, research and testing feel free to use the eu.lttle.host sub-domain. For production workloads, you should use your own domain and configure the DNS records accordingly.
We are maintaining the eu.lttle.host sub-domain and you can use it for free. We are using a wildcard certificate for it, so you don't need to worry about certificates during the early stages of your project.
If you want to use https or tls with your custom domain, you also need to create a certificate resource with the same domain. This resource will configure TLS termination with a valid certificate matching your domain.
Configure DNS​
To configure your own domain for production workloads, you need to set up the DNS records to point to your services. This typically involves creating A records in your DNS provider's management console.
Use this IP address for the A records depending on the region you are using:
| Region | IP Address |
|---|---|
eu (Europe) | 46.105.65.138 |
Here is how you can set it up in cloudflare: Cloudflare | Manage DNS records.
DNS Validation​
Waiting for LTT-41 | Domain ownership validation