Annotations

    You can use either labels or annotations to attach metadata to Kubernetes objects. Labels can be used to select objects and to find collections of objects that satisfy certain conditions. In contrast, annotations are not used to identify and select objects. The metadata in an annotation can be small or large, structured or unstructured, and can include characters not permitted by labels.

    Annotations, like labels, are key/value maps:

    Note: The keys and the values in the map must be strings. In other words, you cannot use numeric, boolean, list or other types for either the keys or the values.

    Here are some examples of information that could be recorded in annotations:

    • Fields managed by a declarative configuration layer. Attaching these fields as annotations distinguishes them from default values set by clients or servers, and from auto-generated fields and fields set by auto-sizing or auto-scaling systems.

    • Pointers to logging, monitoring, analytics, or audit repositories.

    • Client library or tool information that can be used for debugging purposes: for example, name, version, and build information.

    • Lightweight rollout tool metadata: for example, config or checkpoints.

    • Phone or pager numbers of persons responsible, or directory entries that specify where that information can be found, such as a team web site.

    Instead of using annotations, you could store this type of information in an external database or directory, but that would make it much harder to produce shared client libraries and tools for deployment, management, introspection, and the like.

    Annotations are key/value pairs. Valid annotation keys have two segments: an optional prefix and name, separated by a slash (). The name segment is required and must be 63 characters or less, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores (_), dots (.), and alphanumerics between. The prefix is optional. If specified, the prefix must be a DNS subdomain: a series of DNS labels separated by dots (.), not longer than 253 characters in total, followed by a slash (/).

    If the prefix is omitted, the annotation Key is presumed to be private to the user. Automated system components (e.g. kube-scheduler, kube-controller-manager, , kubectl, or other third-party automation) which add annotations to end-user objects must specify a prefix.

    The kubernetes.io/ and k8s.io/ prefixes are reserved for Kubernetes core components.

    For example, here’s the configuration file for a Pod that has the annotation imageregistry: https://hub.docker.com/ :

    2. apiVersion: v1
    3. kind: Pod
    4. metadata:
    5.   annotations:
    6.     imageregistry: "https://hub.docker.com/"
    7. spec:
    8.   containers:
    9.   - name: nginx
    10.     image: nginx:1.14.2
    11.     ports: