# Kubernetes Service Templates

---
# Template 1: ClusterIP Service (Internal Only)
apiVersion: v1
kind: Service
metadata:
  name: <app-name>
  namespace: <namespace>
  labels:
    app.kubernetes.io/name: <app-name>
    app.kubernetes.io/instance: <instance-name>
  annotations:
    description: "Internal service for <app-name>"
spec:
  type: ClusterIP
  selector:
    app.kubernetes.io/name: <app-name>
    app.kubernetes.io/instance: <instance-name>
  ports:
  - name: http
    port: 80
    targetPort: http  # Named port from container
    protocol: TCP
  sessionAffinity: None

---
# Template 2: LoadBalancer Service (External Access)
apiVersion: v1
kind: Service
metadata:
  name: <app-name>-lb
  namespace: <namespace>
  labels:
    app.kubernetes.io/name: <app-name>
  annotations:
    # AWS NLB annotations
    service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
    service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"
    service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
    # SSL certificate (optional)
    # service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:..."
spec:
  type: LoadBalancer
  externalTrafficPolicy: Local  # Preserves client IP
  selector:
    app.kubernetes.io/name: <app-name>
  ports:
  - name: http
    port: 80
    targetPort: http
    protocol: TCP
  - name: https
    port: 443
    targetPort: https
    protocol: TCP
  # Restrict access to specific IPs (optional)
  # loadBalancerSourceRanges:
  # - 203.0.113.0/24

---
# Template 3: NodePort Service (Direct Node Access)
apiVersion: v1
kind: Service
metadata:
  name: <app-name>-np
  namespace: <namespace>
  labels:
    app.kubernetes.io/name: <app-name>
spec:
  type: NodePort
  selector:
    app.kubernetes.io/name: <app-name>
  ports:
  - name: http
    port: 80
    targetPort: 8080
    nodePort: 30080  # Optional, 30000-32767 range
    protocol: TCP

---
# Template 4: Headless Service (StatefulSet)
apiVersion: v1
kind: Service
metadata:
  name: <app-name>-headless
  namespace: <namespace>
  labels:
    app.kubernetes.io/name: <app-name>
spec:
  clusterIP: None  # Headless
  selector:
    app.kubernetes.io/name: <app-name>
  ports:
  - name: client
    port: 9042
    targetPort: 9042
  publishNotReadyAddresses: true  # Include not-ready pods in DNS

---
# Template 5: Multi-Port Service with Metrics
apiVersion: v1
kind: Service
metadata:
  name: <app-name>-multi
  namespace: <namespace>
  labels:
    app.kubernetes.io/name: <app-name>
  annotations:
    prometheus.io/scrape: "true"
    prometheus.io/port: "9090"
    prometheus.io/path: "/metrics"
spec:
  type: ClusterIP
  selector:
    app.kubernetes.io/name: <app-name>
  ports:
  - name: http
    port: 80
    targetPort: 8080
    protocol: TCP
  - name: https
    port: 443
    targetPort: 8443
    protocol: TCP
  - name: grpc
    port: 9090
    targetPort: 9090
    protocol: TCP
  - name: metrics
    port: 9091
    targetPort: 9091
    protocol: TCP

---
# Template 6: Service with Session Affinity
apiVersion: v1
kind: Service
metadata:
  name: <app-name>-sticky
  namespace: <namespace>
  labels:
    app.kubernetes.io/name: <app-name>
spec:
  type: ClusterIP
  selector:
    app.kubernetes.io/name: <app-name>
  ports:
  - name: http
    port: 80
    targetPort: 8080
    protocol: TCP
  sessionAffinity: ClientIP
  sessionAffinityConfig:
    clientIP:
      timeoutSeconds: 10800  # 3 hours

---
# Template 7: ExternalName Service (External Service Mapping)
apiVersion: v1
kind: Service
metadata:
  name: external-db
  namespace: <namespace>
spec:
  type: ExternalName
  externalName: db.example.com
  ports:
  - port: 5432
    targetPort: 5432
    protocol: TCP