0

On GKE, I have a deployment working fine, status running and health checks fine: here it is:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: erp-app
  labels:
    app: erp-app
    switch: app
spec:
  replicas: 1
  selector:
    matchLabels:
      app: erp-app
  template:
    metadata:
      labels:
        app: erp-app
    spec:
      containers:
        - name: erp-container
          # Extract this from Google Container Registry
          image: gcr.io/project/project:latest
          imagePullPolicy: Always
          env:
          ports:
            - containerPort: 8080
          livenessProbe:
            failureThreshold: 10
            httpGet:
              path: /
              port: 8080
              scheme: HTTP
            initialDelaySeconds: 150
            periodSeconds: 30
            successThreshold: 1
            timeoutSeconds: 30
          readinessProbe:
            failureThreshold: 10
            httpGet:
              path: /
              port: 8080
              scheme: HTTP
            initialDelaySeconds: 150
            periodSeconds: 30
            successThreshold: 1
            timeoutSeconds: 20

Then, I created a service to map ports 8080 to 80

apiVersion: v1
kind: Service
metadata:
    labels:
        app: erp-app
    name: erp-loadbalancer
spec:
    ports:
        - port: 80
          protocol: TCP
          targetPort: 8080
    selector:
        app: erp-app
    sessionAffinity: None
    type: NodePort

And then, GKE Ingress

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
    name: app-ingress
    annotations:
        networking.gke.io/managed-certificates: managed-cert
        kubernetes.io/ingress.class: "gce"
spec:
    defaultBackend:
        service:
            name: erp-loadbalancer
            port:
                number: 80

Things is, ingress does not want to work because backend healthcheck does not pass. If I check health check on gcloud (https://console.cloud.google.com/compute/healthChecks) I have created for http port 80 on / (on this path, app is serving a 200) If I force it to be tcp, then the health check pass. But google automatically switch it back to http, which leads to a 404.

My question here would be: what's wrong in my configuration for my server to be available with an external loadbalancer and not available when using an ingress ? (backend unhealthy state)

Antoine Xevlabs
  • 851
  • 1
  • 6
  • 20
  • 2
    I quite don't understand what you need. Which TCP or HTTP that you require to configure? Please sum up your need, Thank you. – Tim Chiang Mar 17 '22 at 01:02
  • Does this answer your question? [Why GKE Ingress controller gives 404 error](https://stackoverflow.com/questions/62296942/why-gke-ingress-controller-gives-404-error) – Alex G Mar 17 '22 at 13:06
  • @TimChiang I placed my question sorry. I need to configure an Ingress so that I can setup ssl certificates – Antoine Xevlabs Mar 17 '22 at 17:28
  • @AlexG unfortunatly not, in my case the ingress is not setup fine because it shows: backend unavailable – Antoine Xevlabs Mar 17 '22 at 17:29
  • You can consider the redinessProbe option as per this similar issue thread [1](https://stackoverflow.com/questions/39294305/kubernetes-unhealthy-ingress-backend) [2](https://cloud.google.com/kubernetes-engine/docs/concepts/ingress#interpreted_hc). Make sure that the readinessProbe is pointing to the same port that you expose to the Ingress. – Alex G Mar 23 '22 at 08:59

2 Answers2

1

ANSWER:

My page / was sending a 301 redirect to /login.jsp

301 is not a valid status code for GCP Health checks

So I changed it and my readinessProb to /login.jsp and that make the whole ingress working fine

Antoine Xevlabs
  • 851
  • 1
  • 6
  • 20
0

Cross sharing in case someone has the same issue:

https://stackoverflow.com/a/74564439/4547221

TL;DR GCP will automatically create the health checks based on readinessProbe, otherwise, root / is used.

Ahmed AbouZaid
  • 2,151
  • 1
  • 13
  • 9