3

I'm using Traefik as a load balancer and I'm trying to write a health check, which will monitor servers within the load balancer service.

I have multiple Traefik instances in different locations and a CDN. I need to configure the CDN to check the health of Traefik service to route traffic to.

Example:

Global CDN ----> Traefik 1
                            ---> Backend A
                            ---> Backend B
           ----> Traefik 2
                            ---> Backend C
                            ---> Backend D

I want to check the service has healthy backends. Checking the status/health of the Traefik instance itself is not enough.

Filip
  • 41
  • 1
  • 5
  • 1
    Traefik can automatically remove/recover services to the load balancer pool per the healthcheck. You may be able to check their load balancer or health status using the service APIs: `/api/http/services` and `/api/http/services/{name}`. The API response information isn't provided in the docs so it may be necessary to execute an API call to see if it has the information you desire. Read more here, including security concerns: https://doc.traefik.io/traefik/operations/api/ . – Grokify Jun 20 '22 at 20:04
  • 1
    > Traefik can automatically remove/recover services to the load balancer pool per the healthcheck. True, but in multi-level load balancing the first load balancer (CDN in this case) needs to detect second-level load balancers (Traefik) that have empty pools and stop sending requests there. – Jindra Jun 21 '22 at 08:37
  • 1
    Agree @Jindra - This is what the question seems to be about. If the Traefik APIs can indicate which services are active in the pool (if any), the APIs could be used to provide information to direct traffic away from the Traefik instance without operational services. – Grokify Jun 21 '22 at 15:12

1 Answers1

2

You've tagged fastly so I'm presuming Fastly is the CDN you're using.

I'm responding specifically to the question:

I want to check the service has healthy backends. Checking the status/health of the Traefik instance itself is not enough.

Although I would expect Traefik to handle health check monitoring of its own backends, you could setup a health check for those backends within the CDN.

Here is an example, where I define two backends:

  • Traefik Backend (e.g. Backend A, Backend B etc)
  • Traefik Proxy (e.g. Traefik 1, Traffic 2 etc)

enter image description here

You also can see in the above image that I've added a health check to "Traefik Backend".

Below is some custom VCL that sets "Traefik Proxy" as the backend the CDN should send all incoming requests onto. It then checks if "Traefik Backend" is healthy, and if it isn't, then you can write whatever custom VCL is necessary to indicate that to the "Traefik Proxy" backend.

sub vcl_recv {
  #FASTLY recv
  
  // If there are multiple backends, then Fastly
  // will determine the backend dynamically.
  // So I set it explicitly to the Traefik proxy.
  set req.backend = F_Traefik_Proxy;
  
  // If the backend, that the Traefik proxy is calling, is unhealthy,
  // then do something else.
  if (!backend.F_Traefik_Backend.healthy) {
    // e.g. set a header for the Traefik proxy
  }
  
  return(lookup);
}

Here are some references that might be useful to you:

Integralist
  • 495
  • 3
  • 7
  • This would work, but with some caveats. First it requires the backends to be accessible directy via internet and not hidden behind Traefik which for example can do mTLS. Second Fastly will ping from multiple locations and that can generate not negligible load on small applications. – Jindra Jun 28 '22 at 06:58