Search code examples
google-cloud-platformgoogle-kubernetes-enginegke-networking

GKE Ingress health check failed on ingress but succeed on Loadbalncer

On GKE, I have a deployment working fine, status running and health checks fine: here it is:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: erp-app
  labels:
    app: erp-app
    switch: app
spec:
  replicas: 1
  selector:
    matchLabels:
      app: erp-app
  template:
    metadata:
      labels:
        app: erp-app
    spec:
      containers:
        - name: erp-container
          # Extract this from Google Container Registry
          image: gcr.io/project/project:latest
          imagePullPolicy: Always
          env:
          ports:
            - containerPort: 8080
          livenessProbe:
            failureThreshold: 10
            httpGet:
              path: /
              port: 8080
              scheme: HTTP
            initialDelaySeconds: 150
            periodSeconds: 30
            successThreshold: 1
            timeoutSeconds: 30
          readinessProbe:
            failureThreshold: 10
            httpGet:
              path: /
              port: 8080
              scheme: HTTP
            initialDelaySeconds: 150
            periodSeconds: 30
            successThreshold: 1
            timeoutSeconds: 20

Then, I created a service to map ports 8080 to 80

apiVersion: v1
kind: Service
metadata:
    labels:
        app: erp-app
    name: erp-loadbalancer
spec:
    ports:
        - port: 80
          protocol: TCP
          targetPort: 8080
    selector:
        app: erp-app
    sessionAffinity: None
    type: NodePort

And then, GKE Ingress

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
    name: app-ingress
    annotations:
        networking.gke.io/managed-certificates: managed-cert
        kubernetes.io/ingress.class: "gce"
spec:
    defaultBackend:
        service:
            name: erp-loadbalancer
            port:
                number: 80

Things is, ingress does not want to work because backend healthcheck does not pass. If I check health check on gcloud (https://console.cloud.google.com/compute/healthChecks) I have created for http port 80 on / (on this path, app is serving a 200) If I force it to be tcp, then the health check pass. But google automatically switch it back to http, which leads to a 404.

My question here would be: what's wrong in my configuration for my server to be available with an external loadbalancer and not available when using an ingress ? (backend unhealthy state)

Solution

  • ANSWER:

    My page / was sending a 301 redirect to /login.jsp

    301 is not a valid status code for GCP Health checks

    So I changed it and my readinessProb to /login.jsp and that make the whole ingress working fine