I need to scrape a Prometheus exporter running in a pod. It runs on port 9098, the exporter is working fine and i can manually scrape it from the host it is running on. The issue is with the ingress. I am trying to get the ingress to allow outside scraping on port 9098 (it is http and TCP). Here is my ingress yaml.
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/balance-algorithm: roundrobin
ingress.kubernetes.io/maxconn-server: "10"
ingress.kubernetes.io/ssl-redirect: "false"
name: ingress-ecobee-exporter
namespace: monitoring
spec:
rules:
- host: mysupercool.domain.name
http:
paths:
- path: /
backend:
serviceName: ecobee-exporter-service
servicePort: 9098
I have specified port 9098 to work in the containers/ports section of my haproxy-ingress.yaml. And i can see the "load balancer" in the haproxy stats page, but the hosts never listen on port 9098 to redirect the traffic.
Thanks, Sean
HAProxy Ingress uses ingress objects to exposes http services in the bind configured port; doc here. The configured servicePort has the port name or number of the internal service, which does not reflect in the haproxy's listening ports. TLS's sni extension is used here to choose a certificate to start the handshake if using https. The http Host header is used to choose an ingress' hostname. That said, you should probably connect to the exporter using http://mysupercool.domain.name - provided that this domains resolves to your ingress and this is the only path matching / in this domain.
tcp-service on the other hand exposes any tcp based services, http/s included, on any arbitrary port number. There is no sni or Host header reading - this is a plain L4 TCP proxy. Special care should be taken here: haproxy won't complain if a port number is reused. In this case the kernel will load balance new requests between every conflicting port.