GKE Ingress will only set the default health check on second port

5/29/2020

I have a container on GKE exposing two ports. I created a L7 LB on GCP with my Ingress on the first port and GCP accepts the readiness check as the health check. For the second port GCP sets its default health check, which will fail in my case, and there is no way to modify this after creation because it is always reverted.

  1. 8081 - GCP accepts this readiness probe and it is created correctly
  2. 8082 - GCP sets the default check "/" and it fails.

Is there any way to set the second health check?

Ingress

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: app-ingress
  namespace: myappnamespace
  annotations:
    kubernetes.io/ingress.global-static-ip-name: global-static-ip-name
  labels:
    app: appname
spec:
  backend:
    serviceName: ui-service
    servicePort: 8081
  tls:
  - hosts:
    - my-host-name.com
    secretName: my-secret
  rules:
  - host: my-host-name.com
    http:
      paths:
        - backend:
            serviceName: ui-service
            servicePort: 8081
  - host: my-host-name.com
    http:
      paths:
        - backend:
            serviceName: app-service
            servicePort: 8082

Services

    ---
apiVersion: v1
kind: Service
metadata:
  labels:
    name: ui-service
  name: ui-service
  namespace: myappnamespace
  annotations:
    cloud.google.com/app-protocols: '{"ui-https":"HTTPS"}'
    beta.cloud.google.com/backend-config: '{"ports":{"8081":"cloud-armor"}}'
spec:
  selector:
      app: appname
  ports:
  - name: ui-https
    port: 8081
    targetPort: "ui"
    protocol: "TCP"
  selector:
    name: appname
  type: NodePort
---
apiVersion: v1
kind: Service
metadata:
  labels:
    name: app-service
  name: app-service
  namespace: myappnamespace
  annotations:
    cloud.google.com/app-protocols: '{"serviceport-https":"HTTPS"}'
    beta.cloud.google.com/backend-config: '{"ports":{"8082":"cloud-armor"}}'
spec:
  selector:
      app: appname
  ports:
  - name: serviceport-https
    port: 8082
    targetPort: "service-port"
    protocol: "TCP"
  selector:
    name: appname
  type: NodePort
---

Deployment

    apiVersion: apps/v1
kind: Deployment
metadata:
    name: appname
    namespace: myappnamespace
    labels:
        name: appname
spec:
    replicas:1
    selector:
        matchLabels:
            name: appname
    strategy:
        type: Recreate
    template:
        metadata:
            name: appname
            namespace: appnamespace
            labels:
                name: appname
        spec:
            restartPolicy: Always
            serviceAccountName: myserviceaccount
            containers:
            - name: my-container
              image: image
              ports:
              - name: service-port
                containerPort: 8082
              - name: ui
                containerPort: 8081
              readinessProbe:
              failureThreshold: 3
              httpGet:
               path: /api/health
                 port: 8081
                 scheme: HTTPS
        livenessProbe:
          exec:
            command:
              - cat
              - /version.txt
        [......]
-- rubio
google-cloud-platform
google-kubernetes-engine
kubernetes-ingress

0 Answers