I have cluster on GKE with expose of loadbalancer type service. to add SSL, I create service NODE PORT and add ingress to it. I have done this many time and it works. but in this case, ingress show the GCP load balancer as unhealthy. If I edit the GCP load balancer, to use the health check created by the GKE LoadBalacner service, it then start to work and I can browser the ingress service. But as soon as I switch it back to the health check created by the Ingress service it will start failing again. I thougt maybe it is firewall issue so I added allow all protocols for the Internet which did not help. How do I get the ingress to work?
Asked
Active
Viewed 669 times
0
-
If you were formerly able to add an ingress to a nodeport service, what have you done differently this time. Is it that the configuration has just suddenly stopped working? Can you be more specific with the issue by providing error messages? – Milad Tabrizi Dec 06 '19 at 19:07
-
I came across a post on [Stackoverflow thread](https://stackoverflow.com/questions/58707357/google-kubernetes-ingress-health-check-always-failing) that may be of help. – Digil Dec 09 '19 at 15:35
1 Answers
0
I have managed to resolve this issue: The legacy health check that was created on ingress did not care about the response from health check as long as there is a response. The new health check is making GET request to root path and want to be responded with 2xx status. but my site is replying with 302 for login if you do not have a cookie which renders the health check as unhealthy. Adding a probe to the workload container spec with correct path for health check and containerport (must) will generate the correct health check. Notice that if you add them to existing pods, you need to recreate the ingress as it will not update.