Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ingress Healthcheck Configuration #720

Closed
freehan opened this issue May 15, 2017 · 3 comments
Closed

Ingress Healthcheck Configuration #720

freehan opened this issue May 15, 2017 · 3 comments

Comments

@freehan
Copy link
Contributor

freehan commented May 15, 2017

On GCE, ingress controller sets up default healthcheck for backends. The healthcheck will point to the nodeport of backend services on every node. Currently, there is no way to describe detail configuration of healthcheck in ingress. On the other side, each application may want to handle healthcheck differently. To bypass this limitation, on Ingress creation, ingress controller will scan all backend pods and pick the first ReadinessProbe it encounters and configure healthcheck accordingly. However, healthcheck will not be updated if ReadinessProbe was updated. (Refer: #582)

I see 3 options going forward with healthcheck

  1. Expand the Ingress or Service spec to include more configuration for healthcheck. It should include the capabilities provided by major cloud providers, GCP, AWS...

  2. Keep using readiness probe for healthcheck configuration,
    a) Keep today's behavior and communicate clearly regarding the expectation. However, this still breaks the abstraction and declarative nature of k8s.
    b) Let ingress controller watch the backend pods for any updates for ReadinessProbe. This seems expensive and complicated.

  3. Only setup default healthcheck for ingresses. Ingress controller will only ensure the healthcheck exist periodically, but do not care about its detail configuration. User can configure it directly thru the cloud provider.

I am in favor of option 3). There are always more bells and whistles on different cloud providers. The higher layer we go, the more features we can utilize. For L7 LB, there is no clean simple way to describe every intention. So is the case for health check. To ensure a smooth experience, k8s still sets up the basics. For advance use cases, user will have to configure it thru the cloud provider.

Thoughts? @kubernetes/sig-network-misc
@k8s-ci-robot
Copy link
Contributor

@freehan: These labels do not exist in this repository: sig/network.

In response to this:

On GCE, ingress controller sets up default healthcheck for backends. The healthcheck will point to the nodeport of backend services on every node. Currently, there is no way to describe detail configuration of healthcheck in ingress. On the other side, each application may want to handle healthcheck differently. To bypass this limitation, on Ingress creation, ingress controller will scan all backend pods and pick the first ReadinessProbe it encounters and configure healthcheck accordingly. However, healthcheck will not be updated if ReadinessProbe was updated. (Refer: #582)

I see 3 options going forward with healthcheck

  1. Expand the Ingress or Service spec to include more configuration for healthcheck. It should include the capabilities provided by major cloud providers, GCP, AWS...

  2. Keep using readiness probe for healthcheck configuration,
    a) Keep today's behavior and communicate clearly regarding the expectation. However, this still breaks the abstraction and declarative nature of k8s.
    b) Let ingress controller watch the backend pods for any updates for ReadinessProbe. This seems expensive and complicated.

  3. Only setup default healthcheck for ingresses. Ingress controller will only ensure the healthcheck exist periodically, but do not care about its detail configuration. User can configure it directly thru the cloud provider.

I am in favor of option 3). There are always more bells and whistles on different cloud providers. The higher layer we go, the more features we can utilize. For L7 LB, there is no clean simple way to describe every intention. So is the case for health check. To ensure a smooth experience, k8s still sets up the basics. For advance use cases, user will have to configure it thru the cloud provider.

Thoughts? @kubernetes/sig-network-misc

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@tonglil
Copy link
Contributor

tonglil commented Aug 14, 2017

For option 3, is the "default healthcheck" hitting the "default-backend"?

@rporres rporres mentioned this issue Aug 18, 2017
Closed
@michaelbannister michaelbannister mentioned this issue Sep 5, 2017
Closed
@bowei bowei mentioned this issue Oct 11, 2017
Closed
@bowei
Copy link
Member

bowei commented Oct 11, 2017

This issue was moved to kubernetes/ingress-gce#42

@bowei bowei closed this as completed Oct 11, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@nicksardo @bowei @freehan @tonglil @k8s-ci-robot